The CIA is conducting a secretive war game, dubbed “Silent Horizon,” this week to practice defending against an electronic assault on the same scale as the September 11 attacks.
The three-day exercise was meant to test the ability of government and industry to respond to escalating Internet disruptions over many months, according to participants. They spoke on the condition of anonymity because the CIA asked them not to disclose details of the sensitive exercise taking place in Charlottesville.
The simulated attacks were carried out five years in the future by a fictional alliance of anti-American organizations, including anti-globalization hackers. The most serious damage was expected to be inflicted in the war game’s closing hours.
The national security simulation was significant because its premise — a devastating cyberattack that affects government and parts of the economy with the same magnitude as the September 11 suicide hijackings — contravenes assurances by U.S. counterterrorism experts that such far-reaching effects from a cyberattack are highly unlikely. Previous government simulations have modeled damage from cyberattacks more narrowly.
“You hear less and less about the digital Pearl Harbor,” said Dennis McGrath, who helped run three similar war games for the Institute for Security Technology Studies at Dartmouth College. “What people call cyberterrorism, it’s just not at the top of the list.”
The CIA’s little-known Information Operations Center, which evaluates threats to U.S. computer systems from foreign governments, criminal organizations and hackers, was running the war game. About 75 people, mostly from the CIA, gathered in conference rooms and reacted to signs of mock computer attacks.
The government remains most concerned about terrorists using explosions, radiation and biological threats. FBI Director Robert S. Mueller III warned earlier this year that terrorists increasingly are recruiting computer scientists but said most hackers “do not have the resources or motivation to attack the U.S. critical information infrastructures.”