http://www.thenewnewinternet.com/2010/02/16/more-must-be-done-to-prepare-us-for-cyber-attack/ and http://www.darkreading.com/security/cybercrime/showArticle.jhtml?articleID=222900775&cid=nl_DR_DAILY_2010-02-18_h
Yesterday, former members of the Government participated in a Cyber Security Game called Operation CyberShockwave, which was a test of how well the US Government would handle a cyber-attack. The results? We failed miserably. There’s more work that needs to be done.
The scenario was an application that people downloaded to their Smartphones for “March Madness” was actually a malware program. In “July, 2011” (the simulated event date), the attacker activates the malware and the phones stop working. At some point in time during this, IED’s are detonated, which take out parts of the power grid on the Eastern Seaboard.
Between Power Grid failures, the Electronic Trading Commission being taken down, and the Internet (and smartphones) being taken down, it’s a mess. So, how did our “Government” do? They figured out that the server hosting the malware was in Russia, and possibly that the developer was from Sudan. That’s about as far as we know.
What does all of this mean? Well, if you’re Amish, not much. But for the rest of us, it means that our Government (and the Private Sector—that’s YOU AND ME, folks) need to come up with a comprehensive plan for dealing with these attacks. There needs to be a clear-cut determination for when the attack begins (and the Government should start acting) and when it ends (and they should stop). And there needs to be a clear-cut determination as to whether the Government needs to step in at all.
Some issues that were raised in the simulation are these:
- We know the malware is being hosted on a server in a foreign country. Can we have that Government shut the server down? If so, do we have to reciprocate if they’re being attacked by malware on a US server?
- Should the Department Of Defense take the lead in combating the attack? If so, how do they coordinate with the Private Sector (who is obviously taking their own steps to combat it and discover the source)?
- Would this be an instance where President Obama’s plan to take control of the cyber networks should be implemented? If so, how long should they maintain control? Should they work with the Private Sector, or basically push them aside? Will the Public be notified of this and kept up to speed on what’s going on (or will they be kept in the dark “for their own good.”)?
This is not an issue of whether or not we could actually combat the attack. It’s my belief that amongst the 300 million people in this country, someone (or some group) would be able to find the source. They may even be able to shut it down. The issue is whether the Government would work with the Private Sector (and the public in general) to combat this. And how would the Government mobilize on their end?
So for the Government, you have some work ahead of you. One thing to take into consideration is that we have some of the brightest “Hackers” living in our country. We also have experts in the Private Sector and in the Educational Sector, who could prove extremely valuable in an attack. One issue that you’ll face is some of these people will not like (nor want) to work with you. They’re distrustful of you, and would be afraid that after the attack is finished, you’ll turn your “eye” to them. So, you need to work on that problem as well.
The clock is ticking. And the world is watching (or at least the “Online world”). And as much as I hate saying it, the majority of Americans aren’t informed enough to avoid the pre-cursors for such an attack. So, it’s up to you to make sure we’re protected.
Have a great day:)