US networks to weather Cyber Storm III

28 Sep 2010

A major cyber security exercise is set to assess the vulnerability of US vital services and gauge how susceptible they are for attack.

A three-day long exercise will bring together a diverse cross-section of the nation’s cyber incident responders to assess US cyber response capabilities and boost preparedness with mock attacks on their most important networks.

Known as ‘Cyber Storm III’, the department of homeland security (DHS) says it will be the first major exercise testing the country’s new national cyber security and communications integration centre (NCCIC).

“Cyber Storm III is an exercise scenario that simulates a large-scale cyber attack on critical infrastructure across the nation. The goal of the exercise is to examine and strengthen collective cyber preparedness and response capabilities, involving thousands of participants across government and industry,” DHS secretary Janet Napolitano said in a statement.

Securing the infrastructure

“Securing America’s cyber infrastructure requires close co-ordination with our federal, state, international and private sector partners,” said Napolitano.

“Exercises like Cyber Storm III allow us build upon the significant progress we’ve made in responding to evolving cyber threats,” she added.

The DHS says it will exercise elements of the recently developed national cyber incident response plan (NCIRP), which claims cyber related incidents can take many forms.

“A cyber-related incident of national significance may take many forms: an organised cyber attack, an uncontrolled exploit such as a virus of worm, a natural disaster with significant cyber consequences, or other incidents capable of causing extensive damage to critical infrastructure or key assets.”

Cyber Storm III is expected to test the following departments with mock attacks – commerce, defence, energy, homeland security, justice, transportation and treasury, in addition to the White House and representatives from the intelligence and law enforcement communities, as well as receiving c-ooperation from 12 international partners: – Australia, Canada, France, Germany, Hungary, Italy, Japan, the Netherlands, New Zealand, Sweden, Switzerland, and the United Kingdom.

The mock attacks will only result in simulated harm without having actual effect on any network.

The announcement by the DHS comes on the back of a recent cyber attack on Iran’s first nuclear power plant, where a sophisticated computer worm, designed to disrupt power grids and other industrial facilities using SCADA systems, infiltrated its systems.