[ISN] US Cyber Storm will test NZ's national security

From: InfoSec News (alerts@private)
Date: Tue Feb 27 2007 - 00:22:33 PST


http://computerworld.co.nz/news.nsf/news/1B5EF1BC919B9194CC25728B000A2495

By Stephen Bell 
Auckland
27 February, 2007

New Zealand organisations will find their online defences tested for the 
first time in a huge international cyber-security exercise being 
coordinated by the US Department of Homeland Security next year.

Private and public-sector organisations will be involved in next Marchs 
Cyber Storm II attack simulation, along with organisations in the US, 
Canada, the UK and Australia.

The exercise will simulate, on a private network, a series of hacking 
and cyber-terrorism events attempted via the internet.

Nothing of a dangerous nature will be attempted on live networks, says 
Richard Byfield of the Centre for Critical Infrastructure Protection, 
which will coordinate the local part of the exercise.

The first Cyber Storm simulation took place in March 2006, but New 
Zealands involvement was small, just a table-top exercise, with 
simulations of escalating events being represented on paper. This time, 
there will be an online portal, where scenarios appropriate to our 
national security will be played out, testing the responses and 
inter-communication abilities of government organisations such as CCIP, 
the Defence Force, the Security Intelligence Service and the Polices 
electronic crime lab, as well as private-sector maintainers of vital 
infrastructure such as Telecom and Transpower. Some internet service 
providers are likely to be asked to be involved as well, says Byfield.

As organisations respond to the attacks, the situation will escalate in 
unpredictable ways. Like a fire-drill, there will be an exhaustive check 
after the simulation exercise, to see if the right people and agencies 
were informed at the right time.

Naturally, there is no advance knowledge of exactly what will be 
simulated, but unofficial reports suggest one of the major scenarios 
could involve the chemical industry, says Mike Harmon, who is in charge 
of the exercise for the CCIP.

New Zealand will have some flexibility when it comes to the scenarios it 
chooses to run, to reflect our particular vulnerabilities.

The electricity grid and telecommunications are good things to test in 
New Zealand, says Byfield, because management of the two industries is 
dominated by one company in each sector.

Interruptions to the electricity supply are likely to involve not only 
the core network but also the digital supervisory control and data 
acquisition (Scada) network that overlies and controls electricity 
distribution.

For a long time, Scada been concealed from public view Harmon calls it 
security by obscurity but the networks are now connected via the 
internet, making them more visible and therefore more vulnerable.

A preliminary table-top exercise will be held next month, to prepare for 
the real thing in 2008.

The first Cyber Storm simulation uncovered gaps and stresses in 
communications between agencies, particularly when there were multiple 
threats which demanded concurrent responses.

Management of public information was also identified as critical, and 
will be carefully monitored this time round.

As part of the exercise, authorities have to ensure public information 
is accurate, so as to avoid creating needless panic, says the report 
from the first exercise. Misleading information or deliberate 
disinformation is a risk, particularly in a world of bloggers and other 
independent media sources. Media organisations, particularly those that 
cover ICT, could be asked to play a role in Cyber Storm II, says Harmon. 
Media relations staff from the various agencies involved in the exercise 
will certainly be important participants.

Copyright Fairfax Business Media 


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Tue Feb 27 2007 - 00:37:00 PST