Language Selection

English French German Italian Portuguese Spanish

CIA overseeing 3-day war game on Internet

Filed under
Web

The CIA is conducting a war game this week to simulate an unprecedented, Sept. 11-like electronic assault against the United States. The three-day exercise, known as "Silent Horizon," is meant to test the ability of government and industry to respond to escalating Internet disruptions over many months, according to participants.

They spoke on condition of anonymity because the CIA asked them not to disclose details of the sensitive exercise taking place in Charlottesville, Va., about two hours southwest of Washington.

The simulated attacks were carried out five years in the future by a fictional new alliance of anti-American organizations that included anti-globalization hackers. The most serious damage was expected to be inflicted in the closing hours of the war game Thursday.

The national security simulation was significant because its premise - a devastating cyberattack that affects government and parts of the economy on the scale of the 2001 suicide hijackings - contradicts assurances by U.S. counterterrorism experts that such effects from a cyberattack are highly unlikely.

"You hear less and less about the digital Pearl Harbor," said Dennis McGrath, who has helped run three similar exercises for the Institute for Security Technology Studies at Dartmouth College. "What people call cyberterrorism, it's just not at the top of the list."

The CIA's little-known Information Operations Center, which evaluates threats to U.S. computer systems from foreign governments, criminal organizations and hackers, was running the war game. About 75 people, mostly from the CIA, along with other current and former U.S. officials, gathered in conference rooms and pretended to react to signs of mock computer attacks.

The government remains most concerned about terrorists using explosions, radiation and biological threats. FBI Director Robert Mueller warned earlier this year that terrorists increasingly are recruiting computer scientists but said most hackers "do not have the resources or motivation to attack the U.S. critical information infrastructures."

The government's most recent intelligence assessment of future threats through the year 2020 said cyberattacks are expected but terrorists "will continue to primarily employ conventional weapons." Authorities have expressed concerns about terrorists combining physical attacks such as bombings with hacker attacks to disrupt rescue efforts, known as hybrid or "swarming" attacks.

"One of the things the intelligence community was accused of was a lack of imagination," said Dorothy Denning of the Naval Postgraduate School, an expert on Internet threats who was invited by the CIA to participate but declined. "You want to think about not just what you think may affect you but about scenarios that might seem unlikely."

An earlier cyberterrorism exercise called "Livewire" for the Homeland Security Department and other federal agencies concluded there were serious questions over government's role during a cyberattack depending on who was identified as the culprit - terrorists, a foreign government or bored teenagers.

It also questioned whether the U.S. government would be able to detect the early stages of such an attack without significant help from private technology companies.

Associated Press

More in Tux Machines

Mastodon 2.0

About 6 months have passed since April, during which the major mainstream breakthrough of our decentralized social network took place. From 20,000 users to almost a million! What better time to run through a couple examples of what’s been introduced since then? Mastodon is defined by its focus on good user experience, polished design and superior anti-abuse tools. In that vein, the web app has received numerous updates. Using the latest browser features, the web app receives real push notifications, making it almost indistinguishable from a native mobile app. It works faster and looks smoother thanks to many performance and design improvements. Read more

Red Hat: Satellite, OpenShift, Government, SoftBank

  • A Red Hat Satellite tutorial to install an update server
    Is server patch management the best part of your job? Stop reading here. Many IT organizations struggle with OS patching processes. For Red Hat administrators who are willing to invest some initial energy to simplify later tasks, Satellite provides infrastructure lifecycle management, including capabilities for provisioning, reporting and configuration management. To this end, follow this Red Hat Satellite tutorial to set up a simple server for updates. Once we review how to install the basic update server, we'll create one example client.
  • Red Hat updates Gluster storage for OpenShift container apps
    Red Hat bolstered Gluster storage for its OpenShift Container Platform, adding iSCSI block and S3 object interfaces, as well as greater persistent volume density.
  • Red Hat to Cover Open Source Collaboration at Gov’t Symposium; Paul Smith Comments
    Red Hat (NYSE: RHT) is set to hold its annual symposium on federal information technology on Nov. 9 where the company will host discussions on open source collaboration and its potential benefits for government, GovCon Executive reported Oct. 11.
  • Red Hat’s Container Technologies and Knowledge Were Chosen by SoftBank to Embrace DevOps
    Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced that several of Red Hat’s open source technologies, including Red Hat OpenShift Container Platform, as well as the knowledge of Red Hat Consulting, were chosen by SoftBank Corp (“SoftBank”), a subsidiary of SoftBank Group Corp., to implement DevOps methodology for its Service Platform Division, IT Service Development Division, Information Technology Unit, and Technology Unit, the company’s in-house IT organization. This large, varied organization develops, maintains and operates SoftBank’s IT systems for internal work and operations, supporting 600 diverse systems.
  • Form 4 RED HAT INC For: Oct 17 Filed by: Kelly Michael A
  • Taking a Fresh Look at Red Hat, Inc. (RHT)

Security: Google Play, WPA2, FERC, HackerOne

  • 8 'Minecraft' apps infected with Sockbot malware on Google Play found adding devices to botnet

    Security researchers have discovered that at least eight malware-laced apps on Google Play Store are ensnaring devices to a botnet to potentially carry out distributed denial-of-service (DDoS) and other malicious attacks. These apps claimed to provide skins to tweak the look of characters in the popular Minecraft: Pocket Edition game and have been downloaded as many as 2.6 million times.

  • KRACK Vulnerability: What You Need To Know
    This week security researchers announced a newly discovered vulnerability dubbed KRACK, which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. This is a bad vulnerability in that it likely affects billions of devices, many of which are hard to patch and will remain vulnerable for a long time. Yet in light of the sometimes overblown media coverage, it’s important to keep the impact of KRACK in perspective: KRACK does not affect HTTPS traffic, and KRACK’s discovery does not mean all Wi-Fi networks are under attack. For most people, the sanest thing to do is simply continue using wireless Internet access.
  • FERC sets rules to protect grid from malware spread through laptops
    The Federal Energy Regulatory Commission on Thursday proposed new mandatory cybersecurity controls to protect the utility system from the threat posed by laptops and other mobile devices that could spread malicious software. The standards are meant to "further enhance the reliability and resilience of the nation's bulk electric system" by preventing malware from infecting utility networks and bringing down the power grid, according to the nation's grid regulator.
  • Hack These Apps And Earn $1,000 — Bug Bounty Program Launched By Google And HackerOne
  • Security Vulnerability Puts Linux Kernel at Risk

Smartphone Waste and Tizen News