Language Selection

English French German Italian Portuguese Spanish

CIA overseeing 3-day war game on Internet

Filed under
Web

The CIA is conducting a war game this week to simulate an unprecedented, Sept. 11-like electronic assault against the United States. The three-day exercise, known as "Silent Horizon," is meant to test the ability of government and industry to respond to escalating Internet disruptions over many months, according to participants.

They spoke on condition of anonymity because the CIA asked them not to disclose details of the sensitive exercise taking place in Charlottesville, Va., about two hours southwest of Washington.

The simulated attacks were carried out five years in the future by a fictional new alliance of anti-American organizations that included anti-globalization hackers. The most serious damage was expected to be inflicted in the closing hours of the war game Thursday.

The national security simulation was significant because its premise - a devastating cyberattack that affects government and parts of the economy on the scale of the 2001 suicide hijackings - contradicts assurances by U.S. counterterrorism experts that such effects from a cyberattack are highly unlikely.

"You hear less and less about the digital Pearl Harbor," said Dennis McGrath, who has helped run three similar exercises for the Institute for Security Technology Studies at Dartmouth College. "What people call cyberterrorism, it's just not at the top of the list."

The CIA's little-known Information Operations Center, which evaluates threats to U.S. computer systems from foreign governments, criminal organizations and hackers, was running the war game. About 75 people, mostly from the CIA, along with other current and former U.S. officials, gathered in conference rooms and pretended to react to signs of mock computer attacks.

The government remains most concerned about terrorists using explosions, radiation and biological threats. FBI Director Robert Mueller warned earlier this year that terrorists increasingly are recruiting computer scientists but said most hackers "do not have the resources or motivation to attack the U.S. critical information infrastructures."

The government's most recent intelligence assessment of future threats through the year 2020 said cyberattacks are expected but terrorists "will continue to primarily employ conventional weapons." Authorities have expressed concerns about terrorists combining physical attacks such as bombings with hacker attacks to disrupt rescue efforts, known as hybrid or "swarming" attacks.

"One of the things the intelligence community was accused of was a lack of imagination," said Dorothy Denning of the Naval Postgraduate School, an expert on Internet threats who was invited by the CIA to participate but declined. "You want to think about not just what you think may affect you but about scenarios that might seem unlikely."

An earlier cyberterrorism exercise called "Livewire" for the Homeland Security Department and other federal agencies concluded there were serious questions over government's role during a cyberattack depending on who was identified as the culprit - terrorists, a foreign government or bored teenagers.

It also questioned whether the U.S. government would be able to detect the early stages of such an attack without significant help from private technology companies.

Associated Press

More in Tux Machines

Porteus Kiosk 4.0 Modular Linux Web Kiosk Released, Drops Chrome 32-bit Support

Porteus Solutions' Tomasz Jokiel announced on May 30, 2016, the release of the final Porteus Kiosk 4.0.0 Web Kiosk operating system based on the latest GNU/Linux technologies and open-source software. Porteus Kiosk 4.0.0 comes three months after the release of the last maintenance build in the Porteus Kiosk 3.x series, introducing numerous new features and improvements. But first, let's take a quick look under the hood, as the OS is now powered by Linux kernel 4.4.11 LTS (Long Term Support), and it's based on the Mozilla Firefox 45.1.1 ESR and Google Chrome 50.0.2661.102 web browsers. Read more

Fresh 10-Way GeForce Linux Benchmarks With The NVIDIA 367.18 Driver

In prepping for our forthcoming GeForce GTX 1070 and GTX 1080 Linux benchmarking, I've been running fresh rounds of benchmarks on my large assortment of GPUs, beginning with the GeForce hardware supported by the NVIDIA 367.18 beta driver. Here are the first of those benchmarks with the ten Maxwell/Kepler GPUs I've tested thus far. Earlier this month I posted the With Pascal Ahead, A 16-Way Recap From NVIDIA's 9800 GTX To Maxwell but in still waiting for my GTX 1070/1080 samples to arrive, I've restarted all of those tests now using the newer 367.18 driver as well as incorporating some extra tests like the recently released F1 2015 for Linux, not having done any SHOC OpenCL tests in a while, etc. Read more

Arch Linux-Based ArchAssault Ethical Hacking Distro Changes Name to ArchStrike

The team over at ArchAssault, a GNU/Linux operating system based on the famous Arch Linux distro and designed for ethical hackers, announced a few minutes ago on their Twitter account that they are changing the OS' name to ArchStrike. Designed from the ground up as a security layer to Arch Linux, the ArchAssault project provides security researchers and hackers with one of the most powerful open source and totally free Linux kernel-based operating system for penetration testing and security auditing operations. Read more

Systemd change has Linux users up in arms

A change in the most recent version of systemd, the init system that has been recently adopted by many GNU/Linux distributions, has users up in arms. The change, announced a few days ago, kills background processes by default when a user logs out, the opposite of the behaviour that was exhibited earlier. This would cause problems for users, for example, of terminal multiplexers like screen and tmux as they would be unable to return to a process once they have logged out. If a server admin had a bunch of scripts that logged into a server, then started a process using screen and logged out, the process would be killed. This is a fairly common thing that many admins do. Read more