Cyber Storm exercise challenged coordination, communications
- By Patience Wait
- Sep 15, 2006
Cyber Storm, the multilayered cyberattack exercise mounted by the Homeland Security Department in February, highlighted gaps and shortcomings in response planning at all levels of government, but also demonstrated agencies' willingness to try solutions on the fly, according to a report released this week by DHS.
The Cyber Storm Exercise Report
found that organizations under cyberattack'whether government agencies or private-sector enterprises'had a hard time understanding the big picture, instead treating most incidents as 'individual and discrete.'
In the Cyber Storm scenario, three primary sectors were targeted'energy, transportation and IT'with telecommunications as an ancillary target. As events cascaded and amplified across these sectors, organizations struggled to continue coordinating responses to the cyberattacks as their frequency and targets expanded.
For instance, the U.S. Computer Emergency Readiness Team, which served as a clearinghouse for much of the attack information, 'found that the sheer volume of information constrained their ability to simultaneously provide situational awareness coordination and conduct second-order technical analysis,' the report stated.
The use of classified information and classified networks makes it more difficult to coordinate among agencies, and between government and the private sector, the report found.
'Greater public-private sector collaboration could be achieved if the private sector was afforded robust connectivity to, or interaction with, the [National Cyber Response Coordination Group] during major incidents such as ' Cyber Storm,' the report found.
The report identified several key achievements in the exercise, including the first-time testing of the full range of cyber-related response policy, doctrine and communications methods that would be needed in a real-world crisis. The exercise established a number of public-private relationships that will be invaluable in responding to cross-sector incidents, DHS concluded.