[ISN] Feds prepare security test

InfoSec News isn at c4i.org
Wed Feb 23 02:08:37 EST 2005


By Florence Olsen 
Feb. 22, 2005

SAN FRANCISCO -- The federal government and several international
partners will hold a cyber preparedness exercise in November, Homeland
Security Department officials said here at the RSA Conference.

Its purpose is to give federal agencies an opportunity to test their
plans for responding to a direct or indirect attack on the computer
networks that control the nation's critical infrastructure such as
power plants and oil pipelines. The exercise will be unclassified, and
the public will be informed, said Hun Kim, deputy director of the
National Cyber Security Division at DHS.

Although the federal government's best cyber experts say they don't
know what kind of attack to expect, they can offer scenarios of what a
cyber winter might be. G. Rick Wilson, special assistant for strategic
policy at the National Security Agency's Information Assurance
Directorate, said he doubts that a cyber winter would be caused by a
massive denial-of-service attack on critical routers and servers. "I
don't think it's going to be loud and noisy," he said.

Instead, Wilson said he suspects that sophisticated intruders would
quietly try to wreak havoc, causing a loss of confidence in the
interconnected system of networks and information systems on which the
nation's economy and security now depends. "Somebody's going to figure
out how to get across a low wall and get on the inside, and they're
not going to go in a chat room and talk about it," Wilson said. "We're
talking about a sophisticated adversary."

Wilson, continuing with his hypothetical scenario, said the adversary
would "remain hidden until something happens, maybe something in the
geopolitical sphere."

Finding a hidden enemy and cleaning up the damage in such a scenario
would be extremely difficult, Wilson said. "You're going to have not
only national security issues; you're going to have privacy issues.  
I'll leave it at that," he said.

More information about the ISN mailing list