t byfield on Sun, 20 Aug 2006 16:54:43 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> more on USG simulation attack by nettime


Last February I pointed out the USG's simulation of, basically, nettime
and a bunch of bloggers attacking Our Precious Bodily Fluids:

     http://www.nettime.org/Lists-Archives/nettime-l-0602/msg00029.html

There's more! Kevin Poulsen picks up on it for WiReD:

     < http://blog.wired.com/27BStroke6/index.blog?entry_id=1539952 >

     Last February the Department of Homeland Security
     oversaw a large-scale international cyber terror
     simulation involving 115 public and private
     organizations in the U.S., Canada, Britain,
     Australia, and New Zealand, all testing their
     ability to coordinate with one another and respond
     to computer-driven attacks. It was called Cyber
     Storm.

     Nobody's said much about the results, or the
     details of the exercise scenario. But a
     newly-published DHS PowerPoint presentation on the
     exercise reveals that the real terrorist threat in
     cyber space isn't from obvious suspects like al
     Qaida types or Connecticut voters; it's from
     anti-globalization radicals and peace activists.

     The attack scenario detailed in the presentation
     is a meticulously plotted parade of cyber
     horribles led by a "well financed" band of leftist
     radicals who object to U.S. imperialism, aided by
     sympathetic independent actors.

     At the top of the pyramid is the Worldwide
     Anti-Globalization Alliance, which sets things off
     by calling for cyber sit-ins and denial-of-service
     attacks against U.S. interests. WAGA's radical
     arm, the villainous Black Hood Society, ratchets
     up the tension on day one by probing SCADA
     computerized control systems and military
     networks, eventually (spoiler warning) claiming
     responsibility for a commuter rail outage and the
     heat going out in government buildings.

     The Black Hoods are a faction of Freedom Not
     Bombs, whose name is suspiciously similar to the
     real Food Not Bombs,[1] which provides vegan meals to
     the homeless.

          [1] http://www.foodnotbombs.net/

     Another allied lefty-group called the Peoples Pact
     joins in, crashing portions of the power grid.
     Things get confusing when the "Tricky Trio," three
     evil hax0rs who are 50 percent more devious than
     the Deceptive Duo,[2] hacks the FAA, issues false
     Amber Alerts, and manipulates the communications
     system of the U.S. Northern Command.

          [2] http://www.securityfocus.com/news/414

     Then someone posts the No-Fly List to a public
     website (third act shocker: it's all nuns and
     Massachusetts Democrats), and opportunistic cyber
     thieves raid a medical database looking for
     identity theft targets. Logic bombs explode,
     wireless communications devices are corrupted, DNS
     caches are poisoned.

     And on it goes, with over 800 scenario "injects"
     over four action-packed days.

     Apparently, no computers were harmed in the making
     of Cyber Storm. "There were no actual attacks on
     live networks, no Red Team," the presentation
     notes. "Players reacted to situation and incident
     reports according to their regular/normal SOPs."
     So it was more of a paper exercise. A referee
     points at someone and yells, "You! Your website is
     defaced. What do you do?" -- and the organization
     responds accordingly.

     According to the presentation, there were over 300
     players in the war game, generating more than
     21,000 e-mail messages. Among the commonsense
     lessons learned: "Communication paths, methods,
     means and protocols must be solidified in advance
     of crisis/incident response" and "Cooperation must
     include ability to link into or share info in all
     streams: e.g., Cyber, Physical, (Law Enforcement),
     Intelligence."

     The scenario is nicely laid out, and perhaps
     technically plausible -- some of the incidents are
     ripped from the headlines, kind of. And I'm
     frankly glad to see al Qaida wasn't behind it all,
     since it seems unlikely that real terrorist groups
     will ever move to computer attacks, while physical
     destruction and murder is easier and more
     terror-producing.

     But does the administration really see the far
     left as potential cyber terrorists ready to take
     down the power grid and air traffic control
     systems? This might explain why the U.S. keeps
     getting caught spying on peaceful war-protestors.

     Marked "For Official Use Only," the PowerPoint
     deck became public when government transparency
     purist John Young posted it on his website,
     Cryptome,[3] this week. I couldn't open it, but I
     located what appears to be the original on the
     website of the New York branch of the ISSA, a
     security organization, from a briefing given them
     last June 21.

          [3] http://www.cryptome.org/

A blogger, 'Digby,' elaborates:

     http://digbysblog.blogspot.com/2006_08_01_digbysblog_archive.html#115579476831601893

Cheers,
T


#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net