Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Mock Cyber Attack Shows US Unpreparedness

timothy posted more than 4 years ago | from the sir-we've-lost-amazon dept.

The Military 148

An anonymous reader writes with word that the outcome of the large-scale cyberattack simulation promised a few days ago isn't too rosy. From the Help Net Security article: "During the simulated cyber attack that took place yesterday in Washington and was recorded by CNN, one thing became clear: the US are still not ready to deflect or mitigate such an attack to an extent that would not affect considerably the everyday life of its citizens. The ballroom of the Washington's Mandarin Oriental Hotel was for this event transformed into the White House Situation Room, complete with three video screens displaying maps of the country, simulated updates and broadcasts by 'GNN,' an imaginary television network 'covering' the crisis."

Sorry! There are no comments related to the filter you selected.

hmm (4, Funny)

Pojut (1027544) | more than 4 years ago | (#31175606)

simulated updates and broadcasts by 'GNN,' an imaginary television network 'covering' the crisis.

Gotham News Network?

Re:hmm (1)

0racle (667029) | more than 4 years ago | (#31175632)

Well, the town did need an enema.

Re:hmm (-1, Offtopic)

ShieldW0lf (601553) | more than 4 years ago | (#31176206)

I'd say it's time for the US to stop relying on Shock and Awe Terrorism and be a good neighbour for a change, but that wouldn't be true. It's too late for that.

Re:hmm (1, Flamebait)

Obfuscant (592200) | more than 4 years ago | (#31176918)

I'd say it's time for the US to stop relying on Shock and Awe Terrorism and be a good neighbour for a change, but that wouldn't be true.

That's right, it wouldn't be true. The US has been a good neighbor since it formed.

If you don't think so, the taxpayers here would surely appreciate you all returning the billions of dollars in foreign aid that we've been handing out for generations. It seems a mite hypocritical to complain about the lack of "neighborliness" of the US while holding your hands out for the money and other aid we dish out.

I should have just modded you flamebait or troll, but I couldn't let your nonsense stand uncontested.

Re:hmm (0, Offtopic)

TubeSteak (669689) | more than 4 years ago | (#31177352)

If you don't think so, the taxpayers here would surely appreciate you all returning the billions of dollars in foreign aid that we've been handing out for generations. It seems a mite hypocritical to complain about the lack of "neighborliness" of the US while holding your hands out for the money and other aid we dish out.

US foreign aid dollars are mostly a quid-pro-quo or negotiating tool.
We certainly don't do it out of the goodness of our hearts.

Re:hmm (4, Insightful)

Obfuscant (592200) | more than 4 years ago | (#31177656)

US foreign aid dollars are mostly a quid-pro-quo or negotiating tool.

Yeah, because we get SO much back from our investments in third world countries. Mostly it's "stop attacking your neighbors and we'll give you more food and money", neither of which gets where it's supposed to go because the rulers are pocketing it.

We certainly don't do it out of the goodness of our hearts.

Considering that we don't have to do it at all, don't look the gift horse in the mouth. And then let's talk about the billions in private charity in addition to the billions in taxpayer provided charity, all of which is "goodness of our hearts."

Re:hmm (0, Offtopic)

orient (535927) | more than 4 years ago | (#31177728)

How does the foreign aid compare to the money made (stolen?) after invading sovereign countries and imposing humiliating trade "agreements"? 1:100? Less?

Re:hmm (4, Funny)

e2d2 (115622) | more than 4 years ago | (#31175692)

Galaxy News Network, with Three Dog HOOOOWWWWWL.

Re:hmm (1)

G2GAlone (1600001) | more than 4 years ago | (#31175782)

They said cyber-attack, not an apocalypse :-D

Re:hmm (1)

camperdave (969942) | more than 4 years ago | (#31176396)

They said cyber-attack, not an apocalypse :-D

Cyber - Cerber [wikipedia.org] Easy mistake to make.

Re:hmm (1)

kipd (1593207) | more than 4 years ago | (#31176840)

Same thing to me!

Re:hmm (1)

mhajicek (1582795) | more than 4 years ago | (#31175888)

What was that? Your signal was a bit weak...

Re:hmm (1)

bsDaemon (87307) | more than 4 years ago | (#31175770)

Or, a nod to some future Google cable news channel, referenced by NSA employees "in the know" when they were writing the scenario? Hmm...

Re:hmm (2, Funny)

Anonymous Coward | more than 4 years ago | (#31175996)

Google News Network? Yes, what about it?

Oups, you guys are from 2010... I said too much already.

Or worse (1)

twoallbeefpatties (615632) | more than 4 years ago | (#31175874)

If they were being attacked by spammers and DDOSers, they might have been getting coverage from GNAA.

Re:hmm (1)

grahamsaa (1287732) | more than 4 years ago | (#31175998)

Guerrilla News Network

I'm Not Worried (2, Funny)

RobotRunAmok (595286) | more than 4 years ago | (#31176024)

Nobody who does anything remotely important or meaningful with computers would ever use the prefix "cyber" in any shape or form. It's clearly just some misdirection being carried out by a D.C. PR/Marketing firm retained by the DoD to keep the Chinese off-balance.

Re:I'm Not Worried (1)

rubycodez (864176) | more than 4 years ago | (#31178176)

I'm a former CDC Cyber 170/875 and 175 programmer, you insensitive clod.

Re:hmm (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31177214)

Well, at least it wasn't the GNAANN...

Oh - of course its not (2, Interesting)

Monkeedude1212 (1560403) | more than 4 years ago | (#31175628)

This way - the demonstration shows that they need to implement more "Security Features" that encroach upon the rights and freedoms of the average American.

Re:Oh - of course its not (3, Insightful)

TheKidWho (705796) | more than 4 years ago | (#31175658)

Or maybe they're actually not prepared for a cyberattack?

Nono, the man is trying to stick it to us obviously.

Re:Oh - of course its not (3, Insightful)

BobMcD (601576) | more than 4 years ago | (#31175760)

Why not both?

Re:Oh - of course its not (4, Insightful)

Monkeedude1212 (1560403) | more than 4 years ago | (#31175788)

There's a lot of things they aren't prepared for. They beef up airline security while neglecting the security of pipelines in Iraq and Iran. They worry about polution but don't stop the corporations from doing so.

I'm not saying that they aren't NOT prepared - just that this is going to be abused beyond all recognition. Like how they weren't prepared for a terrorist attack and now I can't bring more than a litre of liquids onto a plane. However - none of that stops guys from setting off bombs in their pants.

Re:Oh - of course its not (1)

vxice (1690200) | more than 4 years ago | (#31176408)

I thought it was much less than a liter that you could bring one. Wasnt it like 3oz. Also in the USA today they talked about a plan to deploy portable bomb detectors in the terminal to randomly screen passengers.

Re:Oh - of course its not (1)

Mashdar (876825) | more than 4 years ago | (#31176426)

Rules don't stop people from setting off bombs in their pants. People stop people from setting off bombs in their pants.

Re:Oh - of course its not (1)

maxume (22995) | more than 4 years ago | (#31176460)

Yeah, the U.S. really hasn't lived up to its commitment to secure Iranian energy infrastructure.

Re:Oh - of course its not (2, Funny)

RichardJenkins (1362463) | more than 4 years ago | (#31176532)

none of that stops guys from setting off bombs in their pants.

Guy at work does this all the time, it's disgusting. Oh, wait...

Re:Oh - of course its not (3, Interesting)

bill_mcgonigle (4333) | more than 4 years ago | (#31175844)

Or maybe they're actually not prepared for a cyberattack?

Or maybe it's not possible for the government to defend against a well-planned cyberattack without also giving the government the ability to shut off arbitrary Internet connections? And that would be bad, m'kay?

We have good network operators. They can handle this.

If the government really wants to help, why don't I ever hear any PSA's about turning on your software updates and not being conned by 'Click here to see kittens and get money' spam? Why don't they pay Microsoft to develop a yum/apt-like update mechanism for their OS (that 3rd parties can access)? The other articles said 80% of attacks last year are from people using old versions of Acrobat - that's a solved problem in computing.

Re:Oh - of course its not (5, Funny)

Arthur Grumbine (1086397) | more than 4 years ago | (#31176458)

I found this on floor after you left. Do you need it? ---> </i>

Re:Oh - of course its not (4, Funny)

Anonymous Coward | more than 4 years ago | (#31176704)

I found this on the floor after you left. Do you need it? --> the

(Couldn't resist.)

Re:Oh - of course its not (2)

poetmatt (793785) | more than 4 years ago | (#31176142)

you missed it. Not prepared for a previously announced cyberattack.

Re:Oh - of course its not (1)

drachenstern (160456) | more than 4 years ago | (#31176148)

Obviously... Someone ask the GP if he donned his tinfoil hat...

I'm curious if we can get a play-by-play of what happened during the day, rather than just a report of after the fact. Surely it wouldn't help the bad guys that much, would it? I'm curious how they determined that they're unable to respond quickly or correctly enough. The article posted seems to indicate this was as much a think-game as it was an actual exercise.

I should think actual panic would induce the cell-networks and governors (amongst other groups) to actually concede the control they may not otherwise concede, especially when it's a wargame and the parties involved aren't the real parties.

Re:Oh - of course its not (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#31176284)

Obviously... Someone ask the GP if he donned his tinfoil hat...

Don't be ridiculous, thats to keep the aliens out of my head. The government uses the fillings in my teeth as a radio transmitter for my thoughts.I lined my ski mask with Lead.

I should think actual panic would induce the cell-networks and governors (amongst other groups) to actually concede the control they may not otherwise concede, especially when it's a wargame and the parties involved aren't the real parties.

Yeah - After actually reading the article, it seems like it isn't to suggest that we aren't technically secure - more that the structure of power isn't secure. However, I'm sure in an actual scenario, people would concede control, and if not, other people might step over their bounds if they understood it as a real emergency. If the attack is imminent I highly doubt Verizon wouldn't give control to the Military in the interest of national security.

Re:Oh - of course its not (1)

drachenstern (160456) | more than 4 years ago | (#31177472)

I tend to think of it not as "if an attack were imminent" but rather "if the country was being seiged or invaded". We're constantly under threat of imminent attacks of all sorts, this is why we have standing army, police and others. But I know what you mean.

As for the fillings, that only works for them if you have lead fillings, no? ;)

Re:Oh - of course its not (1)

mcgrew (92797) | more than 4 years ago | (#31176172)

Or maybe they're actually not prepared for a cyberattack?

They never saw Die Hard IV? Sheesh...

Re:Oh - of course its not (0)

Anonymous Coward | more than 4 years ago | (#31176488)

Bingo. That's all it was, an attempt to convince us all of the importance of handing the federal government the keys to all internet activity in the name of "security". If you feel safer now because of the TSA, you're going to love our new, improved, secured intarwebz!

Re:Oh - of course its not (1)

elrous0 (869638) | more than 4 years ago | (#31176512)

Of course, it was organized by a bunch of Bush neocons. But its primary purpose was to make Obama look weak on security, so every moron in America will piss their pants in fear and check "R" on the ballot in the next election.

I personally prefer to get my news (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31175646)

from the GNAA.

Ree Tar Did (0)

Anonymous Coward | more than 4 years ago | (#31175704)

Well, it's good "the CNN" was able to cover it.

Re:Ree Tar Did (1)

jeffmeden (135043) | more than 4 years ago | (#31175992)

But Which CNN was it? Ted Turner's? Rupert Murdoch's? Bill Gates'ss? How will I know the appropriate de-spin to apply to turn the report back into reasonable information?

Admin password (1)

Deflagro (187160) | more than 4 years ago | (#31175712)

Did they change the admin password on the NT boxes they use yet? Doesn't the gov't have an I/T czar or something now? Good job sir.

Re:Admin password (1)

AP31R0N (723649) | more than 4 years ago | (#31176394)

The opposite of progress would be regress.

The con means 'with' or 'together'. Not against.

Cute joke though, bro.

Re:Admin password (0)

Anonymous Coward | more than 4 years ago | (#31176706)

The missile launch code was changed from "0000" to "00000", making it ten times more difficult to guess.

Hey what do you know! (3, Insightful)

Anonymous Coward | more than 4 years ago | (#31175720)

Another reason to take more of our civil liberties in the name of 'national security'

Meh, more likely.. (1)

msimm (580077) | more than 4 years ago | (#31177290)

More likely big, pointless hardware and software purchases. If you know anyone who works in government the words marginally competent might be a flattering way to describe their business processes. As the professional IT person in my family I find myself regularly horrified by civilian-army family members describing their IT departments (and generally working environment). Did you know ex-military applicants take priority over more qualified non ex-military applicants? And that's not even touching on the rampant nepotism, sheltered career incompetence and general disdain and misunderstanding of the importance of proper training of information technology staff. Of course on the plus side, it probably makes for greater freedom.

I hate to say but this is where your money is (0)

Anonymous Coward | more than 4 years ago | (#31175776)

GOING!

I'm not surprised (0)

Anonymous Coward | more than 4 years ago | (#31175856)

Seeing all of the politics inside several government agencies, including DOI, EPA, and a few others, it's not unreasonable to see Facebook and the like not being blocked. Too many self-important people working in these places, and since IT is outsourced, no one in IT has the authority to shut down this kind of non-sense.

Why. (1)

SlashDev (627697) | more than 4 years ago | (#31175906)

.. would the U.S. Government release results of an attack simulation is beyond me....

Re:Why. (2, Insightful)

megamerican (1073936) | more than 4 years ago | (#31175960)

So when they launch a false flag attack on the internet in order to shut it down and censor it they can have a report and say, "See, we told you!"

Re:Why. (2, Interesting)

phantomfive (622387) | more than 4 years ago | (#31176588)

I used to think there were two groups of paranoid-insane people in the US, those who believe that 'they' were manipulating people in high places to confirm that Obama was born in the US, and those who believe that 'they' were behind the 9/11 attack.

Now I think there is only one group of insane-paranoid people, the ones who believe in 'they.'

Re:Why. (2, Funny)

Chyeld (713439) | more than 4 years ago | (#31176832)

They want you to think that, yes they do.

Re:Why. (0)

Anonymous Coward | more than 4 years ago | (#31176950)

let me point this out to you. Nearly every country on the planet has an intelligence service, whose sole purpose is manipulation, subterfuge, and conspiracy.

why is it hard to believe that in order to gain more control they would use the same tactics?

just saying, there are people out there and actually whole groups of people that are extremely skilled in doing exactly that kind of thing. So I won't say it's not possible. I can't take anything at face value and I must ask for more information before I blindly make a judgment. This is called critical thinking.

Re:Why. (2, Informative)

phantomfive (622387) | more than 4 years ago | (#31177160)

Yeah, but these people aren't faceless, they aren't nameless. The president of the CIA has a name, the leader of the republican party has a name, the members of the PNAC are publicly known, and they made their goals clear. There is no hidden Moriarty pulling the strings of the criminal world. Even the leaders of historical secret criminal organizations that actually existed, were known long before they've been convicted, the Mafia, Al Capone, the Zetas. The leader of the Mossad is public information. The Nazi leadership was all well known before they overthrew the government.

The fact is, it is really hard to rule the world secretly. When you start saying 'they' are doing it, it makes you sound clueless, and you fit in the same category with the birthers, because 'they' could have forged the birth certificate on file in Hawaiian government offices.

Critical thinking is gathering evidence before making wild guesses; 'questioning everything' alone is not critical thinking, it's braindeadedness. If your questioning doesn't come with research then it is not called critical thinking, it is called closing your eyes.

Re:Why. (1)

mypalmike (454265) | more than 4 years ago | (#31176048)

Why.... would the U.S. Government release results of an attack simulation is beyond me....

The U.S. government was not involved. The "simulated attack" was essentially a play put on by a non-profit organization, the "Bipartisan Policy Center".

Re:Why. (1, Funny)

elrous0 (869638) | more than 4 years ago | (#31176542)

the "Bipartisan Policy Center".

...or as it's better known "The Republican Party."

Re:Why. (4, Insightful)

characterZer0 (138196) | more than 4 years ago | (#31176406)

"All warfare is based on deception."

-Sun Tzu

Duh! (3, Interesting)

RyanFenton (230700) | more than 4 years ago | (#31175940)

Security is almost by definition an illusion - by making information accessible to someone, you make it potentially available to anyone. Completely enforcing security ideals to a logical extreme would result in complete paralysis, depleting enormous resources along the way (see: the cold war). If you want to keep anything secret, you have to limit its use, and limit the amount of things you keep secret - otherwise the cost of maintaining that secret status becomes prohibitive and unrealistic.

It's the same thing with 'virtual borders' as it is with real borders - you can't keep eyes, or even cameras, or even CPU cycles going on all potential borders. It just won't work - you have to observe effects and target responses, use honeypots and similar tactics, and marshal your resources to minimize the effects of breaches. Better yet, improve relations and economies on both sides of the border, and make such breaches meaningless while still enforcing your limited security goals - you'll be serving all your underlying motivations at the same time.

Then again - security always seems to be a 'temporary' thing, that happens to almost always be escalating. Don't you love your family enough to own the latest and greatest killing machine? Inside most real life monsters lies the desire for securing safety for one's interests - with the lines of priorities drawn right through the property/face of someone else. That's not something we're likely to be getting over anytime soon, conflicting interests, and aggressive 'defense'.

Ryan Fenton

Re:Duh! (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#31176156)

Better yet, improve relations and economies on both sides of the border, and make such breaches meaningless while still enforcing your limited security goals - you'll be serving all your underlying motivations at the same time

Truer words have never been spoken. Instead of treating everyone like an enemy, try making everyone a friend.

Re:Duh! (0)

Anonymous Coward | more than 4 years ago | (#31177316)

Fuck it. Let's kill them all.

Re:Duh! (1)

Mashdar (876825) | more than 4 years ago | (#31176464)

One. Time. Pad. [wikipedia.org] Seriously, though. That's truly secure. Unless you catch the guy with the other pad before he burns it.

Re:Duh! (1)

colesw (951825) | more than 4 years ago | (#31177482)

So not totally secure then?

Re:Duh! (1)

Gitcho (761501) | more than 4 years ago | (#31177178)

Better yet, improve relations and economies on both sides of the border

i think he's right ... you know, I wonder how much security we would need if we did things like practice what we preach, swallow our pride every now and then, admin we screwed up when we do? Bad example: (not that Canada is the model country by any stretch) part of the reason we don't *need* a huge military force is because lots of countries *like* us.

Re:Duh! (1)

SlashDev (627697) | more than 4 years ago | (#31177384)

"by making information accessible to someone, you make it potentially available to anyone" Anyone who has the equipment to access that information that is. The Internet was invented by DARPA and eventually given to mass population. The government needs to have their own private secure network that is only accessible with proprietary equipment and software.

Re:Duh! (1)

hey! (33014) | more than 4 years ago | (#31177726)

Not to dispute your observations, which I agree with but you can say *anything* is an illusion if you choose a sufficiently constrained definition of it.

What you are talking about is the "all or nothing" model of security, where security is regarded as a property a system either has or does not have. Any system that a determined adversary can undermine is "not secure", and of course a determined adversary (one willing and able to engage in black bag jobs and human intelligence operations) is capable of penetrating any system.

Let me propose an alternate view of security: it is a continuous dimension on which systems can be placed for purposes of evaluating them for a particular kind of use. The question then is not "is this system secure?" but rather "is this system sufficiently secure to serve this purpose in this situation?"

It's quite reasonable to ask whether a network of computers connected through the Internet and running certain services and software are sufficiently secure to run the nation's power grid. The important thing isn't the answer you get, but the *process* you go through to obtain that answer. A sound process for answering that question should result in a deeper understanding of the system's vulnerabilities. "Is this system secure?" is too vague, and is apt to lead to wishful thinking.

I don't quite understand 'how' this was simulated (3, Interesting)

zero_out (1705074) | more than 4 years ago | (#31176052)

After reading the article, I'm still not sure how this was simulated. Was it basically a situation where a bunch of agency heads sat around, were given a scenario, and asked 'what would you do'? Was this a test of department decision making, or an actual test of doing something? I'm just having a hard time understanding the 'format' of this simulation.

Re:I don't quite understand 'how' this was simulat (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#31176642)

Nothing really technical was simulated. You've got the right idea. A bunch of people sat down, each were sat down and told their duties and the scenario. Ready set go, collect the end result.

creepy (1)

Sprouticus (1503545) | more than 4 years ago | (#31176064)

The thinking that came out of this was creepy. giving the feds the ability to shut down cell phone network autonomously? Giving them the right to nationalize the national gaurd? I dont think so.

They cant be serious.

The only decent quesitons in the article was

1) How do you respond if the servers are foreign soil.
2) How likely is it to happen

the big one they failed to ask is

1) How the hell does a piece of malware jump from cell phones to cell NETWORK hardware to the internet?

Re:creepy (1)

bsDaemon (87307) | more than 4 years ago | (#31176174)

the department of defense can already take control over the national guard if necessary, though typically they are under the authority of the governor and attny general of their home state. There are a bunch of Guard units in Iraq right now, for instance. The cell phone network thing is a tad bit troubling though, yes.

Re:creepy (1)

Sprouticus (1503545) | more than 4 years ago | (#31176836)

Can they do this without permission from the governer though. Unless I miread the article (Im new here) they are 'concerned' that a govener may not give them such permission.

Re:creepy (1)

Ohrion (814105) | more than 4 years ago | (#31176628)

I agree and had the same thoughts. I'm going to assume this malware was flooding the cell network, much like the Melissa virus years ago "crippled" networks.

everybody knows (0)

Anonymous Coward | more than 4 years ago | (#31176066)

turkey and some mistletoe helps to make the season bright

so they stand under the mistletoe and kiss the dead turkey flesh?

gross!

Led by Negroponte and Chertoff? Pass the salt. (3, Interesting)

bughunter (10093) | more than 4 years ago | (#31176070)

While I don't disagree that we could do more in the area of computer security, one needs to look closely at the affiliations of the people running this "exercise."

They're both loyal Neocon insiders. John Negroponte [wikipedia.org] is the former Bush Director of National Intelligence. Michael Chertoff [wikipedia.org] is the former Director of Homeland Security, and co-author of the Patriot Act. And both of these positions were just the last in a string of appointments by Bush/Cheney.

And as career neoconservatives, they've been at the forefront of fearmongering and prevarication in order to lead the US to war and erode civil liberties. These are not opinions, these are well-documented facts [google.com] .

The neocons are a one trick circus; this is just their newest pony. If you've been paying attention the past nine years, how can you possibly doubt that this is anything else?

Re:Led by Negroponte and Chertoff? Pass the salt. (4, Insightful)

bughunter (10093) | more than 4 years ago | (#31176234)

Ugh. And Michael Hayden [wikipedia.org] . Bush's chief wiretapper.

Please. These people are among the threats we need security from.

Re:Led by Negroponte and Chertoff? Pass the salt. (0)

Anonymous Coward | more than 4 years ago | (#31176500)

Ugh. And Michael Hayden [wikipedia.org] . Bush's chief wiretapper.

Please. These people are among the threats we need security from.

You are going to need security from the MS13 punk who lives down the street from you when the power grid has been down 1-2 days.

Re:Led by Negroponte and Chertoff? Pass the salt. (1)

bertoelcon (1557907) | more than 4 years ago | (#31176662)

You group up with some people you know and all camp out in one house for mutual defense.

Re:Led by Negroponte and Chertoff? Pass the salt. (4, Insightful)

hoggoth (414195) | more than 4 years ago | (#31176784)

> You are going to need security from the MS13 punk who lives down the street from you when the power grid has been down 1-2 days.

On August 14, 2003 the power grid was down for 1-2 days. I didn't see any punks looting or attacking. But my neighborhood did come out of their houses for once and everyone got to meet each other. The kids got to know each other and had a great time playing instead of hiding inside from the big bad world. We made lasting friends and the neighborhood has been better for it in the years since that.

Stop fear mongering.

Re:Led by Negroponte and Chertoff? Pass the salt. (0, Troll)

dziban303 (540095) | more than 4 years ago | (#31178186)

On August 29, 2005, the power grid was down for several weeks. There were punks looting and attacking. I stopped reading your comment at about this point.

Re:Led by Negroponte and Chertoff? Pass the salt. (1)

toastar (573882) | more than 4 years ago | (#31176424)

What did i do with that mod point?

Re:Led by Negroponte and Chertoff? Pass the salt. (0, Redundant)

Ohrion (814105) | more than 4 years ago | (#31176644)

Yes seriously, the mods could spend all their points in this slashdot article very quickly.

Re:Led by Negroponte and Chertoff? Pass the salt. (1)

elrous0 (869638) | more than 4 years ago | (#31176604)

I wish I could mod you to +6. This "exercise" was nothing but a partisan attempt to embarrass the Obama Administration, scare the American people, dupe the press, and justify a bunch of heavy-handed neocon anti-civil-liberty measures. Its outcome from forgone before the day even began.

Re:Led by Negroponte and Chertoff? Pass the salt. (0)

Anonymous Coward | more than 4 years ago | (#31177960)

You are a professional fucking idiot. Do the Internet a favor and save your rubbish for your World of Warcraft buddies.

Let the rest of us handle your security. The least you could do is shut the fuck up while other people protect your ass.

Not Too Rosy (1)

AP31R0N (723649) | more than 4 years ago | (#31176280)

That's good. If it was too rosy that would be a bad thing. Just like we don't want pizza that is too hot or too cold.

Authoritarian Theater (4, Insightful)

Bob9113 (14996) | more than 4 years ago | (#31176402)

Regarding a possible shutdown of the cell phone and Internet service to prevent a cascading effect, the group found out that federal agencies actually don't have the authority to do so, and that companies providing these services might be unwilling to do it when asked.

Another thing that might prove to be an issue is the Governors' reluctancy to put their power in the hands of the federal government, which would possibly lead to a nationalization of the National Guard.

Federal Times reports that "Attorney general" Gorelick mused on the idea of introducing laws that would allow the government to seize broader power for the time it takes to suppress a nation-wide cyber attack.

A simple two step plan for advancing authoritarianism:

1. Scare People
2. Seize More Power

What, precisely, would lead us to believe that the Federal government is sufficiently adept at cyber-security to improve upon the staged outcome of this theatrical "attack"? I want better cyber-security and think it is important, much like health care. I do not, however, believe that our government has the skills, the lack of corruption, the honor, or the honesty to do it well. Much like health care.

Tell me, fear-mongers, what you are going to do to solve the problem. Not just a thousand pages of blather within which to hide giveaways to key lobbying groups. Real solutions that the information science and economics communities can scrutinize. If you cannot provide that, you are just asking for power. You are taking liberty with a vapid hint that maybe it will help security. Nay, not even that -- you are taking liberty by shouting fire in a crowded theater.

Bullshit. Start by presenting the solution. Shove your fear-mongering up your ass.

And as for you CNN: You should be ashamed for being their puppet. Sacrificing your journalistic integrity at the alter of the exclusive. What will your pretty shock-graphic story title say? How about: "Cyberwar: Public at Peril"

Re:Authoritarian Theater (1)

zero0ne (1309517) | more than 4 years ago | (#31177168)

If CNN didn't get the exclusive, you can guarantee that some other puppet media company would have.

If it wasn't exclusive, I am guessing (maybe hoping is a better word?) there would be a few reporters asking the same questions you are.

Re:Authoritarian Theater (1)

bughunter (10093) | more than 4 years ago | (#31177716)

You deserve the +6 mod, friend. Not I.

moSd up (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31176438)

Did anyone with technical knowledge participate? (1)

grandpa-geek (981017) | more than 4 years ago | (#31176598)

Looking at the list of participants, they seem to be all policy/political types. Was anyone with technical knowledge involved? My observation of the policy/political types is that their knowledge is so sketchy, vague, and reasoned by analogy (e.g., "collection of tubes") that they can't be depended on for anything technically accurate or definitive.

This event looks like it might have been hype for the purpose of motivating funding.

This is actually very comforting (1)

phantomfive (622387) | more than 4 years ago | (#31176710)

If you look at the simulated attack they used:

the faux attack began with malware masquerading as a free March Madness application for smartphones. Once activated, it spread fast and first incapacitated cellphone networks, then landlines, the Internet, and finally - aided by mock bombs exploding in a couple of gas pipelines and power stations and a hurricane hitting the Gulf Coast - brought the entire East Coast electrical power grid to its knees. Air traffic was thrown into disorder and commerce came to a standstill.

Ignoring the practical difficulty of bringing down a cellphone network AND the entire internet with a free March Madness smartphone application, notice that for an internet to have any real effect, they needed to include bombs exploding gas pipelines and power stations.......and a hurricane.

In other words, if you bomb things in the US it can cause problems. Seriously, we have thousands of miles of unprotected power lines across the country......some well placed bombs could knock the power out for a lot of people really quickly.

Re:This is actually very comforting (4, Interesting)

vlm (69642) | more than 4 years ago | (#31177216)

some well placed bombs could knock the power out for a lot of people really quickly.

The interesting thing is that bombs don't do "much" to power lines. A "sooper soaker" three man sling shot, a couple dozen lengths of chain, and a substation, now you're talking. Transmission towers and cutting torches don't mix very well either.

I have this jewish friend, real jewish like cousins in Israel type of jewish. Anyway, he explains that real terrorists do about a hundred attacks against structures for every time they hit people. Broken glass, molotov fires, graffiti, cut wires, etc. Thats because you never know when a person will whip out an uzi and fight back (well, actually, in the gun control areas in the us, you know they're sitting ducks), but aside from darwin award winners, structures never fight back. Thats how I've always known the "terror threat" in the US is bogus, because no one ever hits our structures.

Now, if we were sitting in the dark, with no water or sewers, no radio or TV, no gas stations, no natural gas, all shop windows broken, all forests on fire, then I'd believe we are under a real terrorist threat... But when its just Reichstag fire acts followed immediately by passage of enabling legislation, followed within a couple years of invasion of multiple innocent countries...

[TinfoilHat] (0)

Anonymous Coward | more than 4 years ago | (#31176714)

Don't you see?!? This is just a ploy. You "admit" you are unprepared for an attack to provoke an attack, so you can track the attackers back to their home base and destroy them. And to think some of you consider yourselves intelligent, observant people. [/TinfoilHat]

Honeypot? (1)

adosch (1397357) | more than 4 years ago | (#31176912)

FTFA, it's clear that the powers-that-be in charge are incapable with dealing with the scenario properly, what I didn't see covered is anything about "could we handle an attack" from a real infrastructure and mitigation standpoint. IMHO, who gives a flaming rip that some congressional desk monkey can't follow the very policies and procedures they wrote themselves. We all know IT people like me, you and the rest of the InfoSec world are going to have to deal with it and if I noticed it on a national, federal, state or private sector level on my watch, I wouldn't wait for someone to bark an order from up high to try and do something about it.

For all I know, it could be a big U.S. government social propaganda honey-pot to lure attacks to learn from them or see which country "jumps first". I think I just gave my own government WAY too much credit.

TERROR ! (1)

CmdrGravy (645153) | more than 4 years ago | (#31176960)

Yeah, ramp up that TERROR, turn the dial to PANIC !

Are you scared yet citizen ? Are you ...

Re:TERROR ! (0)

Anonymous Coward | more than 4 years ago | (#31177204)

And Bush thought there was something wrong with the box because it said "DEFCON FAIL".

Mock cyber attack == Real media circus (5, Insightful)

drinkypoo (153816) | more than 4 years ago | (#31177424)

This was not a mock cyber attack, but in fact it was a media event hosted by the U.S. government.

  1. "The entire scenario was thought up by Michael Hayden, the former CIA Director" — 'nuff said.
  2. "A bevy of former top US officials were given various roles to play" — note that none of these people were the actual officials playing themselves. Thus this "test" proves nothing.
  3. "a free March Madness application for smartphones. Once activated, it spread fast and first incapacitated cellphone networks, then landlines" — You shut off the cellphone networks and this problem ends. And given how crap they are, they'll probably go down by themselves before they actually take out the land lines. Further, military communications (including governmental backups) are not dependent on either.
  4. "aided by mock bombs exploding in a couple of gas pipelines and power stations" — What does this sentence even mean? Mock bombs exploding does nothing except make smoke and a noise. Mock bomb attacks on these items takes this out of the realm of a "cyber" attack.
  5. "When the servers serving the malware were "discovered" to be located in Russia, "National Security Advisor" Chertoff immediately began inquiring about the possibility of shutting them down and the implications of such an action." — But since there's only a few choke points for traffic to enter the country, this is a stupid and deliberately provocative question to ask. Anyone suggesting doing this in the event of an actual attack should be eliminated from the chain of command for incompetence immediately.
  6. "Regarding a possible shutdown of the cell phone and Internet service to prevent a cascading effect, the group found out that federal agencies actually don't have the authority to do so," — So what? That's what declaring a state of emergency is for. Then they "magically" get the authority for the duration of the emergency.
  7. "Another thing that might prove to be an issue is the Governors' reluctancy to put their power in the hands of the federal government, which would possibly lead to a nationalization of the National Guard." — If the federal government doesn't have any power, how would that help anyway? To create a larger clusterfuck? Also, what does this sentence mean? Which power? Which part of the federal government?
  8. "Federal Times reports that "Attorney general" Gorelick mused on the idea of introducing laws that would allow the government to seize broader power for the time it takes to suppress a nation-wide cyber attack." — But since no such laws were needed, the true purpose of this exercise was revealed.
  9. "When the "exercise" came to an end, the likelihood of such a scenario was discussed. "Secretary of State" Negroponte declared that the attack seemed very plausible to him." — Because otherwise the whole thing would be revealed as either a direct manipulation or a big jerkoff waste of time, and we can't have either of those things coming out, can we?
  10. "Will a real cyber attack of these proportions be required to wake the government up? Probably. In the meantime, war games such as these can start the ball rolling into the right direction." — And apparently that direction is towards greater fascism.

Seriously, this is the prelude to new legislation that will in practice be used to justify terminating all kinds of service to clamp down on free speech, in the name of prevention of terrorism. And if you try to discuss it, you'll just lose your connection to the internet. When will we wake up and build a mesh network permitting an end-run around the Powers That Be?

I don't get it... (1)

hort_wort (1401963) | more than 4 years ago | (#31177592)

why didn't they just let Skynet handle it?

not cyber attack (1)

bugi (8479) | more than 4 years ago | (#31177702)

That was a "simulation" of an attack that just happened to have "cyber" elements.

Rediculous much? (1)

Stick32 (975497) | more than 4 years ago | (#31177968)

While I for one agree that we are a bit under prepared for a cyberwar... the conditions for this 'test' was a bit ridiculous. From the original article:

...aided by mock bombs exploding in a couple of gas pipelines and power stations and a hurricane hitting the Gulf Coast - brought the entire East Coast electrical power grid to its knees...

Ok let's examine this shall we. Only 2 threats would have the resources, motivation, and means to even attempt something on this scale. 1) Well funded and organized terrorist organizations. They would have to successfully infiltrate and carry out an attack on a very tight and specific schedule. All the while avoiding raising suspicion with the NSA, CIA, and FBI to name a few. 2) Foreign Governments: Not only would they have to do all the same things as the above, they might as well have troops ready to invade because once this gets traced back to them, which it would, it would start a war. Hell, while we're at it why don't we simulate the attacker coordinating with strategic Nuke strikes at key infrastructure points and parachuting in commando units to secure corridors from troops invading in from Mexico and across the bearing straight. We could call it operation Red Dawn. Point is, if either of these scenario's caught us completely by surprise. We have bigger problems than our National infrastructure.

Mock Earth Ending Asteroid Attack (1)

abbynormal brain (1637419) | more than 4 years ago | (#31178252)

... shows US preparedness. Bruce Willis and crew on standby.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?