Homeland Security Watch

News and analysis of critical issues in homeland security

March 10, 2008

DHS Kicks Off Next Cyber Security Excercise

Filed under: Cybersecurity,Strategy — by Jonah Czerwinski on March 10, 2008

Tomorrow, the National Cybersecurity Division – part of DHS’s Office of Cyber Security and Communications will hold its second large-scale national cyber exercise, Cyber Storm II. The exercise follows Cyber Storm I, held Feb. 6-10, 2006, the first government-led, full-scale exercise (FSE) on cyber security. These FSEs are intended to improve public and private sector interaction for enhanced decision making and information sharing, as well as better public communication techniques and stronger response and recovery capabilities.

The Cyber Storm II scenario will include coordinated cyber and physical attacks on critical infrastructure to simulate a political and economic agenda. Participants in the FSE include Federal, State, local, and international governments, as well as private sector entities from multiple critical infrastructure sectors.  The adversary for Cyber Storm I was depicted in this rendering (click to enlarge):

cyberstorm-i-adversary.jpg

The National Cybersecurity Division (NCSD) is responsible for providing cyber security coordination and preparedness under Homeland Security Presidential Directive 7. The shorthand mission for NCSD is to coordinate the federal government’s “interaction with state and local government, the private sector and the international community concerning cyberspace vulnerability reduction efforts.”

I’d like to add one more goal for Cyber Storm II: Define cybersecurity once and for all.

In an article published by CSO Magazine, Rick Lawhorn, the former Chief Information Security Officer for GE Financial, identifies four different definitions of cyberterrorism or Cybercrime that need to be reconciled:

State Department definition, Title 22 of the U.S. Code, Chapter 38, Section 2656f(d): premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents, usually intended to influence an audience.

FBI definition: the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.

Defense Department definition: the calculated use, or threatened use, of force or violence against individuals or property to coerce or intimidate governments or societies, often to achieve political, religious, or ideological objectives.

United Nations definition: any act intended to cause death or serious bodily injury to a civilian, or to any other person not taking an active part in the hostilities in a situation of armed conflict, when the purpose of such act, by its nature or context, is to intimidate a population, or to compel a government or an international organization to do or to abstain from doing any act. Article 2(b) of International Convention for the Suppression of the Financing of Terrorism, May 5, 2004)

Lawhorn is right. The absence of a standard definition of the cyber threat hobbles efforts to track it, understand it, and identify the characteristics that comprise its profile.  This same gap plagues efforts to combat overall terrorism. This is most apparent when we attempt to work with allies overseas, but the recent REAL ID showdown with Montana, South Carolina, and Maine are another example close to home. If cybersecurity is achieved by orchestrating federal, state, local, and international governments, as well as private sector entities from multiple critical infrastructure sectors, a baseline definition is an unavoidable first step.

UPDATE — DHS Issued a press release this evening with a link to more information about Cyber Storm II.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

2 Comments »

Comment by William R. Cumming

March 10, 2008 @ 11:06 am

When participating in drafting sessions of PD-63 I suggested after distributing copies that updating the definition of “Sabotage” where ever it appears in the United States Code but in particular the criminal code, Title 18, would assist in both critical infrastruction physical security and cyber security. It was obvious in the drafting session that few in the room took seriously the long term implications of the President’s Commission on Critical Infrastructure Protection (report issued fall 1997) that analyszed and laid the ground work for the now historic and permanent split between physical security (see for example E.O. 12656 as amended) and cyber-security. The failure to follow through on the Congressionally (not Executive Branch) mandate to create the Commission may prove tragic. Again, compliments to Senator’s Kyle and Bennett. Without them the Commission would not have existed. It even helped in Y2K preparations which todate is the largest civil preparedness effort undertaken by the Executive Branch with the exception of the COG/COOP programs. That preparedness effort was largely successful with the exception of a 9 day outage of the NRO’s satellite coverage for one of its programs. Another example where instead of taking the initiative the Clinton Administration waited for others to act first.

Pingback by CYBERSPACE Cyber Storm II National Cyber Exercise « netwit 2.0

December 21, 2010 @ 12:26 pm

[...] DHS Kicks Off Next Cyber Security Excercise [...]

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>