Cyber ShockWave Simulated Cyber Attack Set for Tuesday

The Bipartisan Policy Center (BPC) announces it will host Cyber ShockWave, a simulated cyber attack on the United States on Tuesday, February 16, 2010. Cyber ShockWave will provide an unprecedented look at how the government would develop a real-time response to a large-scale cyber crisis affecting much of the nation. The event will take place at the Mandarin Oriental Hotel in Washington, D.C.

The Cyber ShockWave simulation, created by former CIA Director General Michael Hayden and the BPC’s National Security Preparedness Group, led by the co-chairs of the 9/11 Commission, Governor Thomas Kean and Congressman Lee Hamilton, follows the acclaimed series of Oil ShockWave simulations conducted in 2007 by the BPC and Securing America’s Future Energy (SAFE). Oil ShockWave addressed dependence on foreign oil as a national security threat.

Cyber ShockWave, developed in partnership with General Dynamics Advanced Information Systems, SMobile Systems, Southern Company, Georgetown University, and PayPal, will highlight the immediate, real dangers of cyber-terrorism by bringing together a bipartisan group of former senior administration and national security officials playing the roles of Cabinet members. The participants, whose mission is to advise the president and mount a response to the attack, will not know the scenario in advance. They will react to the threat in real time, as intelligence and news reports drive the simulation, shedding light on how the difficult split-second decisions must be made to respond to an unfolding and often unseen threat.

Following the simulation, there will be a post-event discussion with the participants and partners to discuss what the U.S. government can do to avoid a real-world cyber attack of this magnitude and what can be learned from the exercise.

Former senior administration officials and national security experts participating include:

• Secretary of Homeland Security Michael Chertoff as National Security Advisor
• Director of National Intelligence John Negroponte as Secretary of State
• White House Homeland Security Advisor Fran Townsend as Secretary of Homeland Security
• Director of Central Intelligence John McLaughlin as Director of National Intelligence
• Senator Bennett Johnston as Secretary of Energy
• Director of the National Economic Council Stephen Friedman as Secretary of Treasury
• Deputy Attorney General Jamie Gorelick as Attorney General
• White House Press Secretary Joe Lockhart as Counselor to the President
• General Counsel of the National Security Agency Stewart Baker as Cyber Coordinator
• Deputy Commander U.S. European Command Charles F. Wald as Secretary of Defense

WHO: Bipartisan Policy Center

WHAT: Cyber ShockWave

WHEN: Tuesday, February 16, 2010

10:00am – 1:00pm

WHERE: Mandarin Oriental Hotel

1330 Maryland Avenue SW Washington, D.C. 20024

Cyber ShockWave is sponsored by General Dynamics Advanced Information Systems, SMobile Systems, Southern Company, Georgetown University, and PayPal. Symantec Corporation also contributed to this event.

Could Terrorists Stage Cyber Attack From Canada

Interesting article from National Security expert James Carafano in the Washington Times.

Wake the president. It’s 3 a.m. and the phone is ringing. Loudly. A terrorist group has breached the firewall of the SCADA, the Supervisory Control and Data Acquisition system that controls the flow of major oil and natural gas pipelines throughout North America. Terrorists inserted a command that causes pressure gauges throughout the network to send pumps into overdrive. Pipelines have split, setting off spills, fires and explosions in multiple locations.

It gets worse. Within an hour, the malicious hackers have intruded into the national electrical grid, setting off power failures that stretch from Toronto to Baltimore.

Frantically analyzing the situation, security experts are able to identify the origin of the attacks. The president declares the incidents an act of war and orders a retaliatory strike: The enemy – Canada.

While the scenario above is fiction, it is anything but science fiction. And the likelihood of a cyberattack coming from Canada is anything but unlikely.

That is not to say that Canada is a national security threat. Though they were on the wrong side of the American Revolution and the War of 1812, for the past century or so the Canadians have been the best security neighbor any nation could hope for. They’ve been our brothers-in-arms in two world wars, a cornerstone of NATO, and a hard-and-fast battle buddy in Afghanistan.

via CARAFANO: Oh Canada! Quelling cybersecurity threats – Washington Times.

FBI Suspects Terrorists Are Exploring Cyber Attacks

According to a WSJ report today, The FBI is looking at groups suspected of having links to al Qaeda who have shown an interest in mounting an attack on computer systems that control critical U.S. infrastructure.

While there is no evidence that terrorist groups have developed sophisticated cyber-attack capabilities yet, a lack of security protections in U.S. computer software increases the likelihood that terrorists could execute attacks in the future, an official warned.

If terrorists were to amass such capabilities, they would be wielded with “destructive and deadly intent,” Steven Chabinsky, deputy assistant director of the FBI’s Cyber Division, told the Senate Judiciary Committee Tuesday.

“The FBI is aware of and investigating individuals who are affiliated with or sympathetic to al Qaeda who have recognized and discussed the vulnerabilities of the U.S. infrastructure to cyber-attack,” Mr. Chabinsky told the committee, without providing details.

Such infrastructure could include power grids and transportation systems.

The control systems of U.S. infrastructure as well as money transfers are now connected directly or indirectly to the Internet. Hackers have been able to penetrate computer systems running components of the U.S. electric grid as well as divert bank transfers.

Read Full Article

Military Source Warns of North Korea’s EMP Bomb

North Korea is developing a bomb that emits an electromagnetic field upon explosion and damages nearby electronic devices, a South Korean military source has revealed to the JoongAng Ilbo. The source said North Korea has been working on the electromagnetic pulse bomb, or EMP bomb, since the mid-1990s, with help from Russian scientists, adding that the weapon may be near completion.

The EMP bomb produces a short but strong electromagnetic pulse that, if exploded 40 kilometers (25 miles) above ground, would affect equipment within a 700-kilometer radius, including exposed electrical conductors, such as wires.

According to Australia-based defense analyst Carlo Kopp and his paper at the GlobalSecurity.org Web site, the EMP effect can cause irreversible damage to electrical and electronic devices, such as computers, radio and radar. He noted that EMP devices can render many modern military platforms useless because they are packed with electronic equipment. He argued that the damaged inflicted by such a bomb is akin to the harm caused by powerful bolts of lightning. The EMP bomb is not known to cause casualties. The U.S. forces used them at the onset of the war on Iraq in 2003.

The South Korean source said he expects the North to develop EMP bombs as warheads for aircraft bombs and for Scud-B missiles, warning that the North could use the weapons early and often if war broke out on the peninsula. South Korean and U.S. forces are vulnerable to EMP attacks since they rely on a great number of computer systems and their weapons are heavily equipped with electronic devices, the source explained.

Read Article

Congressman Calls For Cyber Reprisals Against North Korea

A Republican congressman has urged the US to unleash a retaliatory cyber-attack against North Korea over DDoS attacks supposedly launched against US and South Korean websites.

Congressman Peter Hoekstra of Michagan, the lead Republican on the House Intelligence Committee, urged President Obama to mount a “show of force” against North Korea over its alleged role in cyberattacks last week.

Hoekstra made the call to fire up the cyber-equivalent of B-52 bombers despite absolutely no evidence that the impoverished, hard-line communist state is involved in the assault. This lack of evidence didn’t prevent Hoekstra from warning about possible “cyber-geddon” if the US failed to act on last week’s attacks.

If action is not taken, he said during an appearance on American radio show, “next time they’ll go in and shut down a banking system…or manipulate the electrical grid either here or in South Korea. Or they will try and miscalculate, and people will be killed.”

via Congressman calls for ‘cyber-reprisals’ against North Korea • The Register.

North Korea May Be Behind Wave of Cyberattacks

South Korean intelligence officials believe it was North Korea or pro-Pyongyang forces that committed cyber attacks that paralyzed major South Korean and U.S. government Web sites, aides to two lawmakers said Wednesday.

Read the related stories.

Government Agencies, Washington Post Targeted in Cyberattack

Cyber Attack Hits South Korean Web Sites

Source

Government Agencies, Washington Post Targeted in Cyberattack

A widespread and coordinated cyberattack during the past few days has targeted Web sites operated by major government agencies, including the departments of Homeland Security and Defense, the Federal Aviation Administration and the Federal Trade Commission, according to several computer security researchers.

The attacks involved thousands of computers around the globe infected with rogue software that told them to repeatedly attempt to access the targeted sites, a tactic aimed at driving up traffic beyond the sites’ normal capacity and denying access to legitimate users, according to the researchers, many of whom spoke on condition of anonymity because they are helping with the investigation.

Department of Homeland Security spokeswoman Amy Kudwa said that the agency was aware of ongoing attacks and that the government’s Computer Emergency Response Team had issued guidance to public and private sector Web sites to stem the attacks.

Read Full Article

Cyber Attack Hits South Korean Web Sites

A number of South Korean government Web sites were inaccessible on Wednesday, apparently taken offline by a large cyber-attack that had earlier hit U.S. government sites.

The Web site for South Korea’s president, the Blue House, and those for the National Assembly and Ministry of National Defense were all offline at Wednesday lunchtime. Also inaccessible was the home page of the Grand National Party and the Chosun Ilbo national newspaper

The Korea Internet Security Center’s security index was set at “substantial,” which is the middle of its five levels and signifies regional Internet security problems and advises all Internet users to take urgent security measures.

Local press reports said around 25 sites had been hit since late Tuesday including those of major banks including Shinhan Bank and Korea Exchange Bank and major portal Naver. All three appeared to be operating normally at Wednesday lunchtime but a prompt on the page of Shinhan Bank referenced a distributed denial of service (DDOS) attack and advised users to download security software.

Read Full Article

U.S. Cyberattack Console Aims to Turn Grunts into Hackers

The U.S. military is putting together a suite of hacking tools that could one day make breaking into networks as easy for the average grunt as kicking down a door.

That’s the word from Aviation Week, which snuck an unusual peek inside a “U.S. cyberwarfare attack laboratory.” There, researchers are building a “device” that would “weaponiz[e] cyberattack for the non-cyberspecialist, military user.”

In recent years, Defense Department officials have thumped their chests, hard, about how good the Pentagon is at hacking enemy networks. But discussing specific online attacks — ordinarily, that’s done mostly inside of secure facilities. A 2008 Danger Room post on an unclassified Air Force research project to give cyberwarriors “full control” of “any and all” computers set of a frenzy inside the service. Generals were pelted with questions about how such supposedly-sensitive information was allowed to escape into the public sphere. Since then, there have been increased calls within military circles to show off at least some of what the armed forces’ network attackers can do. It’s an effective way of detering potential foes online, the logic goes.

The device described to Aviation Week is designed “to tap into satellite communications, voice over Internet, proprietary Scada [supervisory control and data acquisition] networks — virtually any wireless network.” And it would be able to do so in a way that makes sense to n00bs.

via U.S. Cyberattack Console Aims to Turn Grunts into Hackers | Danger Room | Wired.com.