Cyber Storm

The scenario targeted specific public and private organizations and involved both physical and Internet-based components. As part of the plan, bloggers spread misleading information along with information related to the scenario. Organizations being tested tried to discern which bits of information were relevant and, from that information, determine the nature of the attack.

Cyber Storm was aimed at computer systems involved in the operation of the critical infrastructure of the USA, particularly the information technology (IT), energy, communications, emergency management, military, and transportation sectors. The simulation did not involve or target private individuals or enterprises without their knowledge or consent.

The 115 participants involved in the planning and execution of Cyber Storm included government agencies at the federal, state and local levels, along with international agencies and corporations. Participants included:

• Department of Commerce
• Department of Defense
• Department of Energy
• Department of State
• Department of Transportation
• Department of Treasury
• Department of Justice
• Director of National Intelligence
• Central Intelligence Agency
• National Security Agency
• Microsoft
• CERT Coordination Center
• States of Michigan, Montana and New York
• FBI
• U.S. Secret Service
• NORTHCOM
• American Red Cross
• Public Safety and Emergency Preparedness Canada.

Full details have not been made public, but the DHS has indicated that Cyber Storm was complex and extensive enough to constitute a good simulation of an actual cyber attack. Cyber Storm evaluated communication and interaction among key organizations but did not involve major ISPs and backbone providers. The DHS will coordinate with IT-ISAC (Information Technology Information Sharing and Analysis Center) later in 2006 for a simulated attempt to bring down the Internet.

Read more about Cyber Storm: - The Department of Homeland Security issued a press release about Cyber Storm. - eWeek announced that "Feds Deem Operation Cyber Storm a Success."

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Services: QualysGuard Security and Compliance Suite At Your Service Information security book excerpts and reviews Visit the Information Security Bookshelf for book reviews and free chapter downloads. Screencast: Penetration testing with Metasploit Peter Giannoulis of http://theacademy.ca demonstrates how Metasploit can be used to test commercial and custom-made applications, servers and...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary ethical hacker  (SearchSecurity.com) ethical worm  (SearchSecurity.com)