March 27, 2008

The genesis of Government cyber war games

9:43AM Tuesday March 11, 2008

There'll be some nervous IT managers in Government departments in Wellington and in the offices of our big infrastructure providers around the country as their networks are poked and prodded by US officials posing as cyber criminals.

It's all part of Cyber Storm II, electronic war games the US is conducting with its military allies, the United Kingdom, Australia, Canada and New Zealand, who are also its partner in the ECHELON electronic surveillance network.

If you want a good insight into the motivations for setting up the Cyber Storm war games, read this excellent
>New Yorker profile of Michael McConnell, the US Government's director of national intelligence.

As the man coordinating the bodies that make up the US "intelligence community", McConnell was tasked by President Bush with formulating a cyber security strategy after he related the threat to the president in terms he could really relate to.

As the New Yorker puts it: "According to someone who was in the Oval Office, McConnell then said, "If the 9/11 perpetrators had focussed on a single US bank through cyber-attack and it had been successful, it would have an order-of-magnitude greater impact on the US economy."

The President blanched and turned to the Secretary of the Treasury, Henry Paulson.

"Is that true, Hank?" he said. Paulson said that it was. The President then charged McConnell to come up with a security strategy, not only for government systems but also for American industry and private individuals.

If the threat to infrastructure from hackers targeting increasingly centralised systems running telecoms and electricity networks as well as the mechanics of government, there's also the threat of electronic information theft.

According to the US Department of Defence, it receives three million unauthorised probes of its networks every day.

Only a tiny sliver of these approaches are successful - at least we only hear about the really bad exploits, like when the Pentagon last year had to shut down hundreds of computers to contain a hack attack. Here's an interesting if dubious YouTube video on that subject.

What's come hand in hand with the post-September 11 attempts to shake up the intelligence community is the use of some very Web 2.0 tools to make spies more efficient.

Again, from the New Yorker:

"In 2006, the community adopted Intellipedia, a secure version of Wikipedia. Blogging is now permitted on internal servers, giving contrarian opinion a voice. There is a new "A-Space"-based on sites such as MySpace and Facebook-in which analysts post their current projects as a way of creating social networks. The Library of National Intelligence is an online digest of official reports that will soon provide analysts who use it with tips, much the way Amazon and iTunes offer recommendations to their customers."

Imagine if someone figured out how to hack Intellipedia. The threats here are most likely of a different sort - attacks on critical infrastructure such as telephone and electricity are more likely than attempts to steal sensitive information, though the GCSB is taking the threat of this seriously.

Barring a major slip-up in which a simulated attack runs wild we're unlikely to hear too much about the results of Cyber Storm II until the US Government releases a progress report, as it did after the last war games exercise which New Zealand was involved in to a lesser extent.

That report pointed out many holes in security, in particular the deficiencies in communications strategies when a major cyber attack is identified.

No comments: