Banking and energy officials joined members of the Pentagon, National Security Agency (NSA) and the Department of Homeland Security for a three-week cyber war game in Suffolk, Virginia last month. The exercise was designed to train US and British officials and military personnel, as well as several key-companies, for inevitable large-scale cyber attacks on multiple continents, and ensure “operational readiness.”
According to the US Department of Defense (DoD), the training exercise was co-led by the Federal Bureau of Investigation (FBI) and involved more than 1,000 participants from more than 100 government, industry and academic organizations. Known as Cyber Guard, it was the fourth annual training event of its kind and gave participants the opportunity to rehearse “a whole-of-nation response to destructive cyber attacks against US critical infrastructure.” Previous exercises focused on “whole-of-government” US scenario rather than taking an international approach.
The cyber attack training exercise was held from June 8 to 26 and conducted in the Suffolk state-of-the-art facility that was established for a wide range of military exercises and tests.
According to the director of exercises and training at US Cyber Command, Rear Admiral Kevin E. Lunday, the outcome they were looking for was “operational readiness.” By putting participants under pressure in a simulated cyber attack environment, it was hoped that they would learn how to respond when faced with a real-life scenario. It wasn’t a question of whether the kind of cyber attack they had simulated might occur, he said, “but when it will occur.”
In recent months hackers have successfully accessed computer networks at the Pentagon and White House, and late last year hackers breached security and got into Sony Pictures, as well as JPMorgan Chase & Co, one of the world’s largest financial institutions. As cyber attacks become increasingly sophisticated, there is a fear that disruptions could be much more intense and could theoretically lead to a shutdown of the electrical grid, stoppage of water supply, or even interference with the banking system. The lengthy digital Cyber Guard exercise was described by The Wall Street Journal this week as an intense preparation for “the next frontier in warfare: cyberattacks.”
The game began with a major earthquake in California that was followed by a number of coordinated and well-executed cyber attacks that included the many disruptions so many fear. Gas and oil pipelines were disrupted; a large commercial port in the UK was affected; and Pentagon computer networks were hacked – which of course has already happened. The ordinary man (and woman) in the street was also affected, with long queues for food at supermarkets and other stores, as well as a freeze on cash at banks.
Participants played in teams, with the Opposing Force leading each attack. Attacks varied from those carried out by relatively unsophisticated hackers to attacks by other countries using very advanced cyber weapons. Organizers watched the games from a “white cell” (a separate room) and assessed the successes and weaknesses of each team. At the end of the three-week session, teams were expected to counterattack the “enemy” using what was termed defensive cyber “response actions.” It is understood that these counterattacks were carried out on order, in keeping with the fact that any cyber counterattack would be controlled by the White House and defense secretary.
“Cyber Guard is an evolving exercise, continually expanding to meet the demands of the Department of Defense and the nation,” the DoD fact sheet states.
By Penny Swift
