Feeds

back to article US cybersecurity defences fail to thwart mock cyberattack

Critical US electronic systems have failed to withstand a simulated cyberattack. Participants in a recent cyber-warfare exercise told Reuters that the exercise highlighted problems in leadership, communications and readiness. The two-day exercise brought together 230 government agencies, private firms and other participants. …

COMMENTS

This topic is closed for new posts.
Silver badge

A View to AI Kill a Mocking Bird ...

"Homeland Security Secretary Michael Chertoff added that international laws need to be updated to provide a framework for cybercrime responses."

Yeah, right on, Big Brother, but No Thanks if that is USNewspeak for Biased in favour of a Cowboy Hegemony? Been there, done that and IT Sucks Badly. Let's Play an Altogether Beta Game without the Slings and Arrows of Outrageous Mock Fortune.

CyberSpace Control Systems are a Virtual Front with Rules and InterNetional Laws which are deliberately Novelly IntelAIgently Designed, by Virtue of their Stealthy Ease`of Discovery, to automatically update themselves towards Perfection, although Any and All Constructive, Third Party Remote`Support in Innovation and Implementation is to be Lauded and Applauded.

0
0

Is this why we gotta pay $700 billion to the banking industry?

Ah, I see. "Cyberwar" must be why Wall Street lost $7 trillion in value and why the feds tacked $700 billion onto the national debt just to shore up the banking industry. It HAD to be an act of cyberwar -- I mean, what else could possibly account for such astronomical financial losses?

0
0
Silver badge

I don't need no stinking title

"Attackers always have the advantage over defenders in cybersecurity and, by extension, cyber-warfare. Problems such as maintaining extended supply lines or knowing the terrain on which battles are fought really translate into the sphere of cybersecurity."

Shurely controlling which nodes go online, which is connected to what, and what -passive or active- protections are in place is how "extended supply lines" and "knowing the terrain" translate to. And it's definitely giving an advantage to the defenders, not the attackers. Now the attackers are still one step ahead, because of the element of surprise, and because the defenders typically need to keep the systems online as much as possible, which prevents them from really using the "supply lines" and "knowing the terrain" advantages to their full extent. So, yes, the attackers usually have an advantage, but it's because the "Problems such as maintaining extended supply lines or knowing the terrain on which battles are fought" do _not_ "translate into the sphere of cybersecurity" terribly well.

Appart from that, this is not a real surprise. Saying "US cybersecurity defence fail" is a bit like saying "UK civil servants lose data". Bleeding obvious.

0
0
Coat

Booz

"Booz Allen Hamilton consulting service, which organised the simulation. "There isn't really anybody in charge"

I'm not surprised with a name like that!

Mines the one with cheapo White Ace cider in the pockets.

0
0
Alien

Mars...

Where have you been recently?

I missed your total gibberish!

A few words to the wise....

Beware the Jabberwock, my son!

The jaws that bite, the claws that catch!

Beware the Jubjub bird, and shun

The frumious Bandersnatch!

0
0

Lesson learned

"Without knowing the details of the simulation it's difficult to speculate on what lessons might be learned."

With all due respect, it's not difficult at all to speculate on what lessons might be learned -- none. The government NEVER learns any lessons. Instead, they stick their fingers in their ears while burying their heads in the sand, all while screaming "I'm not listening!". If the US federal government had the ability to learn from its mistakes, we wouldn't be in our current state (economic, political, social, or military). If DHS was able to learn from its mistakes, it would not continuously fail the cyber-security exercises. George W Bush is famous for his ill-advised "No child left behind" nonsense. How about "No federal agency left behind"? How about we design tests that the federal agencies MUST pass, and if they fail to pass said tests, we get rid of the management (withOUT benefits, bonuses, severance pay, etc)? It's an idea so crazy, it just might work. Either that, or do as Michael Moore suggested a couple of years ago -- since we're so keen on outsourcing, let's outsource the government. Same incompetence, same (lack of) protections for the citizens, but at a much-reduced cost.

0
0

RE: Lesson learned

I hear the Chinese are quite good at this cyber-security stuff, maybe we should let them have a go?

0
0
Silver badge

Cyberwar? Or VIPdDispute? Or Both and therefore Neither and thus AI Novel Quant Market Adjustment?

"Mars... Where have you been recently?" ..... By Paul Posted Monday 22nd December 2008 21:42 GMT

Paul,

If truth be told, recently forging vorpal blades for Human TerrAIn Use. They are badly/sadly needed to tame and train and thus virtually kill the savage sage and frumious beast. But surely everyone knows that.... for IT has never been made a Secret SteganographIQ Plan with a Perverse Barter of Thirty Pieces of Silver for the Derivative Futures Option of Executive Lease Lend Program Purchase.

And in some Lives is Everything for Sale, but not always can Everything be Bought Solely into Orders that Corrupt.

"Ah, I see. "Cyberwar" must be why Wall Street lost $7 trillion in value and why the feds tacked $700 billion onto the national debt just to shore up the banking industry. It HAD to be an act of cyberwar -- I mean, what else could possibly account for such astronomical financial losses?" .... By Rob Rosenberger Posted Monday 22nd December 2008 17:41 GMT

Rob,

That was probably maybe definitely just the first warning shot across the pirates' bows .... and only an Inaugural Danegeld Inducing Skirmish, to Whet the Appetite of Sublimely HEXPerienced Players and Introduce the Gaping Hole in Read Shield Defences.

0
0
Anonymous Coward

@Adam White

I suspect they are having a go as we speak. :)

0
0

And thus we are divided into two camps:

The ones who read that as "Booze Allen Hamilton consulting service" and the ones who read it as "Bozo Allen Hamilton consulting service"

0
0
Thumb Down

How hard can it be?

"Oh noes! teh hax0rz!"

"Where are the malicious signals that are cracking our webs coming from?"

"China"

"Okay, just flick that big red switch to break all of the official 'recieve' lines coming into the country"

"... done... hey, the attacks have stopped".

Or

"Oh noes! teh hax0rz!"

"blah blah signals blah blah"

"from THIS country"

"Okay, just flick these other switches to get rid of the internet connections to any compromised buildings and shut down the wireless networks."

"... done... hey, the attacks have stopped/are slower/aren't particularly dangerous/will take long enough that we can get an ICBM to the originator before they can get back in"

Or

"Oh noes! teh hax0rz!"

"Did you leave the admin login as 'Administrator / Password'?

"....maybe..."

*BANG*

0
0
Go

So, What's Your Point?

This was/is a surprise only to the govern-ment men...and women. The rest of us know the true situation but when we elect the drop-outs of society to public office, well, we get what we bought (and paid for) and really have no place complaining.

0
0

Spellchecker writing the article?

"Problems such as maintaining extended supply lines or knowing the terrain on which battles are fought really translate into the sphere of cybersecurity."

I think you meant to write "rarely", not "really".

0
0

This post has been deleted by its author

This topic is closed for new posts.