European banks teamed up with information security agencies and governments to run a DDoS cyber-attack preparedness exercise today. Cyber Europe 2012, a simulated cyber security attack involving 300 cyber security professionals, is being co-ordinated by European Union security agency ENISA. It's the second exercise of its type …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 4th October 2012 15:20 GMT Magister

This is not a drill!

A drill goes;

blackanddeckerblackanddeckerblackanddeckerblackanddeckerblackanddeckerblackanddecker

2 0
1. Thursday 4th October 2012 15:27 GMT Alister
  
  Re: This is not a drill!
  
  Mine's a hammer drill, it goes:
  
  boschboschboschboschboschboschboschboschboschboschboschboschboschboschboschboschbosch
  
  3 0
2. Thursday 4th October 2012 20:10 GMT Euripides Pants
  
  Re: This is not a drill!
  
  Or...
  
  makitamakitamakitamakitamakitamakitamakitamakitamakitamakitamakitamakitamakitamakitamakitamakita
  
  0 0
Thursday 4th October 2012 15:49 GMT nuked

Surely...

...they don't have to simulate these threats.

0 0
1. Thursday 4th October 2012 22:28 GMT Ole Juul
  
  Re: Surely...
  
  These simulations are necessary in order for someone to get the credit for coming up with the idea.
  
  The tests are flawed, the best DoS attack is going to involve someone inside helping, or as the first two posters point out, power tools in the data center.
  
  I don't think they want to get too realistic in case they uncover any weaknesses. That would cause too much trouble and possibly endanger the the job security of the person who came up with the idea.
  
  0 0
Thursday 4th October 2012 15:58 GMT Gordon Pryra

@ Surely

The tests are flawed, the best DoS attack is going to involve someone inside helping, or as the first two posters point out, power tools in the data center.

People sitting in darkened rooms with green screens shouting stuff in Easten European accents just arnt going to do much to a banks systems

0 0
Thursday 4th October 2012 16:11 GMT Anonymous Coward

DDOS runs on Desktop PCs

> European banks teamed up with information security agencies and governments to run a DDoS cyber-attack preparedness exercise today.

DDOS attacks wouldn't be possible without that vast array of compromised Windows Desktop machines out there ..

1 0
1. Thursday 4th October 2012 18:34 GMT Crazy Operations Guy
  
  Re: DDOS runs on Desktop PCs
  
  You can generate a lot of DDoS traffic from weakly-protected hosted websites: find a website with ftp enabled and a weak password (There are millions of these things), upload a simple PHP-based traffic generator and now you have a node to launch a DDoS attack that is always running, has a huge amount of bandwidth and no one will notice (if you don;t bother the OS, the host won't give a crap and if you leave the site up and running, the owner won't notice either).
  
  Any OS can be used in a DDoS attack, the only way to stop DDoS attacks is to not have an internet...
  
  0 0
Thursday 4th October 2012 17:14 GMT Chris Miller

Cyberwarfare

Using DDoS for purposes of cyberwarfare is like an invading army landing on your beaches, storming into your towns, and then pushing in to the front of the queue at the Post Office.

© Bruce Schneier

0 0
Friday 5th October 2012 07:48 GMT FuzzNChips

"The exercise is designed so that it avoids affect real networks, systems or services."

Or: We are going to the shooting range to try our guns, but won't use powder to avoid any danger. Surely the could have come with some more realistic scenarios than "simulated DDoS".

0 0
Friday 5th October 2012 09:21 GMT Anonymous Coward

How do you get to join these exercises?

None of the people I know in Banking/Financial IT (admittedly not an extensive list of contacts) know of this other than from reading the article. If its the usual suspects taking part, the banks that in non IT terms have managed to stuff significant portions of the economy, or their customer base (both retail and commercial) or both then in the event of some major cyber-strike, they're the very people I would not want to have to rely on to help us out of a crisis.

Whilst I can see that it's probably impractical, we need the equivalent of a national "air raid drill" to really be confident. It might be the most insignificant small link in the chain that actually causes a catastrophe.

0 0