International computer hacking exercise creates a cyber storm

Michael Crawford (Computerworld)
03 February, 2006 08:05
Comments

In preparation for dealing with a cyber terrorist attack Australia is set to engage in an international computer hacking exercise that has been dubbed little more than a vendor meet and greet.

Officially codenamed Cyber Storm, the exercise is being coordinated by the US Department of Homeland Security and involves Australia's intelligence agencies, Department of Defence and federal police, AusCert and the Attorney General's critical infrastructure protection branch.

While the goal is to prepare and test contingency plans in the event of an attack on critical infrastructure, users have told Computerworld the exercises will be dominated by vendors protecting their gear against known vulnerabilities.

According to sources, who requested anonymity, vendors involved are those with large government contracts and it is a provider's technology that will determine the type of hacking exercises undertaken.

While it is a good idea for the private and public sector to work together, said Bill Hutchinson, IBM Professor of Computer and Information Security at Edith Cowan University, vendor involvement will shape the exercises and that is the real problem.

"It will be full of companies and government departments and the limitation of such an exercise would be that it would be close-minded," Hutchinson said.

"Product and government people have to have a world view, but in an integrated situation you need creative input - say for instance if a hardware person was trained by one particular vendor then they will only know how one product works: they have had a system of training that is rigid and fixed, but you need someone creative to cope with savage exploits, or else they will only use products they know how to fix.

"To me, if they were trying to test accurate security responses then they would not get people in the establishment to attack themselves. It is a bit like saying our system is secure, because we have tested it."

A similar exercise, also dubbed Cyber Storm and run by the US Department of Homeland Security was held in the US last November.

The vendors involved were Cisco, Computer Associates, CSC, Microsoft, Symantec and Verisign.

Hutchison said the assumption is that the same vendors will be involved in the Australian exercise.

"While I support the exercise my concern is that they are not bringing in outsiders to criticize them; most of the hackers are outside the establishment anyway," he said.

A spokesperson for the Attorney General's office described Australia's involvement in Cyber Storm as a table-top exercise.

"The critical infrastructure protection branch is coordinating a table-top exercise in order to test responses to a major cyber incident," a spokesperson said.

"The scenario is expected to involve hackers disrupting transport and communications systems."