CYBER STORM III

[birther truther tenther]

CSC Participates in Department of Homeland Security Cyber Storm III Exercise
National-Level Cybersecurity Exercise Allows CSC to Demonstrate Preparedness in Responding to Potential Threats, Underscore Commitment to Government Cooperation


Please read the entire article here:
http://www.marketwatch.com/story/csc-participates-in-department-of-homeland-security-cyber-storm-iii-exercise-2010-09-30?reflink=MW_news_stmp

CSC today announced its participation in the Department of Homeland Security (DHS) as a full player during Cyber Storm III, the department's biennial event representing the U.S.'s most extensive cybersecurity exercise. The exercise is taking place September 28-30, 2010.

The goal of Cyber Storm is to strengthen cybersecurity preparedness and response capabilities by exercising policies, processes and procedures for identifying and responding to a cyber attack on the U.S.'s critical infrastructure. CSC's participation is allowing the company to further test its abilities to react appropriately and respond efficiently to potential cyber incidents of varying degrees both for its customers and own internal systems.

"CSC has participated in all three of the DHS Cyber Storm exercises, and we are honored to be an active participant and full player as part of the private industry during Cyber Storm III," said Andy Purdy, CSC's chief cybersecurity strategist, who was head of the DHS National Cyber Security Division led Cyber Storm I. "The cyber landscape is dynamic and cybersecurity is a global concern. The efforts put into this exercise and the lessons we will learn from it will continue the process of strengthening the capability of the United States to prepare for and respond to significant cyber attacks and incidents. CSC's participation internally on a global level also enables us to continue refining our cybersecurity capabilities to the absolute highest levels. It is critically important that the after-action recommendations from Cyber Storm III be resourced and implemented as quickly as possible."

CSC is one of the few companies to provide full lifecycle cybersecurity solutions and services to both public and private sector clients globally. Through its foundation of global network security operations centers, CSC protects some of the world's most sensitive information, systems and networks against emerging cyber threats. CSC's cybersecurity capabilities include privacy and cybersecurity consulting, strikeforce, compliance, system design, and integration and forensics training. For more information on its comprehensive cybersecurity solutions, go to

 http://www.csc.com/cybersecurity
 

http://www.csc.com/about_us


READ CSC's Cybersecurity brochure here:
http://assets1.csc.com/public_sector/downloads/CSC_CyberSecurity_Brochure_rd4.pdf


Retrieved from:
http://www.dhs.gov/xlibrary/assets/cyber-storm-3-media-fact-sheet.pdf

FULL TEXT:

FACT SHEET: Cyber Storm III

Background
The U.S. Department of Homeland Security’s (DHS) Cyber Storm exercise series is part of the Department’s ongoing efforts to assess and strengthen cyber preparedness; examine incident response processes in response to ever-evolving threats, and enhance information sharing among federal, state, international and private sector partners.
The Cyber Storm series simulates large-scale cyber events and attacks on the government and the nation’s critical infrastructure and key resources (CIKR)—so that collective cyber preparedness and response capabilities can be measured against realistic and credible national-level events. DHS’s National Cybersecurity Division (NCSD) is sponsoring the latest installment of the series—Cyber Storm III, which will include thousands of players across government and industry and more than 1,500 injects of data to keep participants on their toes.
Cyber Storm III Scenario
The Cyber Storm III exercise scenario reflects the increased sophistication of our adversaries, who have moved beyond more familiar Web page defacements and Denial of Service (DOS) attacks in favor of advanced, targeted attacks that use the Internet’s fundamental elements against itself—with the goal of compromising trusted transactions and relationships.
The scenario will incorporate known, credible technical capabilities of adversaries and the exploitation of real cyber infrastructure vulnerabilities, resulting in a range of potential consequences—including loss of life and the crippling of critical government and private sector functions.
Throughout the exercise, the goal of exercise players will be to identify, in real time, the ongoing attack and mitigate the compromises and vulnerabilities that allowed it to occur, as well as possible consequences to compromised systems. At its core, the exercise is about resiliency—testing the nation’s ability to cope with the loss or damage to basic aspects of modern life.
What’s New?
Cyber Storm III builds upon the success of previous exercises; however, enhancements in the nation’s cybersecurity capabilities, an ever-evolving cyber threat landscape and the increased emphasis and extent of public-private collaboration and cooperation, make Cyber Storm III unique.
 National Cyber Incident Response Plan
Cyber Storm III is the primary vehicle to exercise the newly-developed National Cyber Incident
Response Plan (NCIRP)—a blueprint for cybersecurity incident response—to examine the roles,
responsibilities, authorities, and other key elements of the nation’s cyber incident response and
management capabilities and use those findings to refine the plan.
 Increased Federal, State, International and Private Sector Participation
o Administration-Wide—Seven Cabinet-level departments including Commerce, Defense, Energy, Homeland Security, Justice, Transportation and Treasury, in addition to the White House and representatives from the intelligence and law enforcement communities.
o Eleven States—California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina, New York, Pennsylvania, Texas, Washington, as well as the Multi-State Information Sharing and Analysis Center (ISAC)—compared to nine states in Cyber Storm II.

o 12 International Partners—Australia, Canada, France, Germany, Hungary, Japan, Italy, the Netherlands, New Zealand, Sweden, Switzerland, the United Kingdom—compared to four international partners in Cyber Storm II.
o 50 Percent More Private Sector Partners—We will have 60 private sector companies playing in Cyber Storm III, up from 40 in Cyber Storm II; several will participate on-site with DHS for the first time. DHS worked with representatives from the Banking and Finance, Chemical, Communications, Dams, Defense Industrial Base, Information Technology, Nuclear, Transportation, and Water Sectors as well as the corresponding Sector Coordinating Councils and ISACs to identify private sector participants.
 National Cybersecurity and Communications Integration Center Cyber Storm III will be the first opportunity to test the new National Cybersecurity and Communications Integration Center (NCCIC)—which serves as the hub of national cybersecurity coordination and was inaugurated in October of 2009.

[birther truther tenther]

Analysts at the National Cybersecurity and Communications Integration Centre (NCCIC) in Arlington, Virginia, preparing for Cyber Storm III, America’s first test of a blueprint for responding to an enemy cyber blitz targeting vital sectors.


This article by The Hindu is really comprehensive in covering both Stuxnet AND CYBERSTORM III

Cyber attack, the new form of warfare

http://www.thehindu.com/opinion/op-ed/article811322.ece

[birther truther tenther]

This was a link on Drudge Report Today:
WIRE: Feds Step Up Defense Against Digital Attacks...

It was a CNBC article:
Cyber Wars: US Is Stepping Up Defense Against Digital Attacks
http://www.cnbc.com/id/39518423


A brief excerpt of this article:

The idea of letting the Defense Department wall off certain private-sector networks is highly tricky for policymakers, industry and Pentagon planners. Among the issues: what to protect, who should be in charge, how to respond to any attack and whether the advent of a military gateway could hurt U.S. business's dealings overseas, for instance for fear of Pentagon snooping.

In addition, the 1878 Posse Comitatus Act generally bars federal military personnel from acting in a law-enforcement capacity within the United States, except where expressly authorized by the Congress.

Alexander says the White House is considering whether to ask Congress for new authorities as part of a revised team approach to cyber threats that would also involve the FBI, the Department of Homeland Security and the Defense Department.

There are persistent signs of strains between Cyber Command and the Homeland Security Department over how to enhance the U.S. cybersecurity posture.

"To achieve this, we have to depart from the romantic notion of cyberspace as the Wild Wild West," Homeland Deputy Secretary Jane Lute told the annual Black Hat computer hackers' conference in Las Vegas in July. "Or the scary notion of cyberspace as a combat zone. The goal here is not control, it's confidence."

Alexander made a reference to tensions during certain meetings ahead of Cyber Storm III, a three-day exercise mounted by U.S. Homeland Security last week with 12 other countries plus thousands of participants across government and industry. It simulated a major cyber attack on critical infrastructure.

"Defense Department issues versus Homeland Security issues," he told the House of Representatives Armed Services Committee on Sept. 23.

"And that's probably where you'll see more friction. So how much of each do you play? How radical do you make the exercise?" President Barack Obama's cybersecurity coordinator, Howard Schmidt, is working with Congress and within the administration to develop policies and programs to improve U.S. cybersecurity, says a White House spokesman, Nicholas Shapiro. Obama, proclaiming October National Cybersecurity Awareness Month, said protecting digital infrastructure is a "national security priority."