The U.S. Department of Homeland Security is planning a massive test in March of 2008 to determine how the nation will respond to a major cyber-attack.
The test, called Cyber Storm 2, is the second of its kind, following a week-long simulation in 2006 that involved 115 private international and domestic companies and organizations. Last years scenario simulated a combined physical and Internet-based attack on both the public and private sector.
Greg Garcia, assistant secretary for cyber-security and telecommunications at the DHS, stressed on Feb. 8 at the RSA Conference in San Francisco that the government and businesses need to exercise, drill and remain vigilant.
“Last year we completed Cyber Storm 1, and Cyber Storm 2 is coming up and will help us assess how much we have improved our planning and response to major attacks. This type of work will truly strengthen us all, and were quite serious about the effort,” Garcia said.
Symantec is one of the corporations participating in the upcoming exercise, said Tiffany Jones, senior regional manager for government relations for Symantec, based in Cupertino, Calif. “At the end of the day, the object here is to make sure when something really does happen we are prepared,” she said.
Jones added that the recent attack on the root servers that manage the Internet underscored the importance of redundancy, and of communication and cooperation between businesses and the government.
Cyber Storm 1 uncovered communication problems between public and private sector organizations in the event of attacks on IT infrastructure. While the test does not focus on problems associated with specific technologies, it does attempt to ensure that government and businesses are on the same page in the event of an emergency, Jones said.
“Its important to look at the mission of the office of Cyber Security and Telecommunications within the context of the overall Department of Homeland Security mission and how it all aligns,” Garcia said. “The combined goal will be to continue to protect our nation from dangerous people, including malicious activities such as malware, coming from other countries… as well as from dangerous goods, including exploit tools, or denial of service attacks that can emanate from anywhere in world.”
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.