DK Matai's Photos

Crisis Simulation: Cyber Shockwave Reveals Unsettling Answers -- No one doubts that asymmetric threats to telecommunications and other crucial computer-run systems are real and growing. Dennis C Blair, the director of US National Intelligence, warned the Senate Intelligence Committee recently, "Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication." What happens when a cascading cyber threat strikes with domino effects? From the phone in the pocket to the military’s most sophisticated weapons system, cyber espionage and computer hacking represent an economic and national security threat to every citizen living in a digital society.

Earlier this week, The Bipartisan Policy Center, a non-profit group based in Washington, DC, co-created and hosted a rare Cyber ShockWave exercise, a simulated cyber attack on the US and the subsequent response by the National Security Council (NSC). To defend against this attack, a working group of high-ranking former White House, Cabinet, national security officials, and cybersecurity experts came together. Their mission: to advise the President as the nation grappled with this 'crisis' in the middle of a doomsday cyberattack scenario.

Scene: White House situation room with the National Security Council in session.

Event: Massive cyber attack that turns the cellphones and computers of tens of millions of Americans into weapons to shut down the Internet. A cascading series of events then knocks out power for most of the East Coast amid hurricanes and a heat wave. A major electronic trading system that supports business throughout the United States is “knocked offline” bringing the economy to a standstill.

Objective: The one-of-its-kind public cyber-war game was chiefly designed to underscore the potential defencelessness of the country's digital infrastructure to a crippling cyberattack. "We were trying to tee up specific issues that would be digestible so they would become the building blocks of a broader, more comprehensive cyber strategy," said Michael V Hayden, former CIA director and co-creator of the "Cyber ShockWave" simulation.

Mechanism: Through a common application used in smart phones, a malware program is set off crippling the entire telecom network and effectively slowing the Internet to a screeching halt. one free downloadable application turns smartphones into network-jamming bots -- thereby leading to the failure of US mobile-phone networks, and in due course spreading to the wired Internet. The March Madness app, which has been downloaded by unsuspecting college football fans, hides spyware that allows hackers to steal passwords, seize eMails and create chaos. The scenario sees 60 million mobile phones being rendered ineffective; along with the crash of the Internet, a virtual collapse of finance and commerce, and the breakdown of the country's electric grid.

Participator Reaction

Former senior officials from Republican and Democratic administrations participated in the war game. Participants and witnesses were all shocked by the amount of devastation that started from malware on smart phones. Could an attack like this cripple America? Participants in the event came to the conclusion that possibly yes, an event, such as the one simulated could happen. The participants in the simulation wrestled with major difficulties in prevention and reaction to a cyber attack. As each issue was met with serious discussion, time passed making the government more unable to communicate with its population.

Key Questions

The war game laid bare that the US government lacks answers to key questions:

. Is the assault on cellphones an armed attack?

Half an hour into an emergency meeting of a mock National Security Council, the attorney general declared: "We don't have the authority in this nation as a government to quarantine people's cellphones." The White House cyber coordinator was "shocked" and asserted: "If we don't have the authority, the attorney general ought to find it."

. In a crisis, what power does the government have to order phone and Internet carriers to allow monitoring of their networks? How to regulate the private sector?

Participants also wrangled over how far to go in regulating the private sector, which owns the vast majority of the "critical" infrastructure that is vulnerable to a cyber attack. Stewart Baker, a former assistant secretary at the Department of Homeland Security who played the "cyber coordinator" said that the private sector was not prepared to defend against a cyber act of war and that the government needed to play a role.

. What level of privacy can citizens expect?

Jamie S Gorelick, a deputy attorney general under President Bill Clinton, pressed the issue of individual privacy. In a crisis, she said, "Americans need to know that they should not expect to have their cellphone and other communications to be private -- not if the government is going to have to take aggressive action to tamp down the threat." She recommended that the Obama administration seek legislation for comprehensive authority to deal with a cyber emergency.

. Is this an act of war?

The situation had some White House officials arguing that the massive cyberattack should be declared an act of war by the US president, and the US military be mobilised into action. Former Clinton press secretary Joe Lockhart, who played a presidential adviser during the simulation, said it was immaterial whether the attack was an act of war; it had "the effect" of an act of war.

Simulation Details

During the war game, held over four hours at the Mandarin Oriental Hotel, three wide-screen monitors flashed maps of the United States showing network coverage and electric power ebbing. The breakdown was covered by a simulated news network, GNN. Senior administration officials watched the reporting of the unfolding crisis -- 40 million people without power in the eastern United States; more than 60 million cellphones out of service; Wall Street closed for a week; Capitol Hill leaders en route to the White House.

Crisis Visualisation

"People have trouble understanding warnings," said John McLaughlin, who served as acting CIA director in 2004 and who played the director of national intelligence. "It was only after September 11 that people could visualise what was possible. The usefulness of the simulation is it will help people visualise [the threat]."

Sponsors

Developed by Georgetown University and a number of companies, the worst-case scenario, would undoubtedly overwhelm the administration's proposed cyber defences. Sponsors, most of whom made financial donations that ranged up to USD 150,000, included General Dynamics Advanced Information Systems, PayPal, Symantec, SMobile Systems, Georgetown University and Southern Co. The Chertoff Group contributed guidance, not money. The Bipartisan Policy Center, sponsors and CNN contributed to production costs. The Bipartisan Policy Center, which focuses on issues such as health care, energy and cybersecurity, staged the war game to demonstrate to a complacent public the plausibility of an attack that could in many ways be as crippling as the 9/11 strikes in 2001. Organisers said they wanted to prod the US Congress and the Obama administration to act.

Conclusion

The results were hardly reassuring. They show that the asymmetric threats to the digital infrastructure are real and growing. The worst-case scenario would almost certainly overwhelm the US administration's proposed cyber defences. In a doomsday cyber attack scenario, answers are unsettling. "We're in uncharted territory here," was the most common phrase during the simulated crisis meeting of the National Security Council, the crux of the Cyber Shockwave exercise.

What was most troubling to the participants was their inability to find a guilty party. Attribution is a commonly discussed issue among cyber security officials in regard to attacks in cyberspace. At the end of the exercise, John Negroponte, a former US diplomat playing the role of Secretary of State, said, “attribution was one of the hardest issues to deal with.” In the mock event, the attack seemed to be based out of a server in Russia, however, the creator of the malware was from Sudan. For the entire event, the culprit remained unknown. John Negroponte said, “We have to engage with our allies on how to manage the cyber issue. I think we need to deal with it with non-allies as well. Maybe one possibility is to bring it before the Security Council.”

At the end of the event, one question lingered in the minds of participants and witnesses. Who could have the resources to launch a similar cyber attack? Criminal Networks, extremist organisations or other nations? “We don’t understand their capabilities,” said John McLaughlin, the former acting director of the CIA “We just don’t know the extent to which anyone could do something like this.” Negroponte concluded with the words, “We have to find a way of elevating the issue of Cyber Security and Cyber Attacks into our [diplomatic discussion].”

The event highlighted the need for the US government to change without a crisis. It seemed as though the President should take control, activate the National Guard, and strip many rights in order to create security during the emergency. Former Deputy Attorney General Jamie Gorelick pointed out many important legal issues including the limitation of presidential orders and their effect on the private sector. In the end, whilst no grand plan emerged, the Cyber ShockWave group did agree to advise the president to federalise the National Guard, even if state governors objected, and deploy the troops -- perhaps backed by the US military -- to guard power lines and prevent social unrest during such a cascading cyber crisis.

[ENDS]

We welcome your thoughts, observations and views. To reflect further on this, please respond within Twitter, Linked and Facebook's ATCA Open and related Socratic dialogue platform of HQR.

All the best

DK Matai

Chairman and Founder: mi2g.net, ATCA, The Philanthropia, HQR, @G140

To connect directly with:

. DK Matai: http://twitter.com/DKMatai

. Open HQR: http://twitter.com/OpenHQR

. ATCA Open: http://twitter.com/ATCAOpen

. @G140: http://twitter.com/G140

. mi2g: http://twitter.com/intunit

- ATCA, The Philanthropia, mi2g, HQR, @G140 --

This is an "ATCA Open, Philanthropia and HQR Socratic Dialogue."

The "ATCA Open" network on LinkedIn and Facebook is for professionals interested in ATCA's original global aims, working with ATCA step-by-step across the world, or developing tools supporting ATCA's objectives to build a better world.

The original ATCA -- Asymmetric Threats Contingency Alliance -- is a philanthropic expert initiative founded in 2001 to resolve complex global challenges through collective Socratic dialogue and joint executive action to build a wisdom based global economy. Adhering to the doctrine of non-violence, ATCA addresses asymmetric threats and social opportunities arising from climate chaos and the environment; radical poverty and microfinance; geo-politics and energy; organised crime & extremism; advanced technologies -- bio, info, nano, robo & AI; demographic skews and resource shortages; pandemics; financial systems and systemic risk; as well as transhumanism and ethics. Present membership of the original ATCA network is by invitation only and has over 5,000 distinguished members from over 120 countries: including 1,000 Parliamentarians; 1,500 Chairmen and CEOs of corporations; 1,000 Heads of NGOs; 750 Directors at Academic Centres of Excellence; 500 Inventors and Original thinkers; as well as 250 Editors-in-Chief of major media.

The Philanthropia, founded in 2005, brings together over 1,000 leading individual and private philanthropists, family offices, foundations, private banks, non-governmental organisations and specialist advisors to address complex global challenges such as countering climate chaos, reducing radical poverty and developing global leadership for the younger generation through the appliance of science and technology, leveraging acumen and finance, as well as encouraging collaboration with a strong commitment to ethics. Philanthropia emphasises multi-faith spiritual values: introspection, healthy living and ecology. Philanthropia Targets: Countering climate chaos and carbon neutrality; Eliminating radical poverty -- through micro-credit schemes, empowerment of women and more responsible capitalism; Leadership for the Younger Generation; and Corporate and social responsibility.

Reese Jones, Mari Geiger-Howiler, V Shankar Srinivasan and 10 others like this.
- Michael J. Trout
  ‎911 cause the enactment of legistlation that was just waiting to be put into motion to restrict civial liberties of Americans in such a terrorist event. Some have even suggested that 911 was an inside job in order to get the the legistlati...on in place. The same is true for a cyber attack of this scale... there is legislation sitting in some drawer for just an event and will be used to strip away our cyber freedoms that many senior officials think we shouldnt have. It important we have non governmental bodies in place to protect the Internet freedoms we have. Food for thought.See More
  February 17, 2010 at 6:44pm
- Martin Murphy
  It always feels like a knee jerk reaction. The Govt discovers a threat, strips more freedoms and build a business around the threat; funded by public money. In a former life I was a security consultant for the airlines, and know from exper...ience that the measures in placein airports are too much too late post 911. They do not stop terrorism, cost Billions which the public fund, it makes life less comfortable not safer. Always a complete waste of time & money, genrates more fear. The effective answers to these threats are usually counter intuitve....and more humanane and peaceful....See More
  February 17, 2010 at 11:43pm
- Yasmeen Baroness Von Schleinitz I was wondering for so many years! The Mumbai University does education for Cyber Criminality and this is a very good and deep scientific course! I did not see these type of course at other universities! It is amazing!
  February 18, 2010 at 1:03am
- Richard Gerber Some good points and great to bring to the awareness. However there is an issue because based on the direction they seem headed and their summary of the situation I can say we have a crew that doesn't fully understand the subject are talking about. We can also see what must be ulterior motives. There is not reason to limit cyber liberties or to encroach upon privacy.
  February 18, 2010 at 1:19am
- Richard Gerber
  Perhaps some are looking to spend or make $$$ and not at the simple solutions which involves mostly awareness. The simplest thing to do would to be to instruct people how to use strong passwords and not to click on anything that says "free"..., for starters. We could teach people how to see through deception and gimmicks and how to keep their computer up to date etc. I don't think we would ever see anything much more than general confusion, periodic disruption, and inconvenience. I did put together the design for a system called the Phaser IT Defense system.See More
  February 18, 2010 at 1:44am
- Richard Gerber The biggest threat to security besides a lack of awareness is a lack of maintenance, monitoring, and servicing of systems due to heavy cost cutting as a result of the lack of currency. So if they were on the ball this would be one of the first items to be addressed.
  February 18, 2010 at 1:50am
- Michael J. Trout I agree Richard.... there a guy that talked about the whole cyber issue at SingularityU not too long ago that asked some high ranking gov official if such legislation existed... he said it did. and now they are running cyber games... just makes me wonder.
  February 18, 2010 at 3:13am
- James Birthrong
  
  The Illuminati has the resources to knock out the net, which, by the way, is a great threat to them because this is where the people are talking to each other all over the world and sharing information and waking up to their elitist BS. TH...EY are the ones who will try to implement a cyber attack if you ask me. THEY are the ones who have no concerns for the general population at large. THEY are the ones who killed JFK for speaking out against their secret societies. THEY are the ones behind every major gov. in the world. They are the ones behind 9/11. They are the ones in control of the World Bank and the economics of the world. THEY are the ones behind HAARP. THEY are the ones who wage all the wars ( for business) going on in the world. They are the ones who advocate for the NWO. They are the ones making secret deals to save their own asses with ET. They are Dems, Repugs, Commies, Royals and have no scruples what so ever. Why don't I see THEM discussed on an informed, intellectual forum like this one? THAT is my question. And it is not a rhetorical question. THX ♥ See More
  February 18, 2010 at 8:06am
- Michael J. Trout because we are members of it
  February 18, 2010 at 2:35pm
- James Birthrong Ah! So! (;oD
  February 18, 2010 at 3:12pm
- Mari Geiger-Howiler Thank you for sharing insights amazing ppls~* Brilliant pics & sacred geometry
  February 18, 2010 at 11:01pm
- Richard Gerber I actually detected, hunted and killed one and wrote about them Oct 22 2004 way ahead as usual http://iamblogging.net/archives/2004/10/the_mysterious.html
  February 18, 2010 at 11:15pm

Album:DK Matai's Photos

Shared with:Custom

Download Report This Photo

Email	Password

Keep me logged in	Forgot your password?