‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services
In a drill this week that drew some 2,000 participants, the Department of Homeland Security tested the ability of companies in the health care, manufacturing and other key sectors to withstand hypothetical hacking campaigns that compromise the trust users place in key internet services. The seventh iteration of Cyber Storm, as the biannual exercise is called, focused on what could go wrong when some of the pillars of the internet are corrupted. It is the subtle manipulation of these IT services that advanced hacking campaigns often exploit in the real world. The simulation featured compromised certificate authorities, which deem software trustworthy, attacks on the Border Gateway Protocol, the internet’s basic routing mechanism, and the subversion of domain name system (DNS) records, which help send a user to a website that is not malicious. “Many organizations do not have a full understanding of their reliance on third-party services,” said Brian Harrell, assistant […]
The post ‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services appeared first on CyberScoop.