Category Archives: Cyber Storm

‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services

Posted on by

In a drill this week that drew some 2,000 participants, the Department of Homeland Security tested the ability of companies in the health care, manufacturing and other key sectors to withstand hypothetical hacking campaigns that compromise the trust users place in key internet services. The seventh iteration of Cyber Storm, as the biannual exercise is called, focused on what could go wrong when some of the pillars of the internet are corrupted. It is the subtle manipulation of these IT services that advanced hacking campaigns often exploit in the real world. The simulation featured compromised certificate authorities, which deem software trustworthy, attacks on the Border Gateway Protocol, the internet’s basic routing mechanism, and the subversion of domain name system (DNS) records, which help send a user to a website that is not malicious. “Many organizations do not have a full understanding of their reliance on third-party services,” said Brian Harrell, assistant […]

The post ‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services appeared first on CyberScoop.

Continue reading ‘Cyber Storm’ drill for critical infrastructure focuses on corruption of key IT services

Cyber Storm 2020 could be DHS’s most rigorous drill for critical infrastructure yet

Posted on by

Every two years, the Department of Homeland Security hosts a large-scale exercise to test critical infrastructure companies’  ability to respond to a disruptive, hypothetical cyberattack. With more threat data to draw on than ever, DHS officials hope next spring’s Cyber Storm exercise will be the most rigorous test of participants’ response plans to date, driving home the interdependence of critical infrastructure sectors in new ways. Cyber Storm 2020 will focus more on collaborating with state and local officials to recover from an incident than previous drills, according to Brian Harrell, assistant director for infrastructure security at DHS’s Cybersecurity and Infrastructure Security Agency (CISA). In another twist, planners are looking to incorporate insider threats into the scenario, he said. Participants, which are expected to include representatives of the energy, financial and communications sectors, cyberthreat information-sharing organizations, and other federal agencies, will have to “bring a [hypothetical] cyber incident to resolution as quickly as possible… [to] restore some of these key services as quickly as […]

The post Cyber Storm 2020 could be DHS’s most rigorous drill for critical infrastructure yet appeared first on CyberScoop.

Continue reading Cyber Storm 2020 could be DHS’s most rigorous drill for critical infrastructure yet