Department of Homeland Security Secretary Janet Napolitano yesterday announced the launch of Cyber Storm III—a three-day long, DHS-sponsored drill that aims to examine the nation’s response capabilities in the event of a cyber attack.
“Securing America’s cyber infrastructure requires close coordination with our federal, state, international and private-sector partners,” Napolitano said. “Exercises like Cyber Storm III allow us build upon the significant progress we’ve made in responding to evolving cyber threats.”
Cyber Storm III is an exercise scenario that mimics a large-scale cyber attack on critical infrastructure across the nation. The goal of the exercise is to analyze and promote collective cyber preparedness and response capabilities, engaging thousands of participants across private and public sectors. The exercise scenario reflects the increased sophistication of U.S. adversaries, who have progressed from defacements and Denial of Service attacks to more advanced, targeted attacks.
As with the previous exercised held in 2006 and 2008, the scenario will incorporate known, credible technical capabilities of attackers and the exploitation of real cyber-infrastructure vulnerabilities, resulting in various potential consequences, including fatalities and the paralyzing of critical government and private-sector functions.
Among Cyber Storm III participants are seven cabinet-level departments, as well as the White House and representatives from the intelligence and law-enforcement communities. Eleven states will also partake, alongside several foreign nations such as Australia, Japan and United Kingdom. Additionally, 60 companies from industry, including finance, IT and nuclear, will team up to be part of the drill. Compared to the previous drill in 2008, the number of private-sector companies participating has increased by 20, and several firms will participate onsite with DHS for the first time.