CNN Cyber ShockWave

| Monday, February 22nd, 2010 | No Comments »

Anyone happen to catch CNN’s simulated massive cyber attack on the U.S government? It was an interesting simulation with a fictional news agency called GNN. The Bipartisan Policy Center created this simulation (hosted by CNN) to gain insight on how our government would react to a massive cyber attack that would disrupt all sorts of services.

First, let’s list the players….err…actors….involved:

  • National Security Advisor (Michael Chertoff)
  • Counselor to the President (Joe Lockhart)
  • Secretary of Defense (Charles Wald)
  • Secretary of Treasury (Stephen Friedman)
  • Director, National Intelligence (John McLaughlin)
  • Secretary of Homeland Security(Fran Townsend)
  • Secretary of State (John Negroponte)
  • Cyber Coordinator (Stewart Baker)
  • Attorney General (Jamie Gorelick)
  • Secretary of Energy (J. Bennett Johnston)

Here’s a quick overview:

Panel created by the Bipartisan Policy Center

Panel created by the Bipartisan Policy Center

March Madness

The group was made up of former high ranking White House, Cabinet and national security officials. The simulation starts off quickly by announcing  that over 5 million smart phone users have downloaded an application called “March Madness” (which turns out to be malware) that has gone viral and has disrupted phone service as well as the capability for identity and financial fraud. The group proceeds to cover what policies are in place to regain control of  the situation, while trying to figure out where the attack came from.

With a one hour deadline, they must be able to assess the critical nature of the situation as well as coming to a consensus on how to advise the President who will be speaking to the American people. They must be able to provide the President a “guestimate” of who caused the attack, options he can take, and most importantly, the appropriate message he can send to the American people.

As each high ranking official discusses what information they have, and what they can or cannot do, they receive word that the issue is no longer contained within the U.S. but has spread to foreign countries. Not only will the citizens of the U.S. want a solution now, but so will affected countries and their citizens. The panel is careful to not blame any single nation for this attack, and are aware enough that this kind of new age attack can source from one nation without that nation having any involvement.

You’ll notice that right off the bat, none of the high ranking officials and their departments have a clue as to who, what and why has caused this. You’ll see the baton being passed around, in hopes someone can give a decent clue.

As the panel proceeds to give their 2 cents on the situation, they receive new word that the attack was sourced from Russia. The question now is, is this a state ordered attack or an attack from some guys basement?

Attorney General Gorelick begins to provide historical references of former Presidents ignoring the law, suspending habeas corpus, options that weren’t legal back then and not legal today but were done for the sake of the country and to regain control. Once again though, they were careful to not blame Russia directly. The attack could have been sourced from Russia, but it could have been developed by another nation or person, and is using Russia’s servers as a launching pad.

Cyber Coordinator Baker questions if we can quarantine these phones in which Attorney General Gorelick then explains to him that there is no current authority to do such a thing. He seems completely shocked that there is no such policy as he compares the current situation to a man with small pox walking into stadium full of people.

The attention then turns to the military. What can the military do in this situation and are they affected?

Secretary of Defense Wald is confident that government facilities at the current time are safe and secure. Will the U.S. get cooperation from Russia and how will we react if they don’t? Once again, the panel is careful to engage in any acts that can possibly be used against them in the future. One option is to remotely shutdown the server causing the issue in which Secretary of Defense Wald was pretty confident that it could be done. This act caused a little concern in that if they moved forward, other countries can then reciprocate the same technique back on the U.S. if an attack came from U.S. soil. And will shutting down a remote server be considered an act of war?

Sudan

As the panel continues discussing how to go about this crisis, Director, National Intelligence McLaughlin announces that he’s received some data that points to the possibility of the perpetrator residing in Sudan,

Director, National Intelligence John McLaughlin

Director, National Intelligence John McLaughlin

while reminding the panel that the U.S. does not have any extradition treaties to allow them to obtain this individual legally. Attorney General Gorelick explains that the U.S. does have authorities to do renditions which is one option. Another possible option is to work with the Sudan government as they have been looking for ways to build a relationship with the U.S., and this could be a way to take advantage of that.

IEDs and the Power Grid

GNN now reports that major metropolitan areas in the East coast are experiencing power outages. Reports of explosives also seem to be the culprit for some outages in Tennessee and Mississippi. The attack seems related to the cyber attack, although not yet confirmed.

Concerns now on hospitals, emergency services not receiving the power that they need in order to support the elderly or critical individuals. Food services as well is a concern once food begins to spoil and people could soon be without food. Talks of nationalizing the National Guards begin go materialize in order to protect and maintain law and order. With no Internet, a means of communication, power and now possibly spoiling food, Counselor to the President Joe Lockhart is concerned that the people will lose confidence with the government and most importantly, the President. He believes that it’s critically important to go out there and speak to the people with whatever data he has, that waiting too long could wreak havoc. He also points out that this crisis is uniquely different from past crisis in which in the past, governments were able to control the way in which the news was presented. That they were able to share data that was in their best interest. This crisis is reversed, the public is affected and the government is what’s left running. They can still function as an entity.

With power being depleted, their concern now is making sure that the government itself has power. Thus, legal questions regarding the nationalizing of power companies is the next discussion on the table.

Once again Attorney General Gorelick explains that there is no such provision to allow such a power (no pun intended) grab. Secretary of Energy Johnston makes an important point to the panel that America’s electrical infrastructure cannot be nationalized and controlled from Washington. With over 3000 power companies, they all have their own methods of generating power and distribution.

Mr. President, Smile for the Cameras!

National Security Advisor Michael Chertoff

National Security Advisor Michael Chertoff

At this point in the simulation, National Security Advisor Chertoff wants a summary from the panel as to what their approach will be to the President.

  • Secretary of Treasury (Stephen Friedman) – Mobilize the National Guard to protect federal properties, energy companies and other areas that they deem at risk. Try to get Congress on board and have President be candid with the American people.
  • Cyber Coordinator (Stewart Baker) – The risk is not doing enough. People will criticize us either way. The map of infected areas make the U.S. government look weak and powerless.
  • Secretary of Homeland Security (Fran Townsend) – Better to ask for forgiveness than permission. The crisis is too dear, need to act.
  • Attorney General (Jamie Gorelick) – Current laws aren’t designed for this massive crisis. Relationship with private sector is important. Make sure we have good reason, and not just a knee-jerk reaction.
  • Secretary of Defense (Charles Wald) – President should call Congress to improve Cyber Command immediately. Allow cyber command to take lead, create new policies and rules of engagement. The world is different.
  • Counselor to the President (Joe Lockhart) – President needs to be clear. This is a national crisis and there’s no clear answer right now, but he must be candid. Cyber terrorism is currently taking over counter-terrorism.
  • National Security Advisor (Michael Chertoff) – My summary is that this is a dynamic problem. Not a black and white issue that can be resolve immediately. This is going to be an issue we’re all going to deal with for the foreseeable future. There is frustration with traditional laws that are just not up to date with the new internet borderless world. The public must absolutely be clear on the President’s objectives.

My Take

I applaud CNN and the Bipartisan Policy Center (BPC) for hosting this one hour simulation, even though it was a little bit hard to follow. The first half I believe was what everyone was tuning in for, cyber warfare. Who, what, why, and how to respond.  They asked good questions regarding the boundaries of our laws and what technologies we currently have to respond.

I question some of the abilities such as remotely shutting down servers, especially in a foreign land unless shutting down the server meant a DOS (denial of service) attack. And what if those servers are not Microsoft Windows platform but of Unix flavor? Oooops!? Don’t get me wrong though, I don’t claim to know about all the flaws of every OS out there, you never know what the U.S. government has up their sleeves. I’ve just never seen anyone be able to shutdown a server remotely without the cooperation of that particular server. What if the servers are behind a firewall, which I’m sure they would be. How do you mount an Internet attack when your own Internet is flooded?

The simulation then turns to power issues based on reports of explosions at many power companies. Ok, this is most definitely a possibility. But now we’re no longer dealing with a cyber attack, but local terrorism. In fact, from this point on, this simulation is no longer about cyber warfare. This is where they started losing me. I’ve seen more than my fair share of Jack Bauer and 24. I wanted to see one hour’s worth of Internet related issues and how the gov’t would respond. I guess I was looking for technical analysis and perhaps some cool behind the scenes techniques, but I should have known I wasn’t going to get that from a room full of retired people.

The panel seemed overwhelmed whether it was just not enough data, or our laws were too outdated to deal with the situation. But I think it’s a little unfair to expect them to have all the answers in such a crisis, especially in one hour.

It kinda reminded me of a football game where one team just completely outplays another team. The offense has all the right plays and scores at will, their defense stops the opposing team on every down. The other team is just simply outcoached! To add insult to injury, the losing team’s coach is concerned about what plays to make because he’s concerned about public perception.

We never come away with any solution to the problem. We’re left knowing that these kinds of attacks are here to stay for quite some time and that the public just needs to deal with it. We’re already dealing with malwares and viruses on a daily basis with our own PC’s, so really, what’s new?

I have no doubt that there are cyber warfares going on right now, and for the foreseeable future. But this simulation shouldn’t have shown us that they were overwhelmed, it should have shown that we were prepared in some form. That we’ve been at war for much longer than the public has been aware of. It’s 2010, I would have hoped that our government would have been MUCH more prepared than this!

So the ball is now in their court, they’ve shown that they were indeed overwhelmed. Will new policies, procedures, technology be put in place before we actually incur a massive attack? Or was this just a dog and pony show?

I guess we’ll find out one day when someone wants us to download an app called, “March Madness”.

http://www.brandontek.com/wp-admin/post-new.php
Share