U.S. cyberattack drill exposes unsettling vulnerabilities

Published 18 February 2010

Experts, including current and former officials, conduct a cyberattack-on-the-U.S. drill; the results show that the peril is real and growing; no grand plan emerged, but the group did agree to advise the president to federalize the National Guard, even if governors objected, and deploy the troops — perhaps backed by the U.S. military — to guard power lines and prevent unrest

The crisis began when college basketball fans downloaded a free March Madness application to their smart phones. The app hid spyware that stole passwords, intercepted e-mails, and created havoc. Soon sixty million cellphones were dead. The Internet crashed, finance and commerce collapsed, and most of the nation’s electric grid went dark. White House aides discussed putting the Army in American cities.

Los Angeles Times’s Bob Drogin writes that this, spiced up with bombs and hurricanes, formed the doomsday scenario when ten former White House advisors and other top officials joined forces Tuesday in a rare public cyber war game designed to highlight the potential vulnerability of the nation’s digital infrastructure to crippling attack (12 February 2010 HSNW).

The results were hardly reassuring. “We’re in uncharted territory here,” was the most common refrain during a three-hour simulated crisis meeting of the National Security Council, the crux of the Cyber Shockwave exercise.

Joe Lockhart, former press secretary to President Clinton, urged his fellow panelists to be bold. “Trust me,” he said, “you will be judged on this when this is over, and for years to come.”

The panelists apparently took him to heart and, as the scenario unfolded, tossed out ways to maintain order — including nationalizing industries, rationing fuel, and snatching suspects overseas.

Drogin notes that the public rarely gets a peek at government war games. If Tuesday’s drill at times resembled a sci-fi thriller, no one doubts that the peril to telecommunications and other crucial computer-run systems is real and growing.

Dennis C. Blair, the director of national intelligence, this month warned the Senate Intelligence Committee, “Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication” (4 February 2010 HSNW).

Attacks on government networks are ubiquitous. According to a 2008 report by the nonprofit Center for Strategic and International Studies, NASA and the departments of Defense, Homeland Security and Commerce “all suffered major intrusions by unknown foreign entities” the previous year. “The unclassified e-mail of the secretary of defense was hacked, and [Defense Department] officials told us that the department’s computers are probed hundreds of thousands of times each day,” the report said.

President Obama has pledged to secure the nation’s vital computer networks and created a White House office to coordinate cyber security. In December, DHS released a draft plan to designate roles and responses to potential attacks or mischief.

The worst-case scenario presented in a Washington hotel ballroom Tuesday, however, would almost certainly