The misinformation game: U.S. not ready for cyber attack

[The Overlord]

http://news.yahoo.com/s/nm/20081219/us_nm/us_security_usa_cyber

WASHINGTON (Reuters) – The United States is unprepared for a major hostile attack against vital computer networks, government and industry officials said on Thursday after participating in a two-day "cyberwar" simulation.

The game involved 230 representatives of government defense and security agencies, private companies and civil groups. It revealed flaws in leadership, planning, communications and other issues, participants said.

The exercise comes almost a year after President George W. Bush launched a cybersecurity initiative which officials said has helped shore up U.S. computer defenses but still falls short.

"There isn't a response or a game plan," said senior vice president Mark Gerencser of the Booz Allen Hamilton consulting service, which ran the simulation. "There isn't really anybody in charge," he told reporters afterward.

Democratic U.S. Rep. James Langevin of Rhode Island, who chairs the homeland security subcommittee on cybersecurity, said: "We're way behind where we need to be now."

Dire consequences of a successful attack could include failure of banking or national electrical systems, he said.

"This is equivalent in my mind to before September 11 ... we were awakened to the threat on the morning after September 11."

Officials cited attacks by Russia sympathizers on Estonia and Georgia as examples of modern cyberwarfare, and said U.S. businesses and government offices have faced intrusions and attacks.

Billions of dollars must be spent by both government and industry to improve security, said U.S. Rep. Dutch Ruppersberger of Maryland, the Democratic chairman of the intelligence subcommittee on technical intelligence.

The war game simulated a dramatic surge in computer attacks at a time of economic vulnerability, and required participants to find ways to mitigate the attacks -- using real-life knowledge of tactics and procedures where they work.

It was the broadest such exercise in terms of representation across government agencies and industrial sectors, officials said.

Homeland Security Secretary Michael Chertoff, addressing the participants at the end of the exercise, predicted cyberattacks will become a routine warfare tactic to degrade command systems before a traditional attack. That is in addition to threats posed by criminal or terrorist attackers.

International law and military doctrines need to be updated to deal with computer attacks, Chertoff said.

"We know that if someone shoots missiles at us, they're going to get a certain kind of response. What happens if it comes over the Internet?," he said.

Chertoff and Gerencser expressed caution over suggestions earlier this month calling for the appointment of a White House "cybersecurity czar" to oversee efforts. But Ruppersberger disagreed. One person was needed to take charge of efforts and to secure the president's ear, he said.

Ruppersberger said people close to president-elect Barack Obama's transition team have convinced him that Obama understands the importance of bolstering cybersecurity.

(Reporting by Randall Mikkelsen, editing by Anthony Boadle)

Seriously now, I am compelled to ask: Why does the media feel the continuous need to chuck these minimal threats into our collective national anxiety closet?

Here's the problem, we face hostile nations and terrorist organizations, some of which have proven they're quite capable. We know they have the will to do it. So, if this is such a big deal, why hasn't it happened yet?

Same with the post-9/11 terror threat. According to who you listen to, our airports aren't as safe as they should be. Our ports are wide open. Our borders are riddled with holes. Why, anyone could drive a nuke or a bio/chem weapon into the nation and set it off.

Again I ask, if this the case, why has there not been a major terror attack on US soil since 9/11? I mean, it's been over 7 years...we're at war, right? When we mixed it up with Imperial Japan sixty-odd years ago, they did far better than hit us only once every few years.

Look folks, we're being lied to, it's that simple. What's coming down the pipeline is that we're being told 2+2=4, but if you do the math yourselves, it doesn't come out to four.

Either the terrorists are losing worse than we heard, or are less capable than we're told. Of course, everyone knew the plots and stratagems of WWII far after the fact. Those days were quite uncertain; then as now, information is a weapon.

Problem is now, I’m so jaded by everything that I assume the media is lying unless I hear otherwise. You can only cry wolf so many times.

[Vekseid]

A popular opinion is that it is just an attempt (not unsucsessful) at simply raising awareness of how Chinese leadership is thinking and operating, and to put pressure on the next administration to take security risks more seriously. I don't particularly fault either goal, really.

[The Overlord]

You're talking an implied cyber threat from China scenario? Things are going to have to play out with Obama, but I don't have any reason to believe this new administration would take things lightly. If we're still at war, and even if we're not, it would irresponsible of any administration not to deal promptly and firmly with this.

As far as China goes, I'll repeat what Art Bell said c. 2000 when the big stink over our spy plane grounded in China was front and center in the media eye. I know there were allegations of China trying to hack US sites, even if it was just civilians with an alleged grudge to settle. As Art said, you do not want to get in a hacking war with the United States.