Attack scenarios expose need for good-guy Cyber Megacommunity

March 1st, 2009

benslogo

A “Cyber Megacommunity” of good guys — leaders from government, business and civilian groups — needs to be formed to effectively stem rising cybercrime. That’s the upshot of a two-day drill which threw an escalating digital doomsday scenario at 230 senior officials from industry, government, Congress and academia.

The drill, called Cyber Strategic Inquiry 2008, was held Dec. 17 and Dec. 18 in Washington D.C., under the auspices of an organization called Business Executives for National Security and consulting firm Booz Allen Hamilton.

Participants were divided into 11 teams and asked to react to a two-stage attack.

Stage one: Thumb drives and CDs carrying malicious code designed to thwart antivirus protections are distributed as free promotions in several U.S. cities. At the same time, a crime ring begins probing a core routing protocol at the heart of the Internet, called the Border Gateway Protocol,  or BSP. This disrupts telecom systems in Eastern states.

Stage two: Cascading effects from corrupted thumb drives and CDs and the BGP attack worsen.  Banks and online merchants come under denial-of-service attacks; the FAA’s web site gets defaced, blacking out information about canceled flights; communications outages spread across the Eastern seaboard.

The exercise brought to mind the  Conficker worm, which continues to spread via infected thumb drives, and the MSBlast worm, which probably contributed to a major East Coast blackout in August 2003.

The result of the exercise: the 11 teams were found to be ill-equipped to co-ordinate an effective defense. The CSI ’08 report calls for “a new operating model…across government, industry and society.” It alludes to a “Cyber Megacommunity that will enable affected public and private entities and other elements of civil society to more effectively and opening address cybersecurity challenges and opportunities.”

The report concludes that “the opportunities, challenges and path ahead to ensure a proper level of cybersecurity, as well as to reinforce our nation’s competitiveness, demand a new model of strategies, innovation, network operations and cyber expertise. This model requires closer teamwork among all stakeholders, including our citizens, to collectively promote and enhance the resilience of national digital networks.”

The report is being cited as part of the rationale for President Obama’s proposed $355 million budget expenditure for cybersecurity initiatives.