One of those "D'oh!" moments

One of those “D’oh!” moments

This post was published 11 months, 1 week ago on Sunday, February 3rd, 2008 at 12:31 pm and is filed under Humour.
It's tagged with associated press, black hats, cyber storm, hackers, homeland security
There's been 237 views of this post so far (since I started tracking them)
You can follow any responses to this entry through the RSS 2.0 feed.
Please feel free to leave a response, or a trackback from your own site.

Print This Post

Associated Press reported a few days ago on the US Government’s “Cyber Storm” exercise, and noted this:

In the middle of the biggest-ever “Cyber Storm” war game to test the nation’s hacker defenses, someone quietly targeted the very computers used to conduct the exercise.

The surprising culprit? The players themselves, the same government and corporate experts responsible for detecting and fending off attacks against vital computer systems, according to hundreds of pages of heavily censored files obtained by The Associated Press. Perplexed organizers sent everyone an urgent e-mail marked “IMPORTANT!” instructing them not to probe or attack the game’s control computers.

So Homeland Security got a bunch of hackers and others together, gave them a “secured” sandbox to play in, told them to wreak havoc, and were somehow surprised that some bright spark decided to hack the system?

It would seem to me that the system being hackable would be a warning sign in and of itself, let alone wondering why the hell someone didn’t see this coming!

If the system was being hacked, it would have made much more sense to throw the geeks responsible for the system’s design at the problem to see how they could handle compromises, since black hats are unlikely to respond to an email (regardless of an “Important!” subject line prefix) asking them to stop should any of the scenarios being explored come true.

A long time ago, in a previous life, I remember quite fondly the military’s preferences for “structured” exercises - scripted in advance, everyone plays their part, the outcome almost always pre-determined. I remember even more fondly the preference we had for buggering those plans up and doing things that weren’t in the scripts, and the reactions of those higher-up the pecking order who complained bitterly of “unfairness”.

The Department of Homeland Security should take the true lesson of Cyber Storm on board - You can’t predict, you can’t control, and if the much-vaunted yet vaguely-ephemeral threat of cyber-terrorism ever occurs, it’ll be in an area you least expected it (but should have!).

Like giving a bunch of hackers access to a secured system, telling them to have fun, then being amazed that they “cheat”. That was kind of the idea, wasn’t it??

Sphere: Related Content

Tags: associated press, black hats, cyber storm, hackers, homeland security

Comments Policy

I'm all in favor of freedom of speech (after all, I'm exercising that right here to begin with), and welcome participation from others visiting my site - even if I disagree with what you post here. I do, however, have to reserve the right to act by declining, removing, or editing comments that:

are abusive
are off-topic
contain personal attacks
promote hate of any kind
use excessively foul language
are patently spam

This site uses technological means to try to filter out spam, but it's not perfect. If you post a comment and it doesn't appear within a day or so, please contact me directly as it may have been mistakenly classed as spam. If you comment here regularly, you may want to consider registering with the site, which reduces this chance!

Links in comments may be nofollow free.