Damian Paletta
July 5, 2015
U.S. Agencies Conduct Cyberwar Games
WASHINGTON—The Pentagon, Department of Homeland Security, National Security Agency and a host of other agencies joined British officials and a number of private companies for a three-week cyber war game, testing 14 teams on a range of simulated attacks on two continents.
The exercise, held in June at a military facility in Suffolk, Va., aimed to prepare the U.S. military, security officials and others for what some believe is the next frontier in warfare: cyberattacks.
“The outcome we are seeking is operational readiness,” said Coast Guard Rear Adm. Kevin E. Lunday, director of exercises and training at U.S. Cyber Command, a division of the military. “They say the best steel is forged and tempered in the hottest furnace,” he said in an interview last week, adding, “We put them under that pressure so that they can learn.”
The U.S. government, including the Pentagon and numerous U.S. companies faceconstant computer attacks, with thieves stealing everything from bank account information to government security clearance forms.
But more sophisticated cyberattacks could take many shapes, potentially disrupting water-treatment plants, shutting down the money supply or disconnecting the electrical grid. Disruptions like those haven’t been successful in the U.S. to date, but some military leaders believe foreign countries or criminal groups could attempt attacks like this in the future.
The scenario in the war game began with a major earthquake hitting southern California, followed by a series of coordinated cyberattacks, including oil and gas pipeline disruption, interference at a major commercial port in the United Kingdom, attacks on Pentagon networks, a freeze on access to cash at banks and long lines for food at stores.
The scenarios were rolled out and either intensified or dialed back for each team, depending on its performance. Adm. Lunday said many of the teams had comparable results, though some were only running through an exercise like this for the first time, while others had more experience.
“The question is not whether this kind of scenario will occur, but when it will occur,” he said.
He said the cyberattacks that the teams dealt with ranged from that which could be carried out by unsophisticated hackers as well as foreign countries with advanced cyberweapons.
The training exercise, called “Cyber Guard,” is held annually, though Pentagon officials have plans to conduct them much more frequently, given the expanding threat of a large-scale cyberattack. One big difference this year was the invitation to some banks, energy officials and others to participate, as the U.S. government was trying to test the various industries that could be forced to respond in the event of a cyberattack.
There was one team leading the attack, called the “Opposing Force,” and its members adjusted their approach to each defensive team depending on performance.
The exercise was overseen in a separate room, called the “white cell,” by a team of officials looking for weaknesses or successes in various approaches. Adm. Lunday was careful in a briefing with reporters not to reveal many details about how groups performed or specific weaknesses.
In the third week, U.S. military officials allowed the teams to conduct defensive cyber “response actions,” which is essentially a counterattack. Adm. Lunday wouldn’t say what those counterattacks consisted of and said the teams had no discretion about what type of attack to conduct, saying instead they were instructed to carry out specific orders.
“The decisions on whether and when and how to take defensive cyberspace operation response action is a decision” made by the White House and secretary of Defense, he said.
The U.S. military is very secretive about its offensive cyberattack capabilities. in a sign of their sensitivity, when these responses were allowed at “Cyber Guard,” the private companies that had participated in the exercise had already been dismissed and were no longer at the Suffolk facility.