Forgot your password?
typodupeerror
Security United States

CIA's Info Ops Team Hosts 3-Day Cyber Wargame 279

Posted by samzenpus
from the do-you-want-to-play-a-game dept.
ScentCone writes "The CIA has booked some conference rooms and is working through a simulated 'digital Pearl Harbor' to see how government and industry handle a monster net attack from an imaginary future foe composed of anti-American and anti-globalization hackers. Having been accused of lacking imagination about potential terror attacks, they're using the exercise to better shape the government's roles in a variety of attack scenarios. The networking industry, it seems, is expected to always play a big part in detecting and thwarting such threats, as 9/11-scale economic disruption is a likely bad-guy objective."
This discussion has been archived. No new comments can be posted.

CIA's Info Ops Team Hosts 3-Day Cyber Wargame

Comments Filter:
  • by CypherXero (798440) on Thursday May 26, 2005 @02:07AM (#12642281) Homepage
    The network attacks YOU [slashdot.org]!
  • by neo5064 (822494) <hayesbb.bc@edu> on Thursday May 26, 2005 @02:08AM (#12642286)
    But personally, I'm waiting for "Digital Hiroshima"
  • by strider44 (650833) on Thursday May 26, 2005 @02:08AM (#12642287)
    People compare September 11 with a lot of things, but comparing it with a crack-fest? I doubt that it's even *possible* to kill several thousand people with cracking, you could only cause extreme inconvenience.

    Besides, security can be achieved through a couple of simple steps: Don't use Windows, use OS's designed with security in mind. Use SELinux or equivalent on mission critical nodes. And secondly, educate the users and gain a culture of safety.
    • by James_Duncan8181 (588316) on Thursday May 26, 2005 @02:13AM (#12642303) Homepage
      What? Bringing down a power grid during rush hour, changing details of patient notes on a hospital network, or sending false messages and checking the content of sent messages all have the potential to kill.

      Have you no imagination at all? ;)

      • by John Seminal (698722) on Thursday May 26, 2005 @02:31AM (#12642369) Journal
        What? Bringing down a power grid during rush hour, changing details of patient notes on a hospital network, or sending false messages and checking the content of sent messages all have the potential to kill.

        Almost all hospitals have generators, so power would not be an issue for them. Sure, the hospital might shut down the non-emeregency, non-critical care wards, they will have enough energy to protect life.

        As for traffic signals not working, that won't cause a loss of life, it will cause many people to get pissed off.

        If 9/11 was not about flying airplanes into buildings, but shutting down all electricity in the USA, maybe we would not be in Iraq or in the middle of a war.

        Still... it would piss me off a ton if I could not watch any TV, could not check email. It is like an addiction, like caffine or cigarettes. Once you get hooked, you need your daily dose. In one way, they might be doing us a favor. Maybe people would pick up a book and think about the world, not in 30 second bursts like the TV programs us to do, but in thoughtful ways.

        What the fuck am I saying. I need some cake. I am sooo fucking hungry, not like the bastards in ethiopia who fake it for attention, but really hungry for some cake with icing. Then I am going to watch the 2am edition of the news to see if anything changed from the 1am edition of the news. Then I am going to work to make enough money to pay for my cable bill, my tivo bill, my cell phone bill, my internet bill, my insurance bill... i am sure everyone gets the idea.

        Slashdot folks are smarter than most. And that scares me.

        • "If 9/11 was not about flying airplanes into buildings, but shutting down all electricity in the USA, maybe we would not be in Iraq or in the middle of a war."

          Maybe if the USA went after the culprits of 9/11 you would not be in Iraq either. Otherwise I agree with your point.
          • Maybe if the USA went after the culprits of 9/11 you would not be in Iraq either. Otherwise I agree with your point.

            Do you know how many Americans think Iraq had WMD or was involved with 9/11? With 30 second news spots, and an ever smaller attention span, Americans will believe just about anything. Just package the editorial as news, pump in some patriotism and emotion, and Americans will do anything the big boys tell us.

            Hell, god forbid if the news started spending 10 minutes on each news story. Sure

            • Hell, god forbid if the news started spending 10 minutes on each news story. Sure, that would only be 4 or 5 news stories a night, but it would be better to know something about a topic than just associate an emotion with a 30 second news clip.
              Hell, god forbid /.ers actually start RTFA before posting, and keep posts on topic. :-)

              While you do make a good point in that we associate emotions with events, I would find a news story that lasted 10 minutes to be probably 8 or 9 minutes of filler or opinion. The media has a hard enough time keeping bias out of the news with 30 seconds a clip, how much do you imagine there will be if we ask them to fill up 10 minutes? The purpose of a news article is to inform people of what is happening in the world, not to impart some deep understanding to everyone who watches it.

              The truth does not matter. Everything can be spinned and made into an emotional issue. Everything can be rationalized.

              The truth as defined by whom? There are 3 versions of every memory and story. 1st we have your side and how you remember it happening - this is the truth to you. Next we have my side and how I remember it happening - this is the truth to me. Next we have what really happened, but since no one is see it for what it really is it may as well not even exist. Remember, nothing ever happens exactly the way you remember it.

              and even then that is not enough time to capture everything needed to understand a topic

              While some places do a really good job of presenting ideas and concepts (PBS, Nova, Etc) 0 if you want to really understand a topic, don't rely on TV at all, or for that matter /. Go out and do some real research.

              Hope you'll take what I said here as some constuctive feedback on posting and not much else :D
            • Think of Iraq as a honeypot for terrorists...
        • Welcome to the world. If you have a clue you must hide on the Internet or get shunned by some idiot who sits and watchs TV all day because you told him he's wrong.

          The media wants people as dumb and as boxed in as possible so they can brainwash, when you get smarter then that they no longer intrest you and you become an out sider in society.
        • It scares me that you think a cyber attack against the infrastructure of the country such as the power grid or financial system is only an annoyance. Someone on slashdot with this mentality and we wonder why cyber security is not taken seriously.

          Total loss of power for a sustained time can cause loss of life, not to mention huge financial consequences. That 'non-critical' care you say might be inconvienienced might be someones organ transplant or chem therapy.

      • If I wanted imagination, I'd read Niven.

        The dorks can play their silly simulation games and still not be prepared. Face it, if you want to be a terrorist, you've got to think like one. I doubt the CIE geeks pack the gear for that gig.
      • Bringing down a power grid during rush hour

        Sorry, nope, doesn't do crap. Maybe one or two more accidents but that's it. During the summertime this happens a lot here in Vegas. Everyone's AC is getting revved up to cool down the houses in time for everyone to come home/those who have come home have just turned their AC down, and then we get large brown-outs.

        Thankfully, people tend to remember what they've learned years ago. Namely that a non-working stoplight is the same as a stop-sign.
        • Thankfully, people tend to remember what they've learned years ago. Namely that a non-working stoplight is the same as a stop-sign.

          You like to think.

          It only takes one idiot on their cell phone more concerned with their trivial conversation rather than the fact that they are driving a 2 ton death machine to forget that while someone else is going as it is their turn. Almost happened with me during the big blackout couple years back.

          Damn middle aged woman chatting it up in her cadillac.

          But in general I w
        • During a power outage a few years back, I properly stopped at the light that was out, and then went. There was a car coming down the hill to my left. The car behind me came up to the light, and then went as the car to the left hadn't quite reached the intersection yet. The car to the left didn't stop, and barreled right into the driver's side door going 40-45 miles an hour (speed limit is 35 on that street). The driver was critically injured but did pull through.

          Since that time, I've gone out to watch
      • Imagination is not enough, the bad guys need the actual expertise. Islamists have so far demonstrated expertise in blowing things up and slaying the hosties. What I have seen about their computer skills and their attempts to build biological, chemical and nuclear weapons left me very unimpressed.

        Net security is important - but for God sake first make secure the liquified natural gas terminals! There are proposals for building several new giant port terminals in US which would accept tanker-sized ships fill
      • by flyingsquid (813711) on Thursday May 26, 2005 @03:56AM (#12642606)
        Apparently the US managed to screw over the Russkies by doctoring some software and letting them steal it (from WWII onward, the Soviets engaged in industrial espionage on a massive scale); the software ran pipelines. From _At the Abyss_:

        "In order to disrupt the Soviet gas supply, its hard currency earnings from the West, and the internal Russian economy, the pipeline software that was to run the pumps, turbines, and valves was programmed to go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds... The result was the most monumental non-nuclear explosion and fire ever seen from space. While there were no physical casualties from the pipeline explosion, there was significant damage to the Soviet economy. Its ultimate bankruptcy, not a bloody battle or nuclear exchange, is what brought the Cold War to an end. In time the Soviets came to understand that they had been stealing bogus technology, but now what were they to do? By implication, every cell of the Soviet leviathan might be infected. They had no way of knowing which equipment was sound, which was bogus. All was suspect, which was the intended endgame for the operation."

        You could wreak a lot of havoc on the American economy if you chose to. At present, I doubt many nations would be interested in that- it's just not in their interest. China, for instance, is making just way too much money off the U.S. economy to want to touch it. Even if we started exchanging shots over Taiwan I think they'd think hard before trying that. But what what about Al Qaeda?

        "All that we have mentioned has made it easy for us to provoke and bait this administration. All that we have to do is to send two mujahidin to the furthest point east to raise a piece of cloth on which is written al-Qaida, in order to make the generals race there to cause America to suffer human, economic, and political losses without their achieving for it anything of note other than some benefits for their private companies. This is in addition to our having experience in using guerrilla warfare and the war of attrition to fight tyrannical superpowers, as we, alongside the mujahidin, bled Russia for 10 years, until it went bankrupt and was forced to withdraw in defeat. All Praise is due to Allah. So we are continuing this policy in bleeding America to the point of bankruptcy. Allah willing, and nothing is too great for Allah."

        Bin Laden's ultimate goal probably isn't to kill American civilians, kill American troops, or defeat us militarily. He wants to attack our economy. That was definitely a large part of what 9/11 was about, and it's a very large part of what the ongoing insurgency is about (200 billion for this invasion by the end of 2005, with no end in sight. What's really shocking is that everybody is puzzling over the Iraqi insurgency's strategy, when bin Laden explicitly lays out his strategy). And it will be a very large part of any future attacks, which could concievably move into internet attacks. Carnage is part of it, sure. But if he can't bleed you physically, he's perfectly happy to bleed your bank account. Incidentally, I had to go to Al Jazeera to find that passage- CNN, those J-school dropouts, post a heavily edited version without even mentioning that it was edited.

        • I've heard the Soviet pipeline software story before, and, frankly, I'm dubious. As told, there's no way the CIA could have known exactly how the software was going to be configured, and without that knowledge there's no way they could tell exactly what was going to happen when it went haywire. What if the explosion was in a densely populated area? Could you imagine the political consequences? The Soviets would have been able to say "sure, we steal technology, but the Yankee capitalist pigs slaughter th
        • by synthespian (563437) on Thursday May 26, 2005 @10:40AM (#12644745)
          Incidentally, I had to go to Al Jazeera to find that passage- CNN, those J-school dropouts, post a heavily edited version without even mentioning that it was edited.

          Yeah, I remember reading the original statement:
          "And it was to these sorts of notions and their like that the British diplomat and others were referring in their lectures at the Royal Institute of International Affairs. [When they pointed out that] for example, al-Qaida spent $500,000 on the event, while America, in the incident and its aftermath, lost - according to the lowest estimate - more than $500 billion.

          Meaning that every dollar of al-Qaida defeated a million dollars by the permission of Allah, besides the loss of a huge number of jobs.

          As for the size of the economic deficit, it has reached record astronomical numbers estimated to total more than a trillion dollars.

          And even more dangerous and bitter for America is that the mujahidin recently forced Bush to resort to emergency funds to continue the fight in Afghanistan and Iraq, which is evidence of the success of the bleed-until-bankruptcy plan - with Allah's permission.

          It is true that this shows that al-Qaida has gained, but on the other hand, it shows that the Bush administration has also gained, something of which anyone who looks at the size of the contracts acquired by the shady Bush administration-linked mega-corporations, like Halliburton and its kind, will be convinced. And it all shows that the real loser is ... you."here [aljazeera.net])

          Actually, at the time I was kind of shocked at the self-imposed censorship of the American media. Sometimes I think the USA has achieved a more effective way of brain-wahing than the Soviets could have ever dreamed of...No in-depth analysis in news media, no space for political discussion, people afraid to vent their political views, a presidential campagin that can only be won with loads of money, indirect elections for president, moralism, fear of "communism" (or, as the neo-macarthist term would have it today "anti-americanism"), etc. And, no, I'm, no a lefty.

      • by panurge (573432) on Thursday May 26, 2005 @04:28AM (#12642671)
        They suffer from imagination deficiency. Apart from disrupting things like pipelines, which (as I discovered when working for a company that made pipeline parts, among other things) have some interesting design deficiencies, there is the potential to do things like change the schedule of estuarine sewage pumps so that they pump out on the rising, not the falling tide. Or change the dosing pump settings on water treatment plants. Most of the world is incredibly dependent on clean water and sewage treatment, with river pollution so high as to make untreated water undrinkable. Serious disruption to the water system would kill or make sick a lot of old people and young children - and, just like US and Russian landmines that are designed to injure children rather than kill them, this would have disruptive effects out of proportion to the numbers and economic activity of those affected.
    • "...as 9/11-scale economic disruption is a likely bad-guy objective."

      Well, say someone broke into stock market computers, or bank computers, or servers of some other major financial institution...I'd say the potential for disruption is even greater than what happened on 9/11.
      • Worse! (Score:2, Insightful)

        by Dancin_Santa (265275)
        What if someone was selling off your country's debt to its largest rival (ideologically, politically, economically, and militarily) to such an extent that they were able to blackmail your government with the threat of bankruptcy and thereby force your government to bow to their demands?
    • by voixderaison (665336) on Thursday May 26, 2005 @02:33AM (#12642380) Homepage
      I suppose there are a variety of crack scenarios that would result in massive loss of life. Spoofing the air traffic control system in some fantastically improbably way might cause a few mid air collisions before the planes were grounded.

      Launching a single nuclear missile would shoot past the mark by rather a lot. Let's hope the control systems for those things are not connected via some backdoor to to a network in turn connected via some other back door to a network connected to the internet, eh?

      These crackfest doomsday scenarios are not preparing government for the real problems at hand, today. Consider the case reported by the New York Times last week [nytimes.com] :
      "During a two-day period they watched as the intruder tried to break into more than 100 locations on the Internet and was successful in gaining root access to more than 50. "
      It was probably a lone cracker, possibly a small group. rooting fifty boxes in a couple days. That was just a two day sample of a months long probably-one-man crackfest. Low level information theft poses a real threat to national security. Many government agencies are not even able to detect it.

      By the way, it seems to be more popular in government circles to invoke September 11, probably because in the current climate it helps get funding. At least there is that perception.
      • Air traffic control must surely be a prime target for conventional terrorism too. Think about it - a coordinated attack would leave hundreds of planes in the air with no one to organise them, and would cripple the country for weeks after.
      • Let's hope the control systems for those things are not connected via some backdoor to to a network in turn connected via some other back door to a network connected to the internet, eh?
        I don't know anything about using snmp exploits in printers to get to machines which are supposedly not connected to the internet.

        *whistles innocently and walks off while checking the rear view mirror for details*
      • > Spoofing the air traffic control system in some fantastically improbably way might cause a few mid air collisions before the planes were grounded.

        "Fantastically improbable" is the key phase there.

        The ATC system, at least in the US, is comprised of some pretty old and pretty obscure equipment.

        Not only would you have to take out the terminal area radars but you would also need to get the radio systems of both the pilots and the controllers. And don't forget that commercial airliners have radar and on
    • by Moraelin (679338) on Thursday May 26, 2005 @02:40AM (#12642407) Journal
      The less one knows about computers and networks, the more one can believe any "digital Pearl Harbour" scenarios.

      E.g., I still fondly remember when I was 18, and mind you I was programming assembly for some years already, I thought I could write _the_ virus that would bring the whole economy to its knees. (Which is why I didn't actually release it.) Looking back in retrospect, omg, that idea was soo retarded.

      Now throw in politicians, who have about as much clue of computers as your cat has _and_ make a living by blowing things out of proportion to an audience who knows even less. Right. You can see where that is going.

      In practice, our computers aren't that vulnerable, ironically, because we know they're a fragile contraption. They don't exist in a vaccuum, as some box in a corner that noone knows about. Any company has a small army of admins who can deal with threats, has backups, etc.

      Even things like Blaster didn't really do that much harm. The network congestion died pretty quickly, as everyone scrambled to block ports and disinfect machines. At the corporation I work for, it cost a total of a couple of days of the IT staff's work, to deal with some tens of infected computers out of many thousands. And that was the only virus I know of that made it inside in the last half a decade. (Unlike what Linux zealots like to claim about Windows securitiy, IRL it doesn't really cost _that_ much to keep it running.)

      Or I remember one bank bitching about their DB/2 corruption, but even that didn't shut them down. Even doing the irresponsible thing and keeping running with a corrupt database and repairing it on the fly, in the end worked. It cost them some millions per day, yes, but the bank continued to work.

      Just about the only thing one can't really defend against is a DDOS attack. No matter how well patched and firewalled a network is, when you have 10 GB/s stuffing your inbound pipe, you're stuffed.

      But here's the fun part about those: they work against one site at a time. Directing some tens of thousands of zombies to spew 10 GB/s at one site, yeah, stuffs it. Directing the same 10 GB/s at 10,000 sites, won't even start to matter. There is no way that can be a threat to the whole economy or anything.
    • People compare September 11 with a lot of things, but comparing it with a crack-fest?

      I don't think they are comparing the 9/11 attacks themselves to a crack-fest, they are compairing the resulting economic disruption to something that could be done through a coordinated cracking session. I'm not wholly convinced that economic disruption of such large proportions can be coordinated through cracking though.

      Don't use Windows, use OS's designed with security in mind.

      I'd agree with this - certainly for m
    • People compare September 11 with a lot of things, but comparing it with a crack-fest? I doubt that it's even *possible* to kill several thousand people with cracking, you could only cause extreme inconvenience.

      Which is all true except for the fact that the write up said nothing of the sort:

      The networking industry, it seems, is expected to always play a big part in detecting and thwarting such threats, as 9/11-scale economic disruption is a likely bad-guy objective.

    • There is no software that exists and is 100% secure. True, there are OS's designed for government applications like air traffic control, power grids, and traffic grids. If someone hacks into the air traffic control system, they could easily crash several planes a la Die Hard 2. If they changed all the traffic lights in Chicago rush hour to green, more than a few people would die. And so on. The threat they are most worried about is another terrorist attack while the emergency services are preoccupied
    • google 'SCADA'. Then use your imagination. (hint: others have already, and they're plenty concerned)
    • One thing is widespread actual physical destruction and direct harm to people, another thing is "economic disruption". Perhaps I worry to much, but if a crack comes ... there are already plenty of people on the far right who blame us pessimist on the left ("globalization protesters") for everything that is wrong in the world today, and if a government decides to blame an economic downturn on our side, by means of a hacking accusation or otherwise... As I said, I'm a pessimist in these matters, and this news
  • by Dancin_Santa (265275) <DancinSanta@gmail.com> on Thursday May 26, 2005 @02:10AM (#12642291) Journal
    For all the hoopla about the pervasiveness of the internet in our daily lives, when it comes down to brass tacks, it's all just electronic pulses. When those pulses go dark, the wires are still around routing telephone calls. No one dies in a burning, collapsing building. No one dies in a hijacked airplane. No one dies because they stand too close to a bomb. Those bits just go dark and the internet disappears for a while.

    A day without the internet is like a sky without vaportrails.

    Even the data that is destroyed by such an attack is not at such a disadvantage. Though the paper-less office has been a longstanding goal, it is totally a dream. Everything has a papertrail and can be backed up.

    There is no calamity awaiting us in the event of a terrorist cyberattack. The real calamity is the usurpation of rights due to terrorist attack fearmongering.
    • Actually, people may very well already have died in network attacks, as these attacks managed to clog telephone lines and bring down 911 response centers. Someone may well have been waiting for the ambulance that never came.

      Or, suppose that someone manages to sneak a virus inside a nuclear plant control system. Wait -- that actually already happened! Slammer worm crashed Ohio nuke plant network [securityfocus.com].

    • It depends on what network is crashed. Crash the network of your local 911 and see how many people die because the operator isn't able to find the address of a heart patient who can't speak well enough during the attack to give thier address.

      We've become very dependant on computers and networking. Sometimes, very critical systems are left wide open. I think that having them tested for security leaks is a good idea.

      A friend of mine who is a consultant did a 26 page report on a small town police department's network, finding that he was able to access everthing on thier network, including personal and critical information from home, with out a user account on the network.
      • "Crash the network of your local 911 and see how many people die because the operator isn't able to find the address of a heart patient who can't speak well enough during the attack to give thier address."

        Is that you're terror attack strategy? Try to break into the 911 network just as someone who doesn't speak very good English, is having a heart attack?

        • Is that you're terror attack strategy? Try to break into the 911 network just as someone who doesn't speak very good English, is having a heart attack?

          Your response has shown me that I didn't make myself very clear in the posting. I was simply refuting the statement that no one dies when networks go down and provided a simple example to back it up.

          I'm not so small minded to think that attacking just the 911 system would be an effective terror attack. Now, take down the cell towers and phone exchanges
          • My view is that critical systems should be kept on different Physical Nets like they are now rather than routed through the Internet.

            These 'cyber' attack strategies assume that Akmed in Iran can attack via the Internet and so talk of bringing down power grids & phone exchanges is worthless because he can't get a physical connection to those networks.

      • I have been put on hold by 911 for longer than by my bank while a gunman was waving a gun outside, or when there was a sofa on the highway at night.

        Call me cynical, but if you have to rely on 911 service, you're in trouble.
    • Those bits just go dark and the internet disappears for a while. excuse me, but your lack of thought is ASTOUNDING your obviously one of these idiots that think the internet is the www. when someone shutdowns the power at rush hour and all the traffic ligths go out, try telling that shit to the people mangled in car wrecks. i'm sure they will agree. or better yet, if your one of them and you go to hospital, and they look on your hacked medical records and they give you something your alergic to, be sure
    • Shut up.

      Now, the rest of you, pay attention to the shiny anti terrorism plan. Feel the soft, warm, blanket of security envelope you, as your government protects you from nonexistent threats. There.... That's it. Good citizen.

    • Electronics are EXTREMELY embedded within modern American society. Sure it may seem like it doesn't extend beyond the internet, but it all depends on how far and deep you want to look into it...

      Socially: An electronics crash would result in mass social disorder. Loss of school records would mean weeks of paperwork sifting, confirming, checking and double checking to make sure people didn't make counterfeit diplomas. Throw in messed up court cases, work schedule mix ups and just general confusion and you've

    • It is not lives that are at stake, it is business.

      Cold as it may be, but a country can afford to loose a few thousand people. It can't afford to loose one or two large corporations.

      For the record, I find the above fact sickening, but this does seem to fit in with the world's priorities at the moment.
    • When those pulses go dark, the wires are still around routing telephone calls.

      Like it or not, the phone network is steadilly vanishing in favor or VoIP solutions. Yeah, ok - the vast majority of calls are currently going over the PSTN but I'm not sure it's going to be _that_ long before this changes (I should think that in 10 - 20 years the majority of calls will be over the Internet).

      Not to mention the fact that the PSTN _is_ connected to the Internet - your DSL connection, etc runs over the same digit
    • There may not be a "cracker of mass destruction" but I do note that over the last year I have seen ip's in my intrusion detection systems coming from china, indonesia, hungary, pakistan, malaysia, russia, taiwan, hong kong, india... usually just a couple thousand attempts at a time to shake up ssh or rape my mailserver but still, this shows that the digital divide is dissipating on the dark side at least.

      I have no clue as to what these countries represent in terms of actual security breaches as my systems
  • by dj245 (732906) on Thursday May 26, 2005 @02:10AM (#12642292) Homepage
    The networking industry, it seems, is expected to always play a big part in detecting and thwarting such threats, as 9/11-scale economic disruption is a likely bad-guy objective."

    Sadly my website http://www.rogertheshrubber.net/ [rogertheshrubber.net] has already fallen victim to the hordes of the digital pearl harbour. There is [utwente.nl] a pestilence upon this land. Nothing is sacred. Even those who arrange and design shrubberies are under considerable economic stress at this period in history.

  • All these simulation games and such designed to train/improve government IT security is BS. Everyone knows the overwhelming majority of the government budget is spent on politicians. Lawyers next, hospitality, then maybe techies.

    Now I am not saying the government has no talent. I am just saying the money that attracts top talents are with the corporations.

    • by CHESTER COPPERPOT (864371) on Thursday May 26, 2005 @02:52AM (#12642439)
      "I am just saying the money that attracts top talents are with the corporations.

      To some people money doesn't matter. Time and time again the military and intelligence communities attract hugely talented individuals because of the work environment. Dave Grossman talked about this in his book On Killing [amazon.com]. There is a small minority of people who are talented warlike mischeif makers who given the right environment, ethical and monetary backing can go a long way to louse up the enemies day. Bruce Schneier says the same thing in Secrets and Lies. Examples of this in history are myriad. Google topics like the Tunnel Rats in vietnam. The bad guy mentality in the right environment attracts these guys.

      You don't have to have to be a "bad guy" but being/thinking so is what separates the best intelligence and military personnel from the average. Obviously, you still need a 'good' value system but the 'bad guy' psyche still is needed.

      It's even written in the vast majority of intelligence literature out there that the best overall intelligence guys are borderline 'bad guys'. Examples are myriad:

      The original detective Eugène François Vidocq [vidocq.org] was the founding father of criminal investigation. He was a notorious bad guy whose innovations bolstered police intelligence gathering.

      Michael Levine [totse.com] who was one of the top undercover agents ever assigned to the Drug Enforcement Agency said in an interview that "The secret to my success was ..... A police lieutenant, with whom I worked many years later, looked at me, after I had done, in one day, something like four or five undercover buys from different groups -- from Hispanics, from Blacks, from Whites -- and he was covering me along with my group. He said: "You know what the thing is about you, Levine? You're a guy who should've gone bad. You should have been a gangster. You should have been in jail. But somehow you turned out right. And that's why you're so ..." [convincing]. And I thought about it, and I thought about my youth and about the way I grew up, and I realized that there was a lot of truth in what he said. I was FROM the streets. The streets were in me. There was a thin line between me and the guys who I was working against. And that line was so thin that drug dealers couldn't see it. Do you understand? The line that separated them from me as a suspected agent was so thin that drug dealers could NEVER believe that I was an agent. And that's an attitude .... that's something you can't teach."

      The CIA Case officer Gust Avrakotos [amazon.com] who ran the covert operation arming the Mujahideen by proxy through Pakistan in the 1980's Afgan-Russian war was nicknamed 'Dr Dirty' by his CIA peers because he was such an aggressive rule-breaking intelligence operative who had an inherent 'bad guy' view of intelligence operations which helped him numerous times in executing deals inside and outside the CIA.

      Ex US Army intelligence analyst Ralph Peters [amazon.com] Essay "The Black Art of Intelligence" speaks that the best intelligence analysts have a specific talent for the job and that talent is an underlying understanding of the dark side of humanity and this talent is born not made.

      I could go on and on. Of course, you don't have to be a bad guy or empathise to be good at the job. In fact having an organisation filled with these guys would be counter-productive. But, like I stated, what separates the good from the brilliant is this 'bad guy' mentality.

      "The best soldiers have a seasoning of devilry." General A.P. Wavell

  • by iibagod (887140) on Thursday May 26, 2005 @02:15AM (#12642309)
    It's wonderful that the CIA has such trustworthy people that wouldn't think of disclosing details of such a secure operation..... Oh, wait.
    • It's wonderful that the CIA has such trustworthy people that wouldn't think of disclosing details of such a secure operation..... Oh, wait.

      Nah, we don't kill people. We play video games.

      Sometimes I think the Army and government recruits like a gang or drug dealer. They offer people with little hope in life a job. They offer training. Stop me if you have heard this one: "The Navy will train you how to work on nuclear submaries... do you know how much people who work on nuclear stuff make outside the na

      • the military life. I get so annoyed with some of these active duty crybabies and their complaints about low pay.

        Let me tell you something, the military is a swank deal and everyone should stop crying wolf over a bogus issue. Let me break it down.

        Okay, so starting off, military pay is kind of on the low side. However, its not low considering the great benefits, which render the salary pure gravy. Especially considering, you're getting free paid training. How many companies offer free paid training, with to
        • While you can get a desk job (my father did back in the 'Nam days), there is a very real chance that you'll be shot at in your career.

          The process of breaking you down to nothing and building you up again (aka boot camp) is something that a lot of us individualistic types get squeamish about. I'm certainly not a good candidate for military service simply because of my antipathy towards established authority. (I did take the ASVAB at one point... highest score the recruiter had ever seen)

          The hourly pay ten

  • by sTalking_Goat (670565) on Thursday May 26, 2005 @02:17AM (#12642317) Homepage
    "You hear less and less about the digital Pearl Harbor," said Dennis McGrath, who has helped run three similar exercises for the Institute for Security Technology Studies at Dartmouth College. "What people call cyberterrorism, it's just not at the top of the list."

    We finally get rid of one useless buzzword and this idiot wants to bring it back.

    The funniest thing about this is that from the sounds of it the whole thing is being run by CIA goons. I'm no "info-warrior" but seems kind of pointless to run a war-game with people whose tricks you already know. Wouldn't it be far more realistic if they setup a network and put out the word to John Q. Hacker that is open season.

    • I've heard a lot of people who say what we really need is something like:

      Make a test network, put a file worth of fictional critical data on it. Give out one hint on the Internet about how to find it and tell people its no holds barred. First to disclose the data to an email address you set up gets $100,000, no questions asked.

      The problems with this approach are a) you're not really sure you're going to get any useful information ("Well, we got rooted, really fast. So that was interesting, and no

  • I'm not sure whether this is completely appropriate to include in a press release.

    Insofar as the intelligence community is coming up with possible scenarios, yes, I think this is a possible scenario. And worth looking into.

    Insofar as the government- MY government- is identifying and singling-out anti-globalization folks as "The Enemy" and "anti-American," I'm a bit frustrated. I'm an American who is also somewhat anti-globalization*.

    So, thumbs up for doing some preparation that might actually matter. Thumbs down, however, for singling out anti-globalization as "The Enemy" and "anti-American."

    You're the government. You have a responsibility to your citizens to not insult moderate views commonly held by U.S. citizens, however accidentally you do so. If you're going to put out press releases, hire some rhetoric Ph.Ds or something.

    *There a lot of ins-and-outs to globalization. I'm against greedy globalization, which so far has unfortunately been rampant.
    • by Jack Taylor (829836) on Thursday May 26, 2005 @04:00AM (#12642613)
      singling-out anti-globalization folks as "The Enemy" and "anti-American,"

      I agree. I'd even go one step further and disagree with their use of "anti-American" itself. I mean, it seems that these days all you need to be "anti-American" is to disagree with some of the current US government's policies, the right to which would seem to be a fundamental tenet of democracy. If that's the case then Amnesty International is an "anti-American organization" for protesting about the US government's use of Guantanamo Bay. I live in the UK, and I've never heard anyone utter the words "anti-British"...
      • Actually... (Score:3, Informative)

        by Savage-Rabbit (308260)
        ...the worst stuff doesn't happen at Gitmo. Allegedly the CIA has a small fleet of executive jets including the legendary N379P [wikipedia.org] that regulary overfly Europe on their way to Egypt or some other place where people are still allowed to conduct what the KGB used to call 'Efficient interrogations' Amnesty international (quoting ex CIA employees) call it torture [amnesty.org] but who listens to them?.
        • ...Amnesty international (quoting ex CIA employees) call it torture but who listens to them?

          I'm sure there are even less people listening to them after their most recent 'report':

          Amnesty International says the United States, by its actions, is sending out a permissive signal to abusive governments and that is leading to more torture worldwide.
          Source [voanews.com]

    • I think the emphasis should have been on "an imaginary future foe composed of anti-American and anti-globalization hackers." There are loonies all over the ideological spectrum. But as far as I can tell, the "anti-globalisation" groups don't indulge in terrorism; they just want to be heard. When the police forces herd them away and beat them down (literally, in many cases) some may respond likewise, but mostly it's street theatre. But as for a calculated act of terrorism; what evidence is there to suggest
    • I can understand millionaire senators trumpeting globalization as much more than it is -- the interests of millionaires lie with the global corporations more often than with the common man -- but why in the world does the CIA see anti-globalization hackers has the enemy?

      Btw, how are they simulating an attack on "The Internet" when they are all in the same state?
    • You seem to have misinterpreted it.
      First off, I don't think it implies that "anti-globalization" groups are inherently "anti-American". The fact that the two terms are joined with an "and" makes it clear that they are two separate concepts, both of which are being examined here.

      Secondly, those are the groups these attacks are likely to come from. If you're a logging company, your security scenarios would largely focus on attacks by eco-terrorists. Not because ecologists or environmentalists are necessarily
  • by IO ERROR (128968) * <{error} {at} {ioerror.us}> on Thursday May 26, 2005 @02:18AM (#12642322) Homepage Journal
    I don't ever remember government computer systems ever being regarded as being anywhere near secure. Whether it's Microsoft Windows, unpatched Unix boxes, or incompetent sysadmins, government and military boxes have historically been regarded as some of the least secure on the Internet.

    Has any progress been made in the last few years on improving the state of government computer security?

  • sounds like fun (Score:3, Interesting)

    by cryptoz (878581) <jns@jacobsheehy.com> on Thursday May 26, 2005 @02:19AM (#12642326) Homepage Journal
    Hey, if you were on the committee deciding how to spend the new money you got on the defence budget, wouldn't you want to spend it on some fun war-style games? That way, you can pretend there's a disaster and save the world without the whole mess of killing lots of Americans. Much more fun. I bet you that more money is spent on the lunches of the people involved in this than money spent on ACTUAL foriegn aid (not money called foreign aid sent to the pockets of other politicians, real foreign aid). And I'm not joking.
  • by Motherfucking Shit (636021) on Thursday May 26, 2005 @02:23AM (#12642336) Journal
    Why not just call the event "Perl Harbor," I think everyone would get the reference.
  • by Absolut187 (816431) on Thursday May 26, 2005 @02:25AM (#12642346) Homepage
    I saw a show on History channel or something about the NYSE and how they have everything backed-up at a secure location.

    I fail to see how an internet-attack would cause all that much havoc.

    I remember in 2000 or so, the internet went down and it wasn't that big of a deal.

    Bill Maher said "millions of people were forced to go back to masturbating to magazines."

    From the article:

    "One of the things the intelligence community was accused of was a lack of imagination,"


    Actually, this shows no imagination at all, considering that Tom Clancy already wrote about it in Debt of Honor.

    But then again, before 9/11 Tom Clancy wrote about Islamic Radicals using airplanes to crash into the house of congress, and they didn't pick up on that threat. Nor did they pick up on the threat after psycho Sam Bicke tried to hijack a Delta flight in the 70s planning to fly into the white house. So I guess maybe this is an improvement.

  • anti-American and anti-globalization hackers
    You fools. You fail to realize the potential of thousands of script kiddies who just got out of school for the summer and are really bored. Prepare to be WinNuked into submission!
  • From TFA:

    It also questioned whether the U.S. government would be able to detect the early stages of such an attack without significant help from private technology companies.

    This is a very important statement. The US govt may have their eye on all the networks, but given the nature of the Internet, as well as the PSTN to some extent, they just cant do it themselves. It has to be strong collaboration with private firms, whose technology may well be better than theirs, as well as all the big service pr

  • Bad Guys? (Score:2, Insightful)

    by larsl (30423)
    Defending yourself against the United States makes you a "bad guy?"
    • by Etcetera (14711) * on Thursday May 26, 2005 @02:48AM (#12642426) Homepage

      Defending yourself against the United States makes you a "bad guy?"

      From the perspective of a citizen of the United States, yes.

  • I can't help but wonder, with the USA threatening Korea and Iran for their weapons programs, how the hell we get away with half the shit we make that has no usefullness outside of killing people. Like the new bomb they have developed, that kills all the people in a city, but does not damage any structures.

    1984 has come people. They have weapons of mass destruction and we must defend ourselves. They don't have weapons of mass destruction but we needed to remove a tyrant. We have, as a basic saftey gaurd ag

    • haha i love the fact that this was modded insightful! ive see this post in several other places.
    • Actually, 1984 came (and went) more than twenty years ago. Parent may want to review this article [wikipedia.org] for a quick update on where things stand.
    • ...and adjust your tinfoil hat.

      the new bomb they have developed, that kills all the people in a city

      It's called the enhanced radiation weapon, or Neutron Bomb, and it's older than probably half the readership of this website, having been developed during the Carter administration back in the 1970's.

      As far as the coup thing goes, have you never heard of the 2nd Amendment and the NRA?

    • Though the counterarguments are pretty strong; it isn't 1984 and 2nd Amendment and the NRA, like someone is going to sit on their porch with a rifle and stop "them varmints". On the other hand, the Bush family has been war profiteers since Prescott. They make the Mafia look like morons.

      Parent is a little off-topic, but really, the end of Democracy and the rise of indentured servitude is important enough to repeat.

      And I figured out he was talking about a Neutron bomb. I don't think it's an issue, because t
    • For any coup to be half-way successful, i think they'd need to drop a neutron bomb (that was developed in the 70s, BTW) on K street in Washington. That's the real source of many of our problems.

      Well, there's always hope.
  • I got karma to blow here

    Does anyone else notice that /. has banned its own headline reader? HAHAHA!!!
  • Wrong branch? (Score:2, Interesting)

    by P0ldy (848358)
    Isn't this the NSA's job, or Homeland Security? I can't really see how this is gathering intelligence. Is this supposed to be Ops? TFA mentions

    "Information Operations Center, which evaluates threats to U.S. computer systems from foreign governments"

    , which is understandable, but the conventional notion of "terrorists" aren't "foreign governments". Does this mean we're expecting to go to cybercarpetbombing against France, the "anti-Americans"?
  • How about a nice game of Chess?

    (I apologize in advance... *somebody* had to make the reference)
  • The particular brand of globalization done by American people is to treat "the rest of the world" as yet another "Hawaii".

    Globalization can be good, pity some (non-internet enabled) Americans have a twisted idea of what it (the rest of the planet) is about. I think a re-education will solve all the problems, and not the hosting of a LAN. ;)

    This story is a case in point by grouping 'anti-American' and 'anti-globalization' into one concept. Showing just how easy it is to alienate the rest of the world (whic
  • by Anonymous Coward on Thursday May 26, 2005 @03:54AM (#12642597)
    There used to be a time when you could comment on such articles without it being turned into a political diatribe. This article is damn interesting and there could be some awesome commentary by some /.'ers. However you political numbnuts decided to turn this into soapbox rant afternoon.

    BTW, I am left-leaning as well, but for fucks sake keep your politics to yourself. It's completely off-topic yet gets modded up becuase of /. groupthink. Leave your political rants for the /. political threads.

    Cmon guys don't drag this place down a notch. It's annoying to sort through at +4/5 expecting cool comments but all you get is some guys off topic political rant that fits the /. atmosphere.
  • Having been accused of lacking imagination about potential terror attacks,

    Uhh, the only one who accused the government of lacking imagination about potential attacks was the Bush administration, and those claims have been very throughly proven wrong...

    The "lack of imagination" is a defense... an alternative to saying "we actually knew the dangers and are grossly incompotent in protecting against them".
  • What would you rather see a seqeul [slashdot.org] or a prequel?

    (No 'neither' replies please)

  • In a conventional war you want to take out CCC infrastructure. No communications, no instructions, no control and the military s at a loss as to how to act

    Terrorism exploits communications infrastructure. It relies on a relatively low cost 'attack' generating 'terror' which would be hampered by crippling this infrastructure. The attack could be as simple as starting a rumor in the middle of flu season.

    Attacks on the credibility of news sources may already be in progress, Goodbye Dan, and cost little. Imag

Theory is gray, but the golden tree of life is green. -- Goethe

Working...