Cyber Command Completes First Major Attack Simulation

News
By Jane McEntegart
published

USCYBERCOM has said that its first major attack simulation exceeded expectations.

The United States Cyber Command hasn't been around for long. In fact, it only reached full operational capability last October. However, things seem to be trundling along quite nicely over as USCYBERCOM, as the command just recently completed its first major attack simulation.

InformationWeek reports that the mock attack, dubbed Cyber Flag, took place over the space of a week at the Air Force Red Flag Facility at Nellis Air Force Base in Nevada. All told, 300 people participated in the simulation (both on site and off), which involved splitting into two teams, the "good guys" and the "bad guys." The bad guys spent their time throwing everything they had at the Cyber Command's networks, attempting infiltration with malware and other nasty tricks. For their part, the good guys did everything they could to defend the network.

Col. Rivers J. Johnson of the command's public affairs office told InformationWeek that while the Cyber Command was not 100 percent successful in fending off all of the attacks, the majority of threats were identified and deflected "in a timely manner."

"There were a variety of scenarios based on what we think an adversary would do in real world events and real world time," he's quoted as saying. "It was a great exercise."

Jane McEntegart
21 Comments Comment from the forums
  • thehelix
    As if they would say it if the simulations would fail.....
    Reply
  • FloKid
    My IP is 127.0.0.1 go at it :)
    Reply
  • NapoleonDK
    For added network security, update your WinRAR and delete System32.
    Reply
  • accolite
    FloKidMy IP is 127.0.0.1 go at it
    I'd laugh my ass off if someone there tried it, lo good one.
    Reply
  • igot1forya
    "We didn't expect someone to set the building on fire"
    Reply
  • xx_pemdas_xx
    FloKidMy IP is 127.0.0.1 go at it
    Wow there was some crazy pictures on your machine!
    Reply
  • xx_pemdas_xx
    xX_PEMDAS_XxWow there was some crazy pictures on your machine!
    Oh wait, no wonder my credit card charges went through the roof..
    Reply
  • razor512
    Easiest solution, if you detect multiple attacks in real time, take the servers off of the WAN, most real-time attacks cant be stopped in real time while keeping normal operation.

    Also unlike with a simulation where you know what is happening because things are set up. In real life, you generally wont know when the network has been compromised. (many of the best security firms have been hacked, and malicious users having full or nearly full access for months or years).

    If you are attacking a remote server, if your goal is not denial of service, then the moment your attack has been detected, it has failed (unless you already know their complete network map as well as all of the exploitable software running ahead of time and only need to quickly get a single small file)
    Reply
  • Honis
    Did the 150 attackers attack from 150 off site computers or did they attack from 150 PCs controlling 150 different botnets with a couple hundred (or thousand+) computers in each botnet? (Can't really be answered here but I don't think China/Russia/Our current allies are going to be attacking with anything less than a half a million computers willing or unwilling computers.)

    Cyber War I, Uncle Sam needs you to join the attack! Install SamNet on all of your connected devices Today!!!
    Reply
  • lradunovic77
    SkyNet
    Reply