Cybersecurity: US agency participates in simulated attack on critical infrastructure

*‘Cyber Storm’ brings everyone together to discuss, exercise how we respond collectively to a cyberattack, says CISA Assistant Director for Infrastructure Security

Alexander Davis | ConsumerConnect

In protecting the critical infrastructure space while preparing the United States (US) and its allies in defending themselves against real cyberattacks, the country’s Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has announced a successful completion of a recent biannual simulated cyberattack.

ConsumerConnect gathered that the three-day exercise, known as “Cyber Storm,” involved 2,000 participants from the fields of private industry.

The US Federal Government and international groups, Friday, August 14 described the exercise by CISA as the most extensive cybersecurity exercise in the country.

Brian Harrell, CISA Assistant Director for Infrastructure Security, at the end of the simulation in a statement said it was important to simulate a debilitating attack to increase coordination between all the potential groups, all of whom worked together remotely from their homes or places of work during the exercise.

Harrell said: “We’re more connected than ever, which means our nation’s critical infrastructure faces increased risks from cyberattacks.”

According to him, “no one company or government agency can be expected to go it alone, which is why exercises like Cyber Storm bring everyone together to discuss and exercise how we would respond collectively to a cyber-attack.

“Each Cyber Storm our coordination and capabilities get better, and this year was no different.”

The CISA Assistant Director for Infrastructure Security disclosed to reporters that the simulation ─ which mimics potential attacks on critical systems but does not actually attack or disrupt these systems ─ involved an “all-out attack on different sectors” that was modelled on the capabilities of real-world adversaries.

“Now is the time to exercise under blue sky conditions, you don’t want to exchange business cards during a hurricane.

“The Cyber Storm exercise elements represented actual and potential risks and attacks were made to be as realistic as possible,” Harrell stated.

Harrell said he felt this year’s Cyber Storm exercise had shown the progress made in protecting critical infrastructure from attack.

He added: “Did we move the needle when it comes to cyber response? And I think this time around … we are seeing some marketable improvement across the critical infrastructure space.”

He noted that CISA plans to elease a report that will go more in-depth on the findings of the exercise soon.

Concerns around cybersecurity of critical infrastructure have ramped up during the COVID-19 pandemic, as individuals have moved online for everything from business to socialising in recent times.

Kindly Share This Story