Preparing for a Cyber “Pearl Harbor”
In March 2013, a wave of persistent cyberattacks crippled the websites of three major South Korean banks and two of Seoul’s largest broadcasting stations. For hours, people were unable to withdraw money and computers at the television networks were inoperable. Cybersecurity experts quickly attributed the attacks to North Korean hackers, operating with – at a minimum – tacit approval of Pyongyang’s leader.
According to DHS, the U.S. Computer Emergency Readiness Team (U.S. CERT) analyzed close to 200,000 cyberthreats targeting the U.S. Government, critical infrastructure, and private industry in 2012. Of these, 7,455 were deemed “actionable cyber-alerts” based on indicators leveraged by the private sector and Federal agencies.
DHS, as the lead agency responsible for coordinating the U.S. Government response ’to significant cyber or physical incidents affecting critical infrastructure,’ holds regular exercises designed to leverage a whole of Government approach to this growing threat. Within DHS, the Office of Cybersecurity and Communication (CS&C) plans and executes cyber exercises and training programs with multiple stakeholders. Cyber Storm, which began in 2006 and happens every two years, uses simulated cyberthreat incidents. These exercises have grown in sophistication and scope. The most recent exercise improved coordination between public and private entities.
These cyber exercises will continue to advance and expand. For the exercises to reach their full potential, DHS must deepen engagement with the private sector, fully implement information sharing best practices to share cyber threat data, and continue to capture (and implement) lessons learned. Only through comprehensive exercises, based on realistic scenarios and engagement among all levels of government and the private sector can we hope to successfully defend our critical networks against malicious cyberactors operating on the other side of the globe – or – right here at home.