Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Communications Government Security The Internet Technology

Europe Simulates Total Cyber War 80

Tutter writes with this quote from the BBC: "The first-ever cross-European simulation of an all out cyber attack was planned to test how well nations cope as the attacks slow connections. The simulation steadily reduced access to critical services to gauge how nations react. The exercise also tested how nations work together to avoid a complete shut-down of international links. Neelie Kroes, European commissioner for the digital agenda, said the exercise was designed to test preparedness and was an 'important first step towards working together to combat potential online threats to essential infrastructure.' The exercise is intended to help expose short-comings in existing procedures for combating attacks. As the attacks escalated, cyber security centers had to find ever more ways to route traffic through to key services and sites. The exercise also tested if communication channels, set up to help spread the word about attacks, were robust in the face of a developing threat and if the information shared over them was relevant."
This discussion has been archived. No new comments can be posted.

Europe Simulates Total Cyber War

Comments Filter:
  • Exercise FAQ (Score:4, Informative)

    by zrbyte ( 1666979 ) on Saturday November 06, 2010 @12:20PM (#34147842)
    Find it here. [europa.eu]
  • by TheLink ( 130905 ) on Saturday November 06, 2010 @12:21PM (#34147844) Journal
    So that explains it now.

    The ISPs in my country have obviously been preparing us for years of cyberwar.
  • Love to. How about Global Cyber Internet War?

  • Until prompted at the terminal whether they wanted to play global thermal nuclear war....

    • I didn't read your post, it was just the first one with a score above 2. I didn't read the article, I didn't even read the summary! However, here I sit and will tell you exactly what the article said. European government cooperated in testing their systems. They hired top notch people. when it was said an done, they found that severe work needed to be done to secure the systems in preparation for future threats. The article also manages to embarrass a government agency due to their incompetence. Whil
  • by Anonymous Coward

    Since cyber attacks are launched from pwned machines, what is needed is:

    (1) More diversity. We need around 5 major OS families with roughly equal market share, not one with 90% and a few others begging for scraps. Lack of genetic diversity makes life much easier for botnets and malware.

    (2) We need people to start taking ownership for their machines. Running random shit that random untrusted web sites thrust at you (whether exes or just scripts used as an attack vector) is just idiotic, and people have go

    • by grumbel ( 592662 )

      (2) We need people to start taking ownership for their machines.

      No, we need OS that don't give every app access to the full system. Why is there no OS today that allows you to run an application in an isolated sandbox? Why should running an .exe be less safe then running a Flash or Javascript app? There simply isn't any good reason why things are so fucked up, its just historic ballast from the pre-Internet age, back when nobody cared about safety.

      I'm not sure how to do that.

      Yeah, because it *DOESN'T WORK*. And heck, even if it would work, people have absolutely no way to tell a fraudulent app fro

      • No, we need OS that don't give every app access to the full system. Why is there no OS today that allows you to run an application in an isolated sandbox?

        It's called iOS. Also, Mac OS X has sandbox-exec(1).

    • by u38cg ( 607297 )
      One easy answer to the question of how to make hard things happen (for example, making sure people run secure computers) is to mandate insurance for it. It's not a particularly liberal system, but if you can demonstrate to an insurer how you have mitigated the risk you are insuring against, you get a lower rate. Insert obligatory car analogy here.
  • by mlts ( 1038732 ) * on Saturday November 06, 2010 @12:27PM (#34147888)

    How is a mock cyberwar different from a DDoS simulation from the outside and other points, combined with a thorough penetration test?

    A thorough pen test doesn't just scan ports and call it a night, the testers call employees pretending to be IT or managers and demand/browbeat for access, either to be handed a password for "auditing" reasons, or because the main IT people are supposedly gone for the day and a remote OEM needs access. I have even seen some thorough pen tests actually drop U3 USB flash drives in the parking lot that if autorun, would note which machine got "compromised".

    I just don't see anything here that is different from hiring a thorough tiger team to test every piece of an organization's security (which companies should do at random times throughout the year.)

    • Re: (Score:1, Insightful)

      by Anonymous Coward

      How is a mock cyberwar different from a DDoS simulation from the outside and other points, combined with a thorough penetration test?

      I think it sounds more expensive when you say "mock cyberwar".

      • by mlts ( 1038732 ) *

        To boot, if I were at a multi-site organization, one of the disaster plans would be getting the word out to CHQ if one of the data centers was being attacked. The DR plan would be getting in communication with the other site via another link such as a secure telephony app. This way the message would get out about being slammed from an unknown source, either as part of a drill, or as a reaction to a vicious attack. Smaller businesses that don't have the VoIP structure or the need to be on the Net 24/7/365

    • by Linzer ( 753270 )

      How is a mock cyberwar different from a DDoS simulation from the outside and other points, combined with a thorough penetration test?

      Don't tell me. It's been a while since I was treated to one of those...

    • Because a mock cyberwar across all of Europe is a "measure to test preparedness". However when Mitchell L. Frost, age 23, of Bellevue, Ohio admitted that between August 2006 and March 2007, he initiated denial of service (measures to test the preparedness) on web servers hosting the sites of political commentators Bill O'Reilly, Rudy Giuliani, and Ann Coulter, they were so pleased with his services that threw him in jail.

      In other words, "Global Cynernuclear War" is a test, while a coke can with baking soda

  • help? (Score:1, Interesting)

    by Anonymous Coward

    At which point in their simulation are they planning on having USA saving their asses?

    • Probably about the same point where they've successfully turned the tide and don't need American help anyway.
    • Re:help? (Score:5, Informative)

      by Anonymous Coward on Saturday November 06, 2010 @01:01PM (#34148050)

      About 4 years later, and after Russia's done 75% of the work...

      • So will the US be producing a huge chunk of Europe's war material?
      • About 4 years later, and after Russia's done 75% of the work...

        you mean after russia helped the attackers doing 75% of the work? http://en.wikipedia.org/wiki/Soviet_invasion_of_Poland [wikipedia.org] http://en.wikipedia.org/wiki/Molotov-Ribbentrop_Pact [wikipedia.org]

        • the soviet invasion of poland was just russia getting back its former territories which poland has taken two decades earlier when they invaded the still young ussr.

      • Just because Russia's done 75% of the dying doesn't mean they've accomplished a equivalent amount of the progress.

        In the US-Afghan war, did the Taliban do 1000% of the work? Because the casualties work out about that way...

        • by Super_Z ( 756391 )

          Just because Russia's done 75% of the dying doesn't mean they've accomplished a equivalent amount of the progress.

          Comparing total german losses [wikipedia.org] (5,533,000) to german losses on the eastern front [wikipedia.org] (4,215,000) shows that the Soviets indeed did the "equivalent amount of the progress.".

      • That's funny, but about 60 years out of date.

      • by jovius ( 974690 )
        The arrogance and selfishness lead astray a bit. The war wasn't won by just massing in troops but also because of the tactical and strategic mistakes by Germany. One can claim whatever, but the things just happened to go like that with help from the German leadership. The nationalist fervor is based on a false pretense. We should have gotten rid off it already after we killed each other by millions, but the winning states divided the world between each other and locked into trenches.

        One of the founding i
    • At about the same point that USA finally wins its "liberation wars" in the Middle East

    • Re: (Score:1, Interesting)

      by Anonymous Coward

      After America spends years ignoring the biggest threat to civilisation ever, only responds when America's threatened, and then contributes a tiny amount of resource (both as a total compared to USSR, Britain, France, Canada, and as a % of their size) and then goes on and on about it for ever. Just like WW2 then.

    • Sorry, the American's aren't in any better shape at the moment.
  • These are feasibility studies where defense is only a secondary consideration. Next we will see several small but notable "cyber attack" events that will justify increased funding to the biggest players.
  • Peace protests (Score:2, Insightful)

    by Anonymous Coward
    Make cyber-sex, not cyber-war!
  • by PolygamousRanchKid ( 1290638 ) on Saturday November 06, 2010 @01:49PM (#34148308)

    Sure would save a lot of lives, materials and money. Oh, wait, they tried that on Star Trek and it ended in tears, until Captain Kirk shutdown the simulation.

  • cyber - nonsense (Score:3, Insightful)

    by drDugan ( 219551 ) * on Saturday November 06, 2010 @01:58PM (#34148346) Homepage

    the whole cyber- prefix is getting old and useless.

    cyber-crime (it's crime)
    cyber-war (it's war)
    cyber-stalking (it's stalking)
    cyber-bullying (it's bullying)

    you get the picture.

    • yeah, but unless we come up with something better.
    • by dillee1 ( 741792 )
      Cyber-sex (it's not sex)
    • It was old and useless the instant the internet came online (hah), simply because it's a buzz word that means "internet". Hell, it's a full blown euphemism. It's like the people using it feel like being caught saying "internet" will somehow damage their careers, so they do a dainty dance around the issue, instead of calling it what it is. The only cyber-whatsits I want to hear about anymore are robotic prosthesis and brain interfaces.
    • Cybernetics deals with robotics and other control/feedback systems. What kind of a genius decided that it would be a good name for doing things on the Internet?
  • I found a picture of the computer [e0d.com] the simulation was run on.
  • WEB 0.1, Cyberspice, Saturday (NTN) — The European Union has run a simulated "cyber attack," in which simulated outsourcing companies strike mortal blows upon national budgets [newstechnica.com] for consulting fees for "cyber security" while still using Windows.

    The simulation steadily reduced access to critical services to gauge how nations react, removing access to working email, letting loose old viruses and charging €300 callout fees to look at why you can't log in.

    Neelie Kroes, European commissioner for the digital agenda, said the exercise was intended to help expose short-comings in existing procedures for combating attacks on funding. "It is an important first step towards working together to combat potential online threats to essential infrastructure and the consulting fees therefrom."

    The exercise also tested how nations work together to avoid a complete shut-down of international links when internet service providers charge £50/month for a "super-fast" connection with a 20GB bandwidth cap.

    The exercise was overseen by bouncing new baby quango the European Network Security Agency. "We considered just bombing Redmond, Washington from orbit, which simulations showed would have pretty much solved all attacks over the network itself," said Dr Udo Helmbrecht, most recently of outsourcing firm EDS Capita Goatse. "But we're not so silly as to put ourselves out of a job."

  • So would this have anything to do with the two multinational (Scotland, N.Ireland, Eire, England) broadband outages in the last week?
  • I'm glad I had my porn backed up on my hard drive. No downtime for me...

  • Gobal Cyber War?

If all else fails, lower your standards.

Working...