The U.S. Department of Homeland Security’s (DHS) Cyber Storm exercise series is part of the Department’s ongoing efforts to assess and strengthen cyber preparedness; examine incident response processes in response to ever-evolving threats, and enhance information sharing among federal, state, international and private sector partners.
The Cyber Storm series simulates large-scale cyber events and attacks on the government and the nation’s critical infrastructure and key resources (CIKR)—so that collective cyber preparedness and response capabilities can be measured against realistic and credible national-level events. DHS’s National Cybersecurity Division (NCSD) is sponsoring the latest installment of the series—Cyber Storm III, which will include thousands of players across government and industry and more than 1,500 injects of data to keep participants on their toes.
The Cyber Storm III exercise scenario reflects the increased sophistication of our adversaries, who have moved beyond more familiar Web page defacements and Denial of Service (DOS) attacks in favor of advanced, targeted attacks that use the Internet’s fundamental elements against itself—with the goal of compromising trusted transactions and relationships.
The scenario will incorporate known, credible technical capabilities of adversaries and the exploitation of real cyber infrastructure vulnerabilities, resulting in a range of potential consequences—including loss of life and the crippling of critical government and private sector functions.
Throughout the exercise, the goal of exercise players will be to identify, in real time, the ongoing attack and mitigate the compromises and vulnerabilities that allowed it to occur, as well as possible consequences to compromised systems. At its core, the exercise is about resiliency—testing the nation’s ability to cope with the loss or damage to basic aspects of modern life.
Cyber Storm III builds upon the success of previous exercises; however, enhancements in the nation’s cybersecurity capabilities, an ever-evolving cyber threat landscape and the increased emphasis and extent of public-private collaboration and cooperation, make Cyber Storm III unique.
Cyber Storm III is the primary vehicle to exercise the newly-developed National Cyber Incident Response Plan (NCIRP)—a blueprint for cybersecurity incident response—to examine the roles, responsibilities, authorities, and other key elements of the nation’s cyber incident response and management capabilities and use those findings to refine the plan.
Administration-Wide—Seven Cabinet-level departments including Commerce, Defense, Energy, Homeland Security, Justice, Transportation and Treasury, in addition to the White House and representatives from the intelligence and law enforcement communities.
California, Delaware, Illinois, Iowa, Michigan, Minnesota, North Carolina,
New York, Pennsylvania, Texas, Washington, as well as the Multi-State Information Sharing
and Analysis Center (ISAC)—compared to nine states in Cyber Storm II.