YOU ARE HERE: LAT HomeCollections

In a doomsday cyber attack scenario, answers are unsettling

What if a crippling attack struck the country's digital infrastructure? Experts including current and former officials tackle the question. The results show that the peril is real and growing.

February 17, 2010|By Bob Drogin

Reporting from Washington — The crisis began when college basketball fans downloaded a free March Madness application to their smart phones. The app hid spyware that stole passwords, intercepted e-mails and created havoc.

Soon 60 million cellphones were dead. The Internet crashed, finance and commerce collapsed, and most of the nation's electric grid went dark. White House aides discussed putting the Army in American cities.

That, spiced up with bombs and hurricanes, formed the doomsday scenario when 10 former White House advisors and other top officials joined forces Tuesday in a rare public cyber war game designed to highlight the potential vulnerability of the nation's digital infrastructure to crippling attack.

The results were hardly reassuring.

"We're in uncharted territory here," was the most common refrain during a three-hour simulated crisis meeting of the National Security Council, the crux of the Cyber Shockwave exercise.

Joe Lockhart, former press secretary to President Clinton, urged his fellow panelists to be bold. "Trust me," he said, "you will be judged on this when this is over, and for years to come."

The panelists apparently took him to heart and, as the scenario unfolded, tossed out ways to maintain order -- including nationalizing industries, rationing fuel and snatching suspects overseas.

The public rarely gets a peek at government war games. If Tuesday's no-cliche-left-behind version at times resembled a sci-fi thriller, no one doubts that the peril to telecommunications and other crucial computer-run systems is real and growing.

Dennis C. Blair, the director of national intelligence, this month warned the Senate Intelligence Committee, "Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication."

Google, for example, recently disclosed what it called a "highly sophisticated and targeted attack" originating in China in mid-December on its search engine infrastructure and e-mail, as well as on at least 20 other companies. China's government denied any role in the shadow attacks.

Attacks on government networks are also ubiquitous. According to a 2008 report by the nonprofit Center for Strategic and International Studies, NASA and the departments of Defense, Homeland Security and Commerce "all suffered major intrusions by unknown foreign entities" the previous year.

"The unclassified e-mail of the secretary of defense was hacked, and [Defense Department] officials told us that the department's computers are probed hundreds of thousands of times each day," the report said.

President Obama has pledged to secure the nation's vital computer networks and created a White House office to coordinate cyber security.

In December, the Homeland Security Department released a draft plan to designate roles and responses to potential attacks or mischief.

However, the worst-case scenario presented in a Washington hotel ballroom Tuesday would almost certainly overwhelm the administration's proposed cyber defenses.

It began with the March Madness college basketball postseason tournament application, but then an unidentified insider apparently sabotaged the software patch, making the problem far worse.

As the war game unfolded, the attack was traced to computer servers in Russia, and then to an unnamed individual in Sudan. For reasons never explained, homemade bombs exploded by electric power stations and gas pipelines in Tennessee and Kentucky.

And a monster Category 4 hurricane slammed into the Gulf Coast.

Michael Chertoff, who played the national security advisor in the exercise, had some relevant experience to draw on. He headed the Homeland Security Department when Hurricane Katrina struck in 2005.

"We need to know how to deal with this," Chertoff declared at the start of the session. "The biggest danger," he added, "is if we're ineffective."

The event was sponsored by the Bipartisan Policy Center, a Washington-based group headed by Thomas H. Kean and Lee H. Hamilton, who co-chaired the 9/11 Commission. The scenario was developed by Georgetown University and several companies, including PayPal. The session will be aired later on CNN.

None of the panelists knew the scenario in advance. Chertoff moderated the debate as others flanked him at tables that formed a V. An audience of industry executives, current and former government officials, and think tank experts watched and occasionally chortled as the group struggled to respond.

The panel sometimes learned the latest developments from fake TV bulletins that appeared on giant screens behind them.

And sometimes they didn't. One broadcast noted that the Federal Aviation Administration had grounded all planes. More than 20 minutes later, the supposed presidential advisors were still discussing whether to do just that.

The former officials all gave a spirited performance.

Los Angeles Times Articles