International hacking exercise creates a cyber storm

02.02.2006
In preparation for dealing with a cyber terrorist attack Australia is set to engage in an international computer hacking exercise that has been dubbed little more than a vendor meet and greet.

Officially codenamed Cyber Storm, the exercise is being coordinated by the U.S. Department of Homeland Security and involves Australia's intelligence agencies, Department of Defence and federal police, AusCert and the Attorney General's critical infrastructure protection branch.

While the goal is to prepare and test contingency plans in the event of an attack on critical infrastructure, users have told Computerworld the exercises will be dominated by vendors protecting their gear against known vulnerabilities.

According to sources, who requested anonymity, vendors involved are those with large government contracts and it is a provider's technology that will determine the type of hacking exercises undertaken.

While it is a good idea for the private and public sector to work together, said Bill Hutchinson, IBM Professor of Computer and Information Security at Edith Cowan University, vendor involvement will shape the exercises and that is the real problem.

"It will be full of companies and government departments and the limitation of such an exercise would be that it would be close-minded," Hutchinson said.