Dale Leschnitzer, Los Alamos National Laboratory, works through a cyber-security disaster scenario with computer specialists from across the country. |
Intense
pressure creates diamonds from coal, they say, and for Department of
Energy (DOE) national laboratory cyber security programs, it’s an apt
comparison. Fending off thousands of computer attacks from around the
world, controlling vast libraries of sensitive information, yet keeping
the scientific flow of knowledge moving, cyber teams such as those at
Los Alamos National Laboratory (LANL) and elsewhere in the government
complex feel the squeeze.
Sharing
insights and ideas from the teams’ experiences, however, can create a
boon in cyber defense and incident management, and potentially provide
useful input for other government agencies such as the new federal Joint
Cyber Coordination Center, or JC3. The JC3 is focused on improving the
national response to threats, leveraging complex resources, and sharing
information to meet information security commitments to the nation.
Recently,
Los Alamos National Laboratory hosted an information security exercise
dubbed “Eventide” that put more than 100 participants from around the
complex into a virtual maelstrom of bad news and worse events, as the
simulation spewed sensitive data and cracked network security out into
the wilderness of the internet. They had to assess what was happening
and how to respond, as their systems were progressively compromised,
sensitive data appeared on hostile web sites, and invisible “bad guys”
revealed their nefarious plans.
“That was pretty scary … but most E-ticket rides are,” said one participant.
Coordinated
by Dale Leschnitzer, LANL’s “master of disaster,” Eventide brought
together cyber and IT leaders from 20 sites, including the Federal
Bureau of Investigation, the DOE, its Cyber Forensics Laboratory and
National Nuclear Security Administration, and the DOE’s national
laboratories, to develop recommendations on resources they need from
JC3. Not only did Eventide set the stage for the complex to ask the hard
(and realistic) questions, it also acted as an excellent incubator to
assist the JC3 in developing a practical path forward.
Tom
Harper, LANL’s chief information officer, said: “Cyber threats target
our information and data, and our productivity through vulnerabilities
in our IT infrastructure. They pose great risks to our organization’s
security and the nation’s competitiveness.”
Harper
said: “We’ve had a trial by fire and it’s toughened our teams. Now we
can strengthen and optimize our joint defenses to ensure we’re a
national resource ready to develop responses and templates to assist
government and industry.”
Harper
characterized the driving factors of the exercise: “The CIO community
understands through recent events that cyber threats continue to
increase. And a positive feature for us is our ability to surge
resources across the complex to make our response faster, bolder, and
more robust.”
A
player describing himself only as “a DOE detailee” pointed out that
“we’re all under attack, and now we can help each other. We’ve got a lot
of smart people here, and when it comes to cyber, the government’s
light years ahead of much of the industry, for good reasons. Asking the
tough questions makes you think. This is why you train on real attacks
and valid scenarios. It’s our chance fill the voids.”
Harper
noted that the past years’ work has been to improve the laboratory’s
posture and, to a degree, misperceptions about LANL’s capabilities on
these issues. Harper is chairing the National Laboratory CIO Council for
2012, in which chief information officers from across the complex are
working with the federal employees to ensure that defense and response
are agile and proactive, and that the focus is on agility, leveraged
resources, and information sharing.
“Eventide
was the way to maximize input to plans by cyber and IT leaders from
DOE’s national laboratories and plants,” Harper said.
http://www.lanl.gov/news/releases/cyber-security-exercise-puts-labs-to-the-test.html