War game reveals U.S. lacks cyber-crisis skills
Scene: The White House Situation Room.
Event: A massive cyber attack has turned the cellphones and computers of tens of millions of Americans into weapons to shut down the Internet. A cascading series of events then knocks out power for most of the East Coast amid hurricanes and a heat wave.
Is the assault on cellphones an armed attack? In a crisis, what power does the government have to order phone and Internet carriers to allow monitoring of their networks? What level of privacy can Americans expect?
A war game, sponsored by a nonprofit group and attended by former top-ranking national security officials, laid bare Tuesday (02/16/2010) that the U.S. government lacks answers to such key questions.
Half an hour into an emergency meeting of a mock National Security Council, the attorney general declared: “We don’t have the authority in this nation as a government to quarantine people’s cellphones.”
The White House cyber coordinator was “shocked” and asserted: “If we don’t have the authority, the attorney general ought to find it.”
The Bipartisan Policy Center, which focuses on issues such as health care, energy and cybersecurity, staged the war game to demonstrate to a complacent public the plausibility of an attack that could in many ways be as crippling as the Sept. 11, 2001, terrorist strikes. Organizers said they wanted to prod Congress and the Obama administration to act.
“We were trying to tee up specific issues that would be digestible so they would become the building blocks of a broader, more comprehensive cyber strategy,” said Michael V. Hayden, former CIA director and the principal creator of the “Cyber ShockWave” simulation.
During the war game, held over four hours at the Mandarin Oriental Hotel, three wide-screen monitors flashed maps of the United States showing network coverage and electric power ebbing. The breakdown was covered by a faux news network, GNN. Senior administration officials watched the reporting of the unfolding crisis — 40 million people without power in the eastern United States; more than 60 million cellphones out of service; Wall Street closed for a week; Capitol Hill leaders en route to the White House.
Former senior officials from Republican and Democratic administrations participated in the war game, as did one former senator. Jamie S. Gorelick, a deputy attorney general under President Bill Clinton, pressed the issue of individual privacy. In a crisis, she said, “Americans need to know that they should not expect to have their cellphone and other communications to be private — not if the government is going to have to take aggressive action to tamp down the threat.”
She recommended that the Obama administration seek legislation for comprehensive authority to deal with a cyber emergency.
Participants also wrangled over how far to go in regulating the private sector, which owns the vast majority of the “critical” infrastructure that is vulnerable to a cyber attack. Stewart Baker, a former assistant secretary at the Department of Homeland Security who played the “cyber coordinator” on Tuesday, said that the private sector was not prepared to defend against a cyber act of war and that the government needed to play a role.
“People have trouble understanding warnings,” said John McLaughlin, who served as acting CIA director in 2004 and who played the director of national intelligence. “It was only after Sept. 11 that people could visualize what was possible. The usefulness of the simulation is it will help people visualize [the threat].”
Former Clinton press secretary Joe Lockhart, who played a presidential adviser during the simulation, said it was immaterial whether the attack was an act of war; it had “the effect” of an act of war, he said.
Lockhart said that people would be scared by the simulation but that “that’s a good thing.” Only then, he said, would Congress act.
Sponsors, most of whom made financial donations that ranged up to $150,000, included General Dynamics Advanced Information Systems, PayPal, Symantec, SMobile Systems, Georgetown University and Southern Co. The Chertoff Group contributed guidance, not money. The BPC, sponsors and CNN contributed to production costs.
By Ellen Nakashima from Washington Post
