美国“网络卫士”演习,检验政府应对网络事故能力

安德万 编译   2014-08-04 10:01  

0

http://www.defense.gov/news/newsarticle.aspx?id=122696

【据美国国防部网站2014年 7月17日报道】美国联邦政府举行了一场大规模网络演习——“网络卫士14-1”,来自军队、执法部门、民间机构、学术界和商业界、国际盟友的500余人参加了这次演习。这次演习为期两周,在2014年 7月17日拉下帷幕,演习的目的是检验军队和联邦机构如何在战役和战术层面相互配合,以保护美国国家网络基础设施,预防、减轻这些基础设施面临的网络攻击并迅速从攻击中恢复。

美国网络司令部牵头组织了这次演习活动,演习在位于弗吉尼亚的美国联邦调查局国家学院举行。“网络卫士”演习也吸引了来自学术界、私营行业和国家事业机关的观察员。据国防部官员,这是此类演习中规模最庞大的一次,有550多名参与者,为2013年演习参与者人数的双倍。

演习中,网络司令部、国民警卫队、预备役部队和国家安全局支持国土安全部和联邦调查局对针对关键国家基础设施的模拟国外攻击做出反应。

万一发生了国内网络事故,美国联邦机构分别拥有不同的、互补的角色。国土安全部是负责协调保护、预防、减缓和从一次网络事故恢复的领导机构。美国司法部和联邦调查局负责调查、追查、阻止和起诉国内网络犯罪,以及收集、分析和分发国内网络情报。美国国防部负责保护美国免受攻击,收集、分析和分发国外威胁情报,并支持美国国土安全部的保护、预防和恢复作用。

国民警卫队的职责是帮助受网络事故影响的州,允许联邦军队能够专注于他们的传统核心任务。据美国国防部消息,这次演习的大多数参加者都来自22个州的国民警卫队人员。

“网络卫士”还包括一些网络保护分队,这是美国网络司令部的任务保护部队(Mission Protection Force)的一部分。这些分队保护美国国防部的信息网络,提供外国情报和评估以及为国家防御提供现役能力,以支持军方的需求。

“我们正在学习,不断成长,”网络司令部司令和国家安全局局长迈克尔•S•罗杰斯海军上将在一份声明中说,“我们必须建立一个框架,与我们的合作伙伴无缝地、有效地合作,而不是只在政府内合作部,也与工业界和学术界合作。”

演习的一大主题侧重于建立合作伙伴关系、流程和技术能力,以在国家层面更好地处理网络攻击。

“像‘网络卫士’这样的演习帮助我们开发和完善关键信息共享和协调机制,了解对方的能力和授权,使我们可以获得正确的信息,以最好的方式进行国家反应,”负责网络安全行动和项目的的国土安全部助理副部长格雷格•陶希尔( Greg Touhill)说。

(安德万编译自美国国防部网站)

Cyber Guard Exercise Tests People, Partnerships

From a U.S. Cyber Command News Release

FORT MEADE, Md., July 17, 2014 – Partners from across government, academia, industry and the international coalition recently completed Cyber Guard 14-1, a two-week exercise designed to test operational and interagency coordination as well as tactical-level operations to protect, prevent, mitigate and recover from a domestic cyberspace incident.

Elements of the National Guard, reserves, National Security Agency and U.S. Cyber Command exercised their support to Department of Homeland Security and FBI responses to foreign-based attacks on simulated critical infrastructure networks, promoting collaboration and critical information sharing in support of a “whole-of-nation” effort.

“Citizens of our nation are counting on us to generate the necessary capacity and capability to meet the challenges of this problem set,” Navy Adm. Michael S. Rogers, Cybercom commander and NSA director, said in remarks to more than 70 distinguished visitors to the exercise. “We are continuing to learn and mature. We have to build a construct to work seamlessly and effectively with our partners, and not just within the government, but also with industry and academia – outside [the Defense Department].”

Building and ensuring partnerships, processes, and human and technical capabilities were common themes during the exercise.

“We talk all the time about physical networks connecting computers and communications,” said Robert Anderson, executive assistant director of the FBI’s criminal, cyber response and services branch, in remarks to exercise participants. “But we must remember that on both ends of that computer network, there is a network of people working toward a common goal: to defeat our adversaries. Cyber Guard helps us get better at using the network of warriors on the front lines — like you — to achieve our goal.”

The event, executed by Cybercom and hosted by the FBI at the National Academy in Quantico, Virginia, was the largest yet, hosting more than 550 participants, roughly double the number who participated last year. Continuing the event’s evolution into a holistic, whole-of-nation effort, observers from academia, private industry and state utilities were on hand to observe.

In the event of a domestic cyber incident, federal agencies have specific, complementary roles, officials said.

DHS is the lead for coordinating the protection, prevention, mitigation of, and recovery from a cyber incident. The Justice Department and the FBI are responsible for the investigation, attribution, disruption and prosecution of domestic cyber crimes, as well as the collection, analysis and dissemination of domestic cyber threat intelligence. DoD is responsible for defending the nation from attack, collecting, analyzing and distributing foreign threat intelligence, and supporting DHS in their protection, prevention and recovery role.

“Practicing as an interagency team is essential to ensure national response to cyber events produce results that are effective and efficient,” said Greg Touhill deputy assistant secretary of homeland security for cybersecurity operations and programs. “Exercises like Cyber Guard help us develop and refine key information sharing and coordination processes, understand each other’s capabilities and authorities, and operate in a manner that keeps us in the right formation to present the best national response.”

The National Guard plays a key role in directly helping the states affected by a cyber incident, allowing federal forces to focus on their more traditional mission. The majority of the participants were National Guard service members representing 22 states.

The exercise also included several Cyber Protection Teams, part of Cybercom’s Cyber Mission Force being built over the next few years. The teams defend DoD information networks and help support DoD’s requirement to provide foreign intelligence and assessment and active-duty capabilities to defend the nation.

“Cyber Guard provided an opportunity for agencies to execute and refine the DoDIN command and control construct model,” said Phil La Perla, chief of readiness and exercises for the Defense Information Systems Agency. “The 90th [Cyber Protection Team], aligned to DISA, also benefited by teaming with the U.S. Coast Guard in defending DoD information networks, building on our great relationship with DHS.” Some of DISA’s network management teams also participated in the event.

In addition to the observers, FBI hosted an “Industry Day” that included 105 participants from a broad cross-section of private industry, including energy, finance, and information technology security. The event continued to strengthen relationships with private industry to facilitate information sharing that could prevent, mitigate or respond to a cyberattack, officials said.

“This robust, interagency exercise to defend the nation has accelerated in maturity over the last three iterations,” said Coast Guard Rear Adm. Kevin Lunday, Cybercom’s director of training. “We used this event to develop teamwork and collaboration, and we have gone from just a few Guard teams two years ago to incorporating critical government and private sector partnerships to test whole-of-nation solutions in this dynamic domain.”

Eric Rosenbach, deputy assistant secretary of defense for cyber policy, took note of other ways the exercise has improved and evolved.

“I think it’s really impressive what you’ve done from the authority, policy and law standpoint,” he said in comments to the distinguished visitors at the event. “I also think how you’ve connected the technical parts – the ranges, your tools and capabilities – is also impressive.”

Lunday also noted that in each iteration of the exercise, the scenarios from the adversary – simulated by a ‘red team’ – get more realistic and incorporate lessons learned from previous exercises.

“What you’re doing here is critically important to how we will respond on behalf of our nation to a major cyberattack,” he said. “The more we know and share about the adversary and the better-defined our processes are, the better we can defend the nation.”

文章来源于网络,仅代表作者观点。欢迎关注独家网(www.dooo.cc)
责任编辑:翟帅 关键词: 美国 信息安全 黑客大战


发表评论



返回顶部