DHS Hires Booz to Finish Cyberattack Drill Job

United States Customs and Border Protection file photo

Company awarded contract extension after department fell behind on the Cyber Storm project.

The Homeland Security Department has decided to extend a contract for help on a biennial cyberattack drill with Booz Allen Hamilton.

The roughly $400,000 follow-on runs from Feb. 6 through April 6, according to a Jan. 13 justification for not letting other firms bid on the upcoming work. Booz won a five-year $15 million contract for the project in 2009

Booz was unable to get the job done on time due to hiccups in the federal billing cycle, DHS said.. 

"The delays can be entirely attributed to government action, including the government shutdown," DHS officials said in the justification, which was signed Jan. 13. Homeland Security offices "would like to complete planned deliverables that have projected schedule delays through no fault of the contractor."

Officials said they expect to let the entire cyber industry vie for a renewal of the contract in March. 

Cyber Storm, billed as the most extensive government-sponsored cybersecurity exercise of its kind, "builds on lessons learned from previous real world incidents" the department's website states.

DHS and Booz officials declined to comment on the "real world incidents" they might draw from for upcoming simulations. 

Edward Snowden was assigned by Booz to the National Security Agency as a systems administrator when he fled the country and leaked classified NSA information to the media. 

His quest to unearth secrets on domestic spying likely was aided by many circumstances, not least of which was Snowden's own will. Observers also have expressed concerns about the role of background investigations, checks and balances on systems administrator powers, and insider-threat detection at NSA and Booz. 

Responding to questions about the company's network defense capabilities, Booz spokesman James Fisher said in an email, "Booz Allen is proud to support the Department of Homeland Security with cybersecurity-related services.  Our 100-year-old firm has developed industry-leading cyber capabilities, led by nationally-renowned security experts, and we offer our clients unique services that integrate predictive intelligence and other technologies, with an important focus on developing the proper processes and training.”

Booz is among 17 vendors DHS selected last year for a "continuous-monitoring" project valued at $6 billion that will offer all civilian agencies threat detection services at no cost. 

DHS declined to comment on Booz's qualifications for the cyber exercise job. In response to questions, department spokesman S.Y. Lee, in an email, summarized the project's goal, “Cyber Storm is the Department of Homeland Security’s biennial exercise series that brings together federal, state, international and private sector partners to assess participants’ response and coordination capabilities in response to a cyber incident. Through these exercises, participants can validate policies, plans, and procedures that enable response, recovery, and continuity of operations.”