Virtual workshop unites countries to sharpen cyber defenses

Defense official stresses cybersecurity as a global responsibility

Recent incidents of cyberwarfare showcase the need for nation states to work together to better defend their computer systems and networks from attacks, a Defense Department official involved in an international readiness exercise said on Wednesday. The United States is one of 16 countries participating in the virtual workshop to test the global defense community's ability to fend off calculated attacks on computer systems and networks.

Comment on this article in The Forum."A lot of [countries] have invested domestically in cybersecurity as knowledge about [threats] has grown, but instances like Estonia and Georgia and others have proved that this is an international issue," said Mark Hall, director of the International Information Assurance Program at the Office of the Assistant Secretary of Defense. "We need to come together as nation states to leverage one another's expertise, resources and partnerships. The attacks are exploited around the world and launched around the world; we're all seeing that."

The three-day 2008 International Cyber Defense Workshop (ICDW), hosted by the University of Nebraska at Omaha, is part training and part exercise. IT professionals from around the globe were divided into 88 teams to first participate in a series of instructor-led sessions on common network security vulnerabilities. On Thursday, each team will apply what it has learned to defend virtual private networks -- chosen for the exercise -- from targeted cyberattacks. Most of the participants will "play" from home, accessing the workshop via the Internet. Participating countries also can attack one another anonymously to learn the processes and mind-set used by hackers trying to gain access to systems and networks.

Examples of attacks include:

• DNS poisoning, which hijacks an Internet address to redirect users to a phony Web site in an effort to collect sensitive information.

• SQL injects, which imbed malicious code into Web applications to track data entry by user.

• Cross-site scripting, which spreads malicious code using Web 2.0 collaborative functions.

• Buffer overflows, which overwhelm program memory with too much data, causing systems errors that can provide access to hackers.

As each attack is executed, teams will be expected to write the correct code to prevent an exploit from launching or penetrating the network.

"These are vulnerabilities that academically, these folks understand," Hall said. "But it's one thing to read about them and another to see how they're taken advantage of and what actions should be taken to mitigate the risk and prevent the attack on your network."

Hall describes ICDW as more technical than the Homeland Security Department's Cyber Storm, which simulates a large-scale coordinated cyberattack on the nation's infrastructure networks. Cyber Storm presents scripted events to public and private sector players to test their response processes and ensure the proper authorities are involved, but ICDW executes real attacks on actual networks. The people involved are technically knowledgeable -- the same ones who would staff a computer incident response center.

"I've been out there trying to lead the international defense communities in cooperation," Hall said. "We're seeing the same threats, we're all coming up with solutions, and we're all developing the tools. It's my hope that one day all these [cybersecurity] centers will be connected so Germany can call Brazil, or the U.S. can call Italy. These efforts need to happen both nationally and internationally."

Results of the exercise will be collected at the end of the week and analyzed for lessons learned. Hall hopes to conduct similar workshops as often as four times a year.