Simulated cyber attack exercise demonstrates gaps in policies and skills

Responses to a simulation yesterday of a large-scale cyber attack that supposed a widespread malware infection has shut down cell phone and computer networks and disabled much of the power grid showed a lack of preparedness to handle such a major incident, as well as potential gaps in policies, legal authority, and technical skills. In the words of former CIA Director Michael Hayden, who helped devise the simulation, “It was clear we don’t have an adequate policy, expectation of privacy, public-private partnerships or understanding of international norms to deal with a massive cyber attack.” More details about the “Cyber Shock Wave” scenario and the participants in this exercise can be found at the website of the Bipartisan Policy Center, which developed and sponsored the simulation.This particular exercise was notable both for the individuals who participated and the publicity of the process, both of which increase the likelihood that current administration and military officials with actual responsibility for handling such an attack will take notice of the results.