CISA ‘Cyber Storm’ exercise simulated response to critical infrastructure attack

The Secret Service partnered with the Cybersecurity and Infrastructure Security Agency (CISA) last week to host a three-day cyber response program, gathering 2,000 participants from international, federal, state, and local governments as well as the private sector.

As threats of cyberattacks on critical infrastructure heighten amidst the ongoing war between Russia and Ukraine, the event, called Cyber Storm VIII, was focused on evaluating structures in place for cybersecurity response and readiness. The event, which had participants from 200 organizations from an array of sectors, was not a response “to any specific or credible threats,” CISA said in a statement.

In order to improve cyber resilience and mitigate the consequences of hacks, the exercise simulated a cyberattack scenario for participants to respond to.

Snapping a quick photo w/my great teammates Jim Murray & @ncdinglis before kick-off of the Cyber Storm VIII Exercise, bringing together partners across Fed, State, Local, Int’l & Industry to simulate a response to a major cyber incident. Thanks to @SecretService for hosting! pic.twitter.com/d5HU4UxQ1J

— Jen Easterly (@CISAJen) March 7, 2022

“The scenario for Cyber Storm VIII involved both operational (e.g. industrial control systems) and traditional enterprise systems, with organizations experiencing various impacts such as ransomware and data exfiltration,” the statement read.

CISA Director Jen Easterly said in a statement that safeguarding critical infrastructure would continue to be a priority for the agency, and called on all organizations “to adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”