Zero Day: The Threat in Cyberspace

Practicing for cyberwar

The Pentagon is building a virtual city that will enable government hackers to practice attacking and defending the computers and networks that increasingly run the world's water, power and other critical systems. To reinforce the effect of those attacks, the cyber-range, known as "CyberCity," will include a scale model of buildings and other facilities that will physically respond when attacks have been successful — or unsuccessful.

Once the range is operational, "cyberwarrior" teams, some members of whom are thousands of miles away, will attempt to thwart attacks inside CyberCity. Several training scenarios are outlined here:

Disabling a rocket launcher
Terrorists have commandeered a rocket launcher and are making extortion demands. Warriors must gain access to the rocket launcher's contol system and disable the rockets.
PREVENTATIVE METHODS
• Track down and scan the control system to gain unprivileged access.
• Locate the rocket launcher's command console and explore it with read-only access.
• Exploit a flaw in the software to gain access to the controls.
• Identify commands that control the direction of the laucher.
• Reverse-engineer the launch tool to bypass the launch code requirement.
• Disable the launching system.

Restoring control of the power grid
"Hacktivists" hijack the electrical utility and post unreasonable demands on the utility's Web site. They create a brief system-wide blackout to demonstrate their ability. Warriors must recover access to the grid, disable invasive backdoor mechanisms and lock out the intruders.
PREVENTATIVE METHODS
• Study compromised Web page to identify hackers' openings.
• Exploit similar flaws to gain access to the utility's network.
• Disable the code that provides access and control to the attackers.

Manipulating traffic lights
To prevent interference with a scheduled rescue operation, warriors must analyze traffic patterns and target intersections that are most likely to be used by adversaries, creating traffic jams to block them while keeping green lights on for rescuers to exit.
PREVENTATIVE METHODS
• Find a traffic-reporting Web site and exploit it to gain access and escalate privileges.
• Capture, inspect and correlate control system data while observing traffic light changes.
• Create traffic control tools.
• Manipulate traffic while observing lights.

Preventing an overdose
Intelligence reveals that a VIP has been targeted to receive a drug overdose during his stay at the hospital. Warriors must ensure that he's not administered Vicodin, to which he is highly allergic.
PREVENTATIVE METHODS
• TIP: The hospital staff regularly visits the coffee shop. "Sniff" the coffee shop's WiFi traffic.
• Hack into the hospital e-mail server and access the e-mail of the patient's doctor.
• Reset the doctor's medical records system password.
• Exploit medical practice software to adjust the patient's prescription and remove the dose of lethal Vicodin.

Derailing a train
An enemy is transporting a weapon of mass destruction to an unknown location via railroad. Warriors must manipulate a drawbridge control system to derail the shipment.
PREVENTATIVE METHODS
• A sensor on the track counts the number of times that trains pass. After a certain number of passes, the drawbridge control system instructs trains to stop and raises the drawbridge.
• Break into the control system and manipulate data being delivered by the sensor device.

SOURCE: Counter Hack
GRAPHIC: Patterson Clark and Robert O'Harrow Jr. - The Washington Post. Published October, 2012.