(March 28 - this is a revised version)
DHS/FEMA National Exercise Program Capstone Exercise 2014
Scenario Ground Truth
need-to-know basis.” Even the role players involved in the exercise itself are prohibited from seeing the files.
6.1 Cyber Operations
The Cyber operations Joint Master Scenario Events List and other exercise injects will be developed, maintained, and delivered using the Secret Internet Protocol Router Network with “placeholder events” in unclassified JOINT MASTER SCENARIO EVENTS LIST for visibility. If you have questions on cyber operations contact the appropriate North American Aerospace Defense Command –Northern Command White Cell Controller; the number can be found in the Control Cell Phonebook.
Background information to support cyber play:
The U.S. Northern Command mission of Defense Support to Civil Authorities has led to increased activity by some anti-government organizations. Currently, the most vocal organization is Free Americans against Socialist Tyranny; using social media, they advertise anti-U.S. rhetoric focusing on the Department of Defense as well as to recruit like-minded individuals to join their “cause”.
While some Free Americans against Socialist Tyranny members are capable of conducting adverse cyber operations, the greatest threat is current government employees sympathetic to their cause. It is believed that there are employees within US Northern Command, U.S. Air Force, U.S. Army, National Guard, and Defense Information Systems Agency that may support Free Americans against Socialist Tyranny doctrine based on individual comments on social media sites. Free Americans against Socialist Tyranny sympathizers may include both former and current members of the military with training on satellite communications, computer network defense, network operations, as well as military command and control. Recent reductions in force and early separation requirements have raised concern for disgruntled military and Department of Defense civilians. Based on the possible insider threat, the below capabilities could be compromised or targeted during military operations:
Critical commercial and Department of Defense Information Networks communications
infrastructure, especially concentration points or nodes, to amplify confusion and “decapitate
the enemy control”.
The North American Aerospace Defense Command –Northern Command networks and
information technology infrastructure that support command operations
Critical infrastructure and single points of failure within the affected region
U.S. Northern Command plans and responses to events such as those for Defense Support to
Civil Authorities response
Means of communications to other agencies. Mark these communications means for later
attack, exploitation, and deception or denial of use.
Additionally, this targeting affects personnel using the Network Effects Emulation System. Cyber security assessments do, however, indicate the possibility that North American Aerospace Defense Command –Northern Command personnel sympathetic to Free Americans against Socialist Tyranny have targeted "pre-selected systems" on the North American Aerospace Defense Command –Northern Command Non-classified Internet Protocol Router and SIPR Secret Internet Protocol Router Network enclaves.
Some cyber activities will be visible to all participants via the “WNN” or Social Media SIMDECK sites. These activities will include accusations that the government is responsible for the Alaska earthquake and a “hacktivist” manifesto. (page 125)
Cyber attacks are expected throughout the exercise by members of anti-‐ government organizations, such as Free Americans Against Socialist Tyranny and individuals sympathetic to their cause. (page 5)