UNITED24 - Make a charitable donation in support of Ukraine!

Homeland Security

Homeland Security Planning Scenarios

Scenario 15: Cyber Attack


Casualties None directly
Infrastructure Damage Cyber
Evacuations/Displaced Persons None
Contamination None
Economic Impact Millions of dollars
Potential for Multiple Events Yes
Recovery Timeline Weeks

Scenario Overview:

General Description - In this scenario, the Universal Adversary conducts cyber attacks that affect several parts of the nation's financial infrastructure over the course of several weeks. Specifically, credit-card processing facilities are hacked and numbers are released to the Internet, causing 20 million cards to be cancelled; automated teller machines (ATMs) fail nearly simultaneously across the nation; major companies report payroll checks are not being received by workers; and several large pension and mutual fund companies have computer malfunctions so severe that they are unable to operate for more than a week. Individually, these attacks are not dangerous - but combined, they shatter faith in the stability of the system. Citizens no longer trust any part of the U.S. financial system and foreign speculators make a run on the dollar.

Timeline/Event Dynamics - Several years are needed for preparation. The attack is executed over a few weeks to ensure extended press coverage and undermine confidence in the financial system. However, there are no secondary hazards/events.

Key Implications:

No fatalities, significant injuries, or property damage are expected. However, significant disruptions across many or most sectors of the financial industry do occur. The greatest impact of this event will be on the economy.

Mission Areas Activated:

Prevention/Deterrence/Protection - The strength of private sector finance companies will be tested in regard to prevention, deterrence, and protection.

Emergency Assessment/Diagnosis - The attack will be difficult to recognize. Initially, failures may be mistaken for normal malfunctions, and analysis will have to be performed to link failures across many parts of the financial sector.

Emergency Management/Response - Emergency response will be split between (1) technically bringing systems back online and instituting business continuity process, and (2) controlling the public perception of the situation to restore confidence and prevent panic.

Incident/Hazard Mitigation - None.

Public Protection - None.

Victim Care - Citizens and investors will look for government assurances that their losses will be made whole.

Investigation/Apprehension - Using intelligence and law enforcement sources and methods, the investigators will need to determine the likely technical source and the identity of the perpetrators.

Join the GlobalSecurity.org mailing list

Page last modified: 13-07-2011 12:49:27 ZULU