This is not a drill!
A drill goes;
blackanddeckerblackanddeckerblackanddeckerblackanddeckerblackanddeckerblackanddecker
European banks teamed up with information security agencies and governments to run a DDoS cyber-attack preparedness exercise today. Cyber Europe 2012, a simulated cyber security attack involving 300 cyber security professionals, is being co-ordinated by European Union security agency ENISA. It's the second exercise of its type …
These simulations are necessary in order for someone to get the credit for coming up with the idea.
The tests are flawed, the best DoS attack is going to involve someone inside helping, or as the first two posters point out, power tools in the data center.
I don't think they want to get too realistic in case they uncover any weaknesses. That would cause too much trouble and possibly endanger the the job security of the person who came up with the idea.
The tests are flawed, the best DoS attack is going to involve someone inside helping, or as the first two posters point out, power tools in the data center.
People sitting in darkened rooms with green screens shouting stuff in Easten European accents just arnt going to do much to a banks systems
You can generate a lot of DDoS traffic from weakly-protected hosted websites: find a website with ftp enabled and a weak password (There are millions of these things), upload a simple PHP-based traffic generator and now you have a node to launch a DDoS attack that is always running, has a huge amount of bandwidth and no one will notice (if you don;t bother the OS, the host won't give a crap and if you leave the site up and running, the owner won't notice either).
Any OS can be used in a DDoS attack, the only way to stop DDoS attacks is to not have an internet...
None of the people I know in Banking/Financial IT (admittedly not an extensive list of contacts) know of this other than from reading the article. If its the usual suspects taking part, the banks that in non IT terms have managed to stuff significant portions of the economy, or their customer base (both retail and commercial) or both then in the event of some major cyber-strike, they're the very people I would not want to have to rely on to help us out of a crisis.
Whilst I can see that it's probably impractical, we need the equivalent of a national "air raid drill" to really be confident. It might be the most insignificant small link in the chain that actually causes a catastrophe.