(CNSNews.com) - How would the nation respond to a cyberattack on its financial system, Sen. Angus King (I-Maine) asked the head of the National Security Agency on Tuesday.
Admiral Michael Rogers, who also serves as head of the U.S. Cyber Command, was testifying before the Senate Armed Services Committee.
Sen. King asked him: "What would happen today if you, on your way back to your office, got a call that said the U.S. financial system has been taken down; all the computers on Wall Street are off; the markets are in chaos...What would be the execution, who's in charge -- what would the results be?”
“So DHS would have overall responsibility for the provision of federal support in response to this,” Rogers responded. “My role would be help to make sure I understand, number one, who is the actor. So can we identify who did this, because if I'm going to respond, I have to know who I'm responding to, or what I'm responding to.
“So one of my first questions as Cyber Command(er) would be, let's make sure we understand what's the characterization of the activity, who's the actor, what did they do,” Rogers said.
King interrupted: “Who would take the lead? Who's in charge?”
Rogers said the Department of Homeland Security would have "overall responsibility."
Sen. King asked Rogers if the scenario has been "war-gamed," or rehearsed.
"Yes, sir,” Rogers replied. "We've actually undertaken some very good table-tops, specifically, as I reached out to DHS, the financial sector -- 'Look, we have got to get down to execution level, we're a team.'"
King asked Rogers if there is a "serious red-team, war-game process to be sure we're not surprised about how to react when one of these things happen?”
Rogers said he wouldn't use the phrase "red-team."
“Is this part of our mission responsibility? Yes. Is this something we train and exercise against? Yes. Is this something we continually assess, looking for indicators of this type of activity before it occurs? Yes."
(A red team is a group inside an organization that tries to penetrate cyber defenses to find and fix vulnerabilities.)