The United States aimed to learn more about weaknesses in its critical infrastructure this week after kicking off Cyber Storm II, an international exercise pitting imaginary enemies against private and public defenders.

The week-long exercise focuses on cyber attacks on important components of the national infrastructure including industries in the chemical, information-technology, communications, and transportation sectors. More than 40 companies will participate in the war game, operating under a scenario where an organized adversary attacks U.S. networks. Company employees and workers in almost a dozen federal agencies will take part in the exercise from their offices, responding to e-mail notices of attacks and other news.

"The scenario will progress as players receive 'injects' via e-mail, phone, fax, in person, and exercise websites from exercise control," the Department of Homeland Security, which runs the exercise, said in a statement. "These injects will simulate adverse effects through which the participants can exercise their cyber crisis response systems, policies and practices."

The state of the United States' cyber defenses has become a major topic among lawmakers and policy makers. Last month, members of the House Committee on Homeland Security questioned the Bush Administration's ability to secure federal networks through the Cyber Initiative, which calls for $30 billion to be spent over the next five to seven years to reduce the number of trusted Internet connections (TICs) and more effectively monitor those connections. Attacks sponsored by other nations, in particular China, have worried the U.S. military. Top officials at the DHS have called for private-sector companies to communicate more information on threats, so that broad attacks can be identified sooner.

The first Cyber Storm exercise took place in 2006, and while an after-action report put a positive spin on the results, the report also noted major problems in responders' reactions to the war game.

If you have tips or insights on this topic, please contact SecurityFocus.