UPDATED: Secretive TopOff 4 exercise tests multiagency preparedness for WMD attacks

Editor's Note: This story was updated at 10:50 a.m. June 26, 2006, to correct the spelling of Carl Banzhof's name.

Federal agencies staged joint exercises this week designed to test their preparations for responding to terrorism.

The Homeland Security Department's Top Officials 4 Command Post Exercise (TopOff 4 CPX) involved more than 4,000 people from more than 85 federal, state, local and private partners, said George Foresman, DHS’ undersecretary for preparedness.

White House and Cabinet-level officials and their staffs joined first responders to ensure that they can make the right decisions under pressure, Foresman said.

This year’s exercise was the first to bring DHS, the FBI and the Federal Emergency Management Agency together on separate exercises built around a common scenario, Foresman said.

The scenario: A fictitious terrorist group set off a significant explosion in a metropolitan area and threatened Washington, D.C., with another explosive device, said John Miller, the FBI’s assistant public affairs director.

The metropolitan area was an imaginary city called Landport, based on Portland, Ore., said Butch Colvin, one of DHS’ exercise directors for TopOff 4 CPX.

The exercise overseers used a Web-based system in which controllers could see the actions of other participants, Colvin said. The system was essential to keeping the exercise on track and moving, he said.

TopOff 4 CPX participants and the FBI responded to weapons of mass destruction threats, while FEMA handled continuity-of-operations planning and implementation, said William McNally, chief of the exercise division in the Office of Grants and Training in DHS' Preparedness Directorate.

This year’s exercise was also the first time the federal government engaged state and local partners in a meaningful way, Foresman said. One of the many lessons learned is that the federal government must structure the exercises differently to better include state and local participants, he said.

The terrorist-response exercises come on the heels of other disaster preparation exercises, Miller said. Preparedness exercises are now a core mission of the federal government, he said.

IT companies are working with the federal government to include more realistic cyber-oriented scenarios in future preparedness exercises, said Carl Banzhof, chief technology officer at Citadel Security Software, a private-sector participant in the exercise.

Citadel looked at the IT security of mobile emergency communications systems set up during COOP actions, Banzhof said. Organizations must protect voice and communications data because cyberattacks that compromise them can spread misinformation in a crisis, making it worse, he said.

However, the exercise did not involve any scenarios centered on cybersecurity, he said. The Landport scenario had a large nuclear detonation, but exercise coordinators told participants that the blast had minimal effects on the city’s cyberinfrastructure, Banzhof said. That was not realistic, he said, because nuclear explosions emit an electromagnetic pulse that can damage or wipe out electronics.

This year’s exercise will lead up to the full TopOff 4 field exercises next year, Miller said. The scenarios next year will involve Arizona, Oregon and Guam.

Officials kept many details about the exercise under wraps. That was a contrast to previous years. DHS revealed a good deal of information before and during TopOff 3, held in April 2005. Last year, the press was invited to watch first responders in New Jersey, Connecticut, Canada and the United Kingdom deal with simulated terrorist attacks involving mustard gas, pneumonic plague and explosive devices.

Miller said that he and Foresman could only reveal generic details of the three joint exercises because the FBI exercise, Marble Challenge, was classified.