As primaries are held and the elections in November approach, Air Force Col. George R. Haynes is confident but not comfortable.
Haynes, the chief of cyberspace operations for the National Guard Bureau, is accustomed to dealing with the shifting sands of intentional misinformation spread across the internet. Because he understands how treacherous that landscape can be, he realizes cybersecurity is a dynamic process.
“You’ve got locks in your home,’’ Haynes said. “You’ve got alarms in your home. You feel mostly safe all the time, but there’s always a potential threat out there that you’re always prepared for.’’
U.S. Cyber Command and National Guard personnel in every state, the District of Columbia and U.S. territories approach election cybersecurity from several fronts.
The most promising is the Cyber 9-Line. Rolled out last December, it enables participating National Guard units to report an incident quickly to Cyber Command. Those details are shared with other states through the Big Data Platform.
Twenty-two states were participating in the Cyber 9-Line as of mid-July, but all states and territories are interested, said Air Force Col. Sam Kinch, the National Guard adviser to Cyber Command.
“Malicious cyber actors today maneuver around the cyberspace battlefield quickly and efficiently,’’ Kinch said. “If we don’t see information within 24 to 48 hours of an actual incident, by the time we respond to that incident, the actors already moved on, normally to other infrastructure.’’
Cybersecurity experts traditionally “put a Band-Aid on the wound that happened,’’ Kinch said.
The Cyber 9-Line improved that approach.
“It really tries to go after the source of the pain, go after that attacker wherever the source is from and stop them from doing harm to other states or other locations within our nation,’’ Kinch said.
Maryland is one state that has benefited from the Cyber 9-Line. It enables cybersecurity personnel to see the broader picture for any security threat, Maryland National Guard Maj. Daniel Keffer said.
“The more states that come onboard doing this, the better America is going to be,’’ Keffer said.
Besides the Cyber 9-Line, a “whole-of-government’’ approach allows the National Guard to communicate with Cyber Command, as well as the Department of Homeland Security, secretaries of state and the National Governors Association, among other entities.
Tabletop exercises, which involve real-world scenarios to reveal possible risks, also are part of the cybersecurity strategy. National Guard units are set to participate in Tabletop the Vote, coordinated by Homeland Security, in late summer, at the time of reporting.
The threats are never ending.
“There are millions of accounts out there that are fake and trying to drive public opinion,’’ Lt. Col. Seth Barun of the North Carolina National Guard.
The National Guard works with the North Carolina State Board of Elections to monitor computer networks, check social media sites for abnormal activity and perform security assessments for the state’s 100 counties, Barun said.
He said the biggest challenge is awareness.
“When [agencies are] focused on just keeping a network up, sometimes security goes by the wayside,’’ Barun said. “The threat out there in 2016, a lot of it was bots on Twitter, Facebook and that sort of thing, so we’re focused a little bit on that but really on that integrity.’’
About 4,000 National Guard members comprise 59 cyber mission units that support Cyber Command, not counting information technology workers or contractors. Twenty-three of those units are cyber protection teams, Haynes said.
The size of the National Guard’s cyber operations force has grown by about 35% from four years ago, when U.S. intelligence found Russia interfered in the elections, spokesman Wayne Hall said in an email.
“What I’ve seen since 2016 is, we have a much tighter, more open discussion and information flow,’’ Haynes said.
More than 131 million ballots were cast in the last presidential election. How many people will vote in November — and the method by which those ballots will be cast — is uncertain because of COVID-19. The pandemic has not lessened the resources that the National Guard has devoted to election cybersecurity, Haynes said.
Measures constantly are being tweaked, because in cybersecurity, one never can be overprepared.
“We’re not going to stop, so it’s not like, ‘We’re ready today, so we can sit back and relax until the elections,’’’ Haynes said.Read comments