Hundreds of National Guard soldiers and airmen have converged in an unclassified environment in Arkansas to prepare for cyber attacks against the Department of Defense computer networks.
Designed after the December 2020 SolarWinds breach – in which the U.S. departments of Homeland Security, Treasury and Commerce were infiltrated – with a focus on how the supply chain was disrupted, Cyber Shield 2022 brings DOD personnel and the private sector to the Guard. Air Force Maj. Gen. Richard Neely said the Guard is “uniquely situated” to assist in cyber defense response because its members bring “civilian acquired skills” to their military duties.
“Protecting against these attacks like this will also require collaboration,” said Neely, adjutant general of the Illinois National Guard and a Master Cyber Space Officer. “As with all other emergencies, it’s not a good idea to be trading business cards in the middle of a crisis. It’s all about planning and training together. And that’s what’s great about Cyber Shield.
“Cyber Shield is special because it integrates at all levels of government, tech industry, law enforcement and other partners. These military cyber warriors have a significant advantage over their active-duty counterparts as they bring in those unique civilian acquired skills and experience, in addition to their military cyber training.”
The annual exercise, which began June 5 and will continue through June 17, is being held at the Army National Guard Professional Education Center on Camp Joseph T. Robinson Maneuver Training Center.
George Battistelli, exercise director and deputy chief information officer for the Army National Guard, said there are multiple cyber-related challenges in the U.S., which were seen in both the 2016 and 2020 presidential elections when “foreign attempts to spread disinformation were rampant.”
“It was also a factor during COVID-19 pandemic,” Battistelli said during a media roundtable hosted by the National Guard Bureau on Tuesday.
It’s important, Battistelli said, to train soldiers using real world events to “cut down the noise and focus on the mission.”
‘Always on defense’
While past events focused more on election support, Battistelli said that once SolarWinds kicked off, it became clear there was a need to focus on responding to an event on the DOD Information Network (DODIN).
“We’re always on defense,” Battistelli said. “We have to be right 100% of the time. The adversary only has to be right one time.”
RELATED:First international cyber-defense competition links Iowa, Kosovo campuses
Lt. Col. Carla Raisler of the Kentucky Army National Guard is the exercise training officer for Cyber Shield 2022. She said there are 15 courses with the intent of improving the ability of cyber warriors to respond to incidents on DODIN, or in a civilian capacity.
Illinois Air Army National Guard Lt. Col. Jeffrey Fleming, exercise officer in charge, said training scenarios evolve ever year depending on guidance from Cyber Command, the National Guard Bureau and world events.
Localizing Cyber Shield
With Cyber Shield as a national-level exercise, Batistelli said what continues to happen is that there are also regional exercises, like Cyber Yankee in the northeast corridor.
“Then we have a lot of state specific exercises,” he said. “One of the big challenges that we have is that the National Guard, we always get it done. We always make things happen, whether [we’re] under resourced, undermanned, we continue to complete the mission.”
Minnesota Army National Guard Capt. Cumah Blake, exercise staff judge advocate, said Cyber Shield is a “great model” to bring to the state level, especially in relation to partnerships.
That’s, in part, because there are “not just cyber space operators” participating in the exercise, but an integrated team, including judge advocates and attorneys, who advise teams on legal considerations as they respond to cyber attacks.
“When you do this on a smaller scale with your partnership, you’re showing them the model of not only doing cyber space operations in a vacuum, but how do you integrate with other members of your team that support and make those missions successful,” Blake said.
Twenty states and Guam are participating in this year’s event, in addition to representatives from the private sector, educational institutions and the DOD.
Cyber Shield began in 2007 and includes Guard soldiers and airmen from the U.S. and its territories, along with government and private sector partners.