The mission of the National Guard has continued to evolve as national priorities evolve, including the ongoing COVID-19 response, natural disasters, southern border mission and civil unrest. And now, as a growing number of cyberattacks sweep the nation, some states are mobilizing soldiers and airmen for another fight: cybercrime.
“A cyber incident is essentially a jurisdiction’s hurricane, or their tornado,” said Rob Main, North Carolina’s chief risk officer and a retired member of the Air National Guard.
So it makes sense to use the same “all-hazards” response approach that’s been working since before the internet was invented, he added.
“It’s a repeatable model; it’s known by the localities that we support, so it’s no different for them to see National Guard soldiers and airmen supporting their communities in a cyber incident as it would be if the National Guard soldiers and airmen were handing out water in the event of a hurricane,” Main said.
Guardsmen are also helping with proactive measures, such as educating the public on good cyber hygiene practices or critical infrastructure that can help prevent an attack.
Army Lt. Col. Ty Shepard, Joint Task Force Cyber Commander for the California Military Department, said cyberattacks have shut down government and business operations and put residents’ personal identifiable information at risk. A high-profile 2018 ransomware attack on the Port of San Diego, for example, kept people from being able to pay parking tickets or water bills online and also affected local law enforcement’s communications.
“When we have a fire here in California, and it impairs roadways, communications, structures, everything else — or, obviously, threatens houses and the livelihood of businesses — it’s no different than cyber,” Shepard said. “Having the capability to respond to that is very critical.”
California has three traditional Guard cyber-focused units and nearly 50 full-time members on state active-duty status working with the California Department of Technology and Office of Emergency Services on cybersecurity efforts. These include incident response and independent security assessments for state agencies and defense of the California government enterprise network.
Shepard said California’s military cyber experts have participated in more than 386 cyber incident response missions in the last year alone, as the state overall was hit with more than 30,000 cyberattacks and a 65% increase in financial losses over previous years.
Col. Thomas Pries, commander of the 252nd Cyberspace Operations Group in Washington state that has been working on election security for years, said he believes the National Guard is uniquely poised to help states with cybersecurity missions.
“We know our communities. We have a chance to build all those relationships,” said Pries. “It can be intimidating, I think, for folks when a bunch of guys come in in uniform. They’re not used to that, but it’s a little different when they’re Guard guys and we’ve known each other for years and we already know each other’s [competencies], and there’s that trust.”
Another benefit is the Guard’s flexibility to be activated for both state- and national-level missions, he said.
“Oftentimes, adversaries, what they like to do is they work … in between the seams of our policy and governance and they’ll find a place where it’s not really a state responsibility and not really a federal responsibility,” Pries said. “And because the Guard can be moved into different statuses, we’re more flexible and able to track these adversaries and get a hold of them.”
Shepard said he anticipates more states catching on to the benefits of using their National Guard forces in this way, as cybersecurity attacks continue to grow in frequency and cost. Already, he’s met with Guard officials and some state leaders in 10 states who are interested in California’s approach.
“I think it’s going to increase everywhere,” he said.Read comments