Governors appeal to National Guard for help with cyber attacks

As cybersecurity attacks interrupt government services at the state and municipal levels, governors are calling on the National Guard for help.

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

As cybersecurity attacks interrupt government services at the state and municipal levels, governors are calling on the National Guard for help. For details on just how often this happening, Federal Drive with Tom Temin turned to a senior fellow at the center-left think tank Third Way, Todd Rosenblum.

Interview transcript:

Tom Temin: Mr. Rosenblum. Good to have you on.

Todd Rosenblum: Tom, terrific to be with you today.

Tom Temin: And you took a look and found what? What’s going on with the National Guard, the cyber,

Todd Rosenblum: What we found was an increasing role for the National Guard in assisting governors in responding to attacks on their networks. And as the nation has really seen a dramatic increase in the number of attacks, state and local governments are also in that same situation. So the Guard, which brings a tremendous skill set for cyber, which is something new traditionally for them, they’re playing a key role now in a way that was not historically taking place.

Tom Temin: And I want to get into that role, but give us some of the numbers of that have been occurring.

Todd Rosenblum: So the numbers we’re looking at, if you sort of went back 10 years ago, we were at zero,. As we’re looking at it today, we’ve seen a spike, we’re still studying this. But what we saw certainly around the 2020 election, a significant increase in situation of which the governor is called on the National Guard to help do election security. That was a spike we saw in 2020, the numbers preceding that are lower. And we’re studying now to see if this really was just a one year spike, or whether it’s going to be a sustained role for the National Guard supporting governors in this capacity.

Tom Temin: And then there’s the numbers for the ransomware and other types of cyber calls.

Todd Rosenblum: So ransomware has really picked up as a threat to the nation. There’s really nothing unique about ransomware attacks, it’s just that it’s a new profit making way at which cyber criminals, state sponsored organizations and criminal organizations themselves have found a way to make money. And that also increased dramatically during the pandemic. And these criminal groups were targeting the most vulnerable during that time. For example, targeting schools and hospitals, where if their networks were locked, they were shut out of business. So there was a new urgency and a new rise in ransomware attacks. And this is where the National Guard started to play a stronger role for governors in defending networks.

Tom Temin: So we’ve got then 41 times since 2018 that the National Guard has been called out to provide cyber related support. That 41 calls since 2018, ow does that rank with all of the calls made to the National Guard by governors?

Todd Rosenblum: Well, I don’t have that exact number for you. But the Guard has traditionally played a significant role in every state in response to physical events, in response to floods, fires, hurricanes, natural disasters, for some law enforcement activities. And really the cyber domain is something new that we’re seeing for the National Guard. As I mentioned, as we look at that number 40. Half of that occurred during the 2020 election cycle. So we want to make sure that was not a one off spike, or whether this is going to be a trend that will continue going forward.

Tom Temin: Because a lot of cities and school districts have been hit by ransomware. Even before the 2020 election, I think we had Baltimore was the first big case where municipal functions basically stopped until they started restoring things. So does it look like it’s continuing past the election now that we’re almost to the midterms already?

Todd Rosenblum: Two ways to answer that question. One, the rate and scope of ransomware attacks is picking up dramatically. And this is quite concerning. It’s picking up dramatically all across the nation. And secondly is as we look at what will the role of the Guard be going forward relative to other first responders for cyber events? And this is something we’re interested in looking at, because the Guard does bring a range of skill sets for cyber activities. But it also was designed and built for other purposes.

Tom Temin: Yeah, so you’ve got kind of a hybrid situation going here. We’re speaking with Todd Rosenblum, he’s a senior fellow at the think tank Third Way. And what services and skills specifically does the Guard bring to cyber incidents?

Todd Rosenblum: So the Guard is our citizen soldiers and they come from the private sector, and they serve the nation multiple ways. They are civilians in their civilian roles and they come from all professions. They could be working in the in the cyber digital security field now or they could be in a whole range of other types of professions. When called up, they bring those specialized skills for those that have it to add to the capacity of a state, or when they’re federalized, add to the federal government’s capacity to identify cyber threats and respond to them.

Tom Temin: I guess you could see a situation in which both sides of the Guard, suppose a cyberattack stopped municipal services or state services, and you had a fire or something. And it was tough for the local fire response to respond because of the cyber attack, then you would have both a physical need for the National Guard and a cyber need. Have we seen that happen yet?

Todd Rosenblum: Well, we have seen physical effects of cyber events. The Colonial Pipeline is one example. The JBS food processing is another example where there are physical impacts of cyber events. Now, when we look at the Guard, we look at it in three ways. We look at the Guard, calling them up to support the government in a cyber response. And as you said, in a physical response. But of course, these are also citizen soldiers. These are people who have a civilian job. And some of them are working these very same issues at the same time that they are called up to do a cyber response. So in reality, there are situations where we are double or triple counting them. And we really need to do a hard look as a country of how do we increase our overall capacity so we don’t find ourselves in situations where we are double or triple tapping the same people to do one activity?

Tom Temin: Yes, because as we speak, there are not only a spate of cyber attacks and ongoing issues there, but three or four states are practically on fire. There are floods occurring here and there and we’re getting through a hurricane season. So lots of occasions where you can imagine the National Guard might be needed. Is your sense that the nation, the military, needs to think in terms of what should the overall capacity of the Guard be as they look at the future?

Todd Rosenblum: So when you look at the military, you look at the National Guard as an element of the Armed Forces, but National Guard from a federal perspective is man trained and equipped for warfighting purposes. It is not sized for supporting states or for when they operate in a state capacity. So the Pentagon has to evaluate what investments in the Guard versus what other investments it makes to achieve its warfighting objectives. And that has to be sacrosanct for the Department of Defense. So it really does not size the National Guard at all for how it might assist states. Now there is a benefit to states and to the taxpayers clearly, and the Pentagon does what it can to work with the National Guard Bureau and to work with governors about where National Guard forces might be located, what skill sets Guard from particular states might bring to bear. For example, on the west coast, there are firefighting skills all throughout the state and within the National Guard. And so when the Pentagon looks at where’s it going to keep its capacities, its military capacities to assist in firefighting, it logically will base them in place like California. So that’s the partnership. But the sizing the National Guard has done for its federal warfighting missions.

Tom Temin: Got it. So maybe one way out of this is for some way for the states and the municipalities and the counties for that matter to increase their own cyber skills chops so that they won’t need the National Guard so much.

Todd Rosenblum: That’s correct. In fact, we at Third Way have been looking at that issue and we’re doing our evaluations today. And it really does appear to us at this point that the cyber response capacity of civilians and of states and localities is insufficient for today’s need. And so the federal government has a clear role in investing in civilian cyber capacities for states and localities. And there are partnership programs. DHS has grant programs, for example. There’s legislation in Congress right now to establish a civilian cyber corps. These are positive developments, because the threat of cyber is a whole of nation threat. And we need to mobilize across government, not just look to the military or the National Guard in particular, to be the primary response element for us. And we need to elevate the type of stakeholders and the capacity and numbers within those stakeholders for something that is clearly an enduring and persistent challenge.

Tom Temin: Keep your last resort as your last resort and develop a better first resort, in other words.

Todd Rosenblum: Right. And that’s where we look at a new paradigm with a National Guard. Again, traditionally, the National Guard has been looked at to give states an emergency response capacity for a flood, fire hurricane or perhaps a law enforcement emergency. But when we look at cyber, the challenge here is cyber is a persistent and ongoing threat. So that’s where the Pentagon, that’s where the National Guard Bureau, obviously in its federal role at the Pentagon, and the governors need to be looking holistically as a federal state partnership and across federal government to help invest in capacity outside the Guard for what is a persistent requirement. Because I think what we’ll end up finding is if we become over reliant on the Guard, the Guard will not be ready for its military missions.

Tom Temin: Todd Rosenblum is senior fellow at Third Way. Thanks so much for joining me.

Todd Rosenblum: Thank you. I appreciate the time today.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    (AP Photo/Chris Carlson)Tanker trucks are parked near the entrance of Colonial Pipeline Company Wednesday, May 12, 2021, in Charlotte, N.C.  The operator of the nation’s largest fuel pipeline has confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems. That's according to a report from the Wall Street Journal. Colonial Pipeline’s CEO Joseph Blount told the Journal that he authorized the payment after the ransomware attack because the company didn’t know the extent of the damage.   (AP Photo/Chris Carlson)

    CISA under pressure to put more teeth in cyber requirements following Colonial Pipeline attack

    Read more
    (AP Photo/Wilfredo Lee)FILE - In this Dec. 12, 2016, file photo illustration, a person types on a laptop in Florida. Riviera Beach, Fla., agreed to pay $600,000 in ransom to hackers who took over its computer system, the latest in thousands of attacks worldwide aimed at extorting money from governments and businesses. Spokeswoman Rose Anne Brown said Wednesday, June 19, 2019, that the city of 35,000 residents has been working with outside security consultants, who recommended the ransom be paid. (AP Photo/Wilfredo Lee, File)

    NIST partners with an industry that’s become fresh prey for cyber hackers

    Read more