Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
Over the summer, multiple states took the brunt of ransomware attacks to local governments and school systems, now the National Guard is learning from those experiences, and applying them to more than just hacks on government IT systems.
Even though only 27 states have National Guard cyber protection teams, the Guard is encouraging each state’s service branch to create risk mitigation plans and to search networks of important IT systems for vulnerabilities.
“It’s obviously a new and emerging enterprise for us,” National Guard Bureau Chief Gen. Joseph Lengyel told reporters Tuesday at the Pentagon. “When they first developed cyber, people thought there was really no domestic mission for a governor to use the cyber force in a state capacity. Now we are seeing how wrong that could be.”
States very much needed the Guard when 22 Texas county governments lost control of their IT capabilities this summer. The result was police officers unable to conduct background checks and county governments unable to transfer property.
The Guard stepped in with a cyber force of about 50 people and reclaimed the networks in about 15 days, according to Maj. Gen. Tracy Norris, the adjutant general for Texas.
“We had people out there within 12 hours to do an assessment of what had happened,” she said. “We helped the counties get a recovery point where other IT professionals could come in and get the county back to regular services.”
The Guard called on service members with civilian jobs within the state, Lengyel said. He described their skills as superb. Luckily, Texas is home to many tech companies to draw on to join the Guard.
Washington Adjutant General Maj. Gen. Bret Daugherty said his state has been taking preemptive measures against cyber attacks for about a decade. Washington is another state with a deep talent tech pool to draw from.
“We use a 10-man team,” Daugherty said. “We do preventative work with owners and operators of critical infrastructure. They are partnered up right now with a power company that feeds one of our military bases. Our team has been monitoring that network and looking for vulnerabilities. They found them and are now in the process of developing a risk mitigation plan and helping the power company fix the vulnerabilities they found.”
Local government cyber attacks cause National Guard cyber units to look inward
“Ohio, Washington and Hawaii have teams,” Lengyel said. “What they do is they are able to check and mitigate cyber issues with federal installations that require assistance from critical infrastructure. A federal installation needs power and water to keep it running. This mission assurance team has been able to assess their vulnerabilities and perhaps come online and mitigate cyber attacks to assure that the federal mission of that installation can continue.”
Washington and other states are taking that mindset into the 2020 election as well.
“We are going to have a 10-person team,” Daugherty said. “They will do four things for the Washington secretary of state. First, they are going to plan and develop the scope of work. Then they will get into the operational part.”
That involves looking in the network for any security issues. After that those issues will be secured through a risk mitigation plan, and finally service members will be on hand during the election to monitor the network.