National Guard Considers Expanding Cyber Security Pilot Following Attacks

Ransomware attacks in Texas and Louisiana have the National Guard considering an expansion of an existing pilot program designed to assist states in preparing for and handling cybercrime. The National Guard has already committed to working with the states to understand how the incidents occurred and how they could have been prevented.

Currently, the National Guard is working with three states -Hawaii, Washington, and Ohio- on 10-person cyber mission assurance teams to check federal installations for vulnerabilities from reliance on outside utilities, such as electricity and water.

"These systems are not DoD systems. They are owned and run by non-military entities, but the military has a vested interest in ensuring they are not vulnerable to cyberattack and that they are resilient," Capt. Sameer Puri, Washington National Guard CMAT deputy commander and the director of information management for the Washington Army National Guard explained in an April release. "These are the utilities and companies that provide vital services to military installations, both active and National Guard. If we find a problem, we partner with that company to reduce or eliminate that risk."

Governors of both Texas and Louisiana called upon the National Guard “almost immediately” following the ransomware attacks.

“We’re seeing the whole of the first responder networks come to assist and mitigate the damage and get everything back up and running, and the National Guard is part of that response… What we bring in is generally expertise and knowledge and cyber skills,” Air Force Gen. Joseph Lengyel told StateScoop.

According to Lengyel, Louisiana and Texas will do an after-action analysis. The National Guard will review what the states found, what was learned, and what mistakes were made to share the lessons with the rest of the Guard.

The current pilot is expected to run for another six to eight months, at which point the Guard will determine if it should be expanded nationwide. However, the Guard admits that standardized training across states could be difficult.

"Everybody's cyber response packages look a little bit different. Texas has this joint cyber response team with eight people, both Army and Air [Force]. The way Louisiana does it may be a little bit different," Lengyel said. "Because the military organizations in the states are different, some of the way we actually get them trained, their training apparatus may not be standardized."

Lengyel said that while he's unsure whether responding to such attacks will become a regular practice for the National Guard, they will be available for state governors when needed.