National Guard beefing up cyber security teams ahead of 2020 election
WASHINGTON — Twenty-seven states activated National Guard cyber security cells in November 2018 to help ensure critical network infrastructure remained unobstructed during the mid-term elections, the Guard’s top general said Tuesday, predicting more states would deploy such teams in 2020.
As concerns about elections security in the United States have risen in recent years amid threats from Russia and others, the National Guard has increased the size of its cyber force and turned to experts within its ranks who have honed critical cyber skills in their civilian jobs, Air Force Gen. Joseph Lengyel, the commander of the National Guard Bureau, told reporters at the Pentagon. Though those National Guard units were not forced to contend with an active threat to elections in 2018, governors and others have recognized the need to have their own state-level forces prepared to ensure no one tampers with U.S. elections, just as Guard members provide them the ability to respond to a natural disaster, the general said.
“Our goal as men and women of the National Guard is to be able to offer these kinds of service to our governors to respond to a domestic event, whether it’s a hurricane, a fire, a flood or a cyber event. It’s just another military skillset that we have that can be used,” Lengyel said. “… Election network security is a very state-centric thing. We’re an additive measure that can augment state response entities … and we’re trying to grow it.”
Today, the National Guard boasts some 3,900 cyber troops in 59 cyber units with elements in all 50 states. But it has also looked to cyber experts who have honed their skills in their civilian careers to contribute to the mission, Lengyel said. More cyber teams are being added. The Army National Guard will build its newest cyber unit in Indiana — the 127th Cyber Battalion — and it will include nearly 100 cyber soldiers, the Pentagon announced this week.
In Illinois, top officials earlier this year established cyber response teams where Guard members with cyber skills who serve in other military specialties can serve temporary, two-year assignments that take advantage of their talents. In Texas, Guard officials have identified some 1,000 troops within their ranks with civilian world-honed cyber skills who they could call upon if they need, officials said.
The top general for the state of Washington’s National Guard, which has a cyber force that includes experts from top technology companies based in the state including Microsoft and Amazon, said his cyber teams started to plan this week for their operations for the 2020 election. Their plans will look similar to ones that they used in 2018, said Army Maj. Gen. Bret Daugherty, Washington's Guard commander.
The Washington Guard adjutant general said a 10-person cyber team would spend months studying the state’s election network for any vulnerabilities and then plan how to fix or respond to any such issues that they find alongside their counterparts from the Washington State Department’s information technology team.
The final phase of that operation will be to protect the network on election day.
“That is monitoring the network, looking for any bad actors that may be trying to hack in, doing whatever we can to try to keep that from happening,” Daugherty said Tuesday at the Pentagon. “So then we are on hand to respond if all our efforts have failed and the bad guys find a way in.”
In several states, Guard members have recently found themselves gaining real-world experience responding to serious cyber threats. In response to ransomware attacks launched at local government institutions in Texas, Louisiana and other states in recent months, governors have ordered Guard cyber teams to active-duty service to help other state agencies respond to the incursions.
Texas brought about 50 Guard members onto active duty for about two weeks in August to help when critical networks for 22 cities and counties were attacked by entities demanding a ransom, said Army Maj. Gen. Tracy Norris, the top officer in the Texas National Guard.
The Guard cyber members were able to aid other state officials in fixing the network access issues without paying the ransom, she said.
Louisiana launched a similar response in July when a ransomware attack brought down networks for 11 districts including more than 50 schools just weeks before the beginning of the school year, said Kenneth Donnelly, who leads that state’s cybersecurity programs.
Donnelly warned other attacks were ongoing as of Tuesday and threats to cyber infrastructure would only continue to grow and the National Guard would have to continue to boost its efforts in cyber security.
“This is ongoing,” he said. “It’s the new norm.”