Home page logo

dataloss logo Data Loss mailing list archives

Beyond Disasters: The National Guard Takes On Hackers
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 28 Jan 2014 18:22:40 -0700


At home, the National Guard is summoned during natural disasters and civil
unrest. Overseas, it complements the active duty military. Now, the
nation's governors want to mobilize the Guard to take on a new threat:

Terrorists could endanger thousands or even millions of Americans by
crippling the computer infrastructure of water utilities or the electrical
grid.  Meanwhile, criminals are anxious to get their hands on the
financial, medical and other personal data states hold in their electronic

Guard units in every state have made great strides in protecting their own
computer infrastructure, and governors say the Guard is well equipped to
meet broader state demands for cybersecurity.

In an October 2012 survey of states' chief information security officers,
70 percent of them said their state had experienced a cybersecurity breach.
Only 24 percent said they felt "very confident" that their state assets
were protected against external threats, and only 32 percent said their
staffs were competent to protect against cyberattacks.

Colorado Gov. John Hickenlooper, who is the vice-chairman of the National
Governors Association, addressed the issue during the annual "State of the
States" speech earlier this month in Washington, D.C.

"As the nation develops resiliency to cyberattacks, the Guard should be
mobilized to support federal and state efforts to protect networks and
respond to incidents," said Hickenlooper, a Democrat. "While the federal
government seeks to clarify how it will work with the private sector and
states to better secure cyberspace, states are already moving forward to
develop and implement new cyberpolicies to protect their economies and
ensure public safety."

The federal government is taking notice, judging from the National Defense
Authorization Act President Barack Obama signed into law on Dec. 26.  The
measure requires the Department of Defense to consider the Guard's
capabilities as it shores up the Pentagon's cybersecurity. It also orders
the department to consult with governors as it assesses states'
cybersecurity needs and the Guard's ability to help on that front.

Furthermore, last March eight U.S. senators introduced a bill to establish
"cybersecurity civil support teams" in the National Guard, similar to Guard
teams that have been created to deal with incidents involving weapons of
mass destruction. Under the measure, a governor or the secretary of defense
could activate the teams in response to a cyberattack.

"The Cyber Warrior Act will ensure that in the first hours and days after a
devastating cyberattack, our local responders will have the same support of
the National Guard for response and recovery that they do when a hurricane
strikes," said Democratic Sen. Christopher Coons of Delaware, a co-sponsor
of the  measure.

Washington State Leads the Way

Washington was the first state to find a role for the National Guard in its
cybersecurity efforts, said Maj. Gen. Tim Lowenberg, who commanded the
state's forces as adjutant general from 1999 to 2012 before retiring from
the Guard, and is now vice president of Gordon Thomas Honeywell
Governmental Affairs. Missouri, Maryland, Delaware, Utah, and Rhode Island
are among the other states that have created Guard units to counter

Guard soldiers hold civilian jobs or attend college while maintaining their
military training part time. Washington recognized the potential of its
Guard as a cyberforce when it discovered that many of its Guard soldiers
spent the workweek toiling for tech-related employers such as Google,
Boeing, Northrop Grumman, Comcast, Verizon, Microsoft, Cisco and
Hewlett-Packard.  Washington decided to capitalize on that experience.

"It is generally accepted that we will never be able to recruit, train and
retain sufficient numbers of [active duty] cybersecurity specialists in the
military to meet our national security requirements," Lowenberg said.
 "With the National Guard, we found a combination of leading-edge technical
knowledge and long and stable career commitment that are really unique."

Washington has used its Guard for cyberemergency planning and to search for
vulnerabilities in its state networks through "red team" exercises
conducted at the direction of the governor. Such exercises were used to
demonstrate the security of the Washington Department of Licensing's
network when the state was seeking permission to implement an Enhanced
Driver License, which can be used to cross the Canadian border, according
to Lowenberg. Implementing the program required persuading the U.S.
Department of Homeland Security to allow access to its databases--which
required hard proof of network security.

Lowenberg said the result of the National Guard's efforts in Washington
state is a higher level of security--and a higher level of preparedness if
an attack on critical infrastructure proves unavoidable.

"This would not be a pick-up game," he said. "We've fully developed the
responses and protocols for all of this."

Knowing the Local Landscape

Another advantage to using the Guard, according to the National Guard
Association of the United States, is that Guard soldiers come from the
communities they serve, giving them knowledge of state and local
infrastructure that is difficult for federal officials to replicate.

"The National Guard provides a cost-effective and uniquely capable force
that can provide capability for the DoD, homeland defense, civil support
and intrastate missions," the group said in a statement. "Most importantly,
the National Guard is composed of citizen-soldiers, working in communities
and providing knowledge of critical infrastructure at the local level."

Heather Hogsett of the National Governors Association echoed that view.

"You don't necessarily know where a cyberattack is coming from, but it has
a very localized impact," Hogsett said, adding that the Guard is accustomed
to serving in a wide variety of roles under governors' direction.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 


Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!

  By Date           By Thread  

Current thread:
  • Beyond Disasters: The National Guard Takes On Hackers Audrey McNeil (Jan 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]