National Guard may help states defend against ransomware
- By Lauren C. Williams
- Aug 29, 2019
Following recent ransomware attacks in Texas and Louisiana, the National Guard is considering expanding its cybersecurity vulnerability assessment pilot.
In the wake of the ransomware attacks on the IT systems of local governments and school districts, the National Guard's cyber units were among responders called in to mitigate the "cyber storm," Gen. Joseph Lengyel, National Guard Bureau chief, told reporters during an Aug. 23 news briefing.
It's one of the few times the National Guard's cyber capacity has been called on for state events, though there has been talk of having these units assist with election security.
Louisiana and Texas will conduct an after-action analysis, and the National Guard will evaluate what was found, what was learned and what mistakes were made and share those lessons with the rest of the Guard.
"We have skill sets already in place that do cyber analysis of vulnerabilities of various critical infrastructure," Lengyel said, adding that the hope is to expand those capabilities nationwide.
The National Guard is running a pilot program with three states -- Hawaii, Washington and Ohio -- with a 10-person cyber mission assurance team checking federal installations for vulnerabilities in critical infrastructure services, Lengyel said. That pilot is expected to run another six to eight months, at which point the Guard will decide whether it should be expanded nationwide.
State emergency response systems, however, vary by state, he said.
"Everybody's cyber response packages look a little bit different. Texas has this joint cyber response team with eight people, both Army and Air (Force). The way Louisiana does it may be a little bit different," he said. "Because the military organizations in the states are different, some of the way we actually get them trained, their training apparatus may not be standardized."
For Louisiana and Texas, the Guard is there purely to help with defense -- not offensive operations -- and to stop the spread of damage. Lengyel said that while he's unsure whether responding to such attacks will become a regular practice for the National Guard, the threat will continue to evolve.
"If it's not ransomware or some [other] attack now, that threat will morph to adapt as we provide security for it," Lengyel said. "We will grow our cyber capacity as the Army and Air Force need us to grow it" and will be available for state governors to call on.
This article was first posted to FCW, a sibling site to GCN.
Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at firstname.lastname@example.org, or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.