FRANKFORT, Ky. –
Advanced persistent cyber threats, such as email phishing, identity theft, insider threats, hacking, or spreading fear and inciting terrorism, are becoming more sophisticated.
Cyber Shield 2020 ran from Sept. 12-27 and aimed at mitigating these threats by cybercriminals with a defensively focused tactical cyber exercise. Other than from the Guard, they chose participants from law enforcement and the cyber protection industry to ensure the training met the requirements of our nation’s defense information infrastructure.
Twenty-nine members from Kentucky joined hundreds of other cyber professionals from the Army and Air National Guard, the Navy Reserve, and the commercial industry.
“This year, we had nearly 700 participants from 41 states,” said Maj. Dayna Sanders, the IT branch manager for the Kentucky National Guard.
Sanders has been the J3 (Operations Officer) for the past three Cyber Shield events.
“Even though we are in a pandemic, our state brought more Guardsmen than last year,” the eight-year participant of the national exercise said.
Nearly all Kentucky Guard’s major commands took part in the training. The majority came from Kentucky’s Defensive Cyber Operations element from the state’s headquarters, and the 175th Cyber Protection Team, which returned from a year-long deployment to Washington, D.C., earlier this year.
To minimize the risks of spreading and contracting COVID-19, Soldiers spent training time at home in a non-traditional classroom environment.
“The first week [training week] was all about training and best practices from the commercial and defense industries,” said Sanders. “We worked with Homeland Security, the FBI, many commercial organizations like Lexmark and Microsoft. Then, we also had two participants working with us from our Commonwealth Office of Technology and their security operations center there.”
Unique to this year, after the first couple of in-person instruction days, the cyber teams were free to go home and continue their training. With the introduction of Microsoft Teams, an online video conferencing and chatting software platform, participants from across the nation stayed within a keyboard’s reach from each other.
“The online working environment used throughout the exercise worked great to keep our teams communicating. But it brought one of the greatest challenges I had experienced in my career,” she said.
“As a leader, I must be able to talk with people over [Microsoft] Teams and have chat conversations. Without face-to-face interaction, I learned how much leadership was not taking place,” said Sanders.
Personal interaction allows for immediate feedback during a conversation.
She added, “The other challenge for me was not being able to assess the Soldiers. Communicating by text and teleconference doesn’t give you that. I can’t see their facial expressions or judge the mood they might be experiencing. I can’t tell if a Soldier is having problems at home. And if they are at home, I have that feeling they might miss out and not able to focus and leverage on the learning opportunity [of this event].”
Meeting and working with others in person during a team event also gives participants the chance to build camaraderie and lasting friendships, she explained.
The cyber professionals met in week two for the culminating event.
“For the last event, they gave us the task to help a large, made-up corporation named Prestige Worldwide. We had to assess their network,” Sanders said. “they gave us access to their networks, where we ran scans over their system. The problems would progressively escalate the more we analyzed them. Then, the more we worked to eliminate their vulnerabilities, the more issues we overcame. Eventually, the assessment lead into a major incident response, which we had to react.”
The 91st Cyber Brigade out of the Virginia National Guard managed the cyber network that tested the skills of the information technology professionals much like how a firing range tests the shooting skills during an individual weapons qualification event.
Some of the largest issues we have in the Kentucky Guard are malicious software attacks and data loss. Cyber protection teams lower risks associated with these threats by focusing training on defense-in-depth techniques that overcome these attacks. At Cyber Shield 2020, they witnessed, firsthand, the effectiveness of maintaining multiple layers of security on our networks.
“This event also served as a validation exercise for the defensive cyber operations elements and the cyber protection teams,” she said. “The next step is to get measurable metrics to see where we can improve on the state level.
Sanders praised her Troops and mission partners and the successes of the event.
“Our team collaborated and shared resources with 40 other states. Their mission partners included law enforcement, and they made contacts that will help them in their careers. Whether it’s internally on the Department of Defense network, or say it’s at the Commonwealth Office of Technology, or maybe a county clerk’s office, our people are now better equipped and trained to support their mission,” said Sanders.