W.Va. Guard participates in cyber security tabletop exercise

By Edwin Wriston | Aug. 31, 2020

CHARLESTON, W.Va. —

Members of the West Virginia National Guard’s Defensive Cyber Operations Element are participating in a multi-day tabletop exercise hosted by the West Virginia Office of Technology to address cybersecurity threats and respond to attacks to statewide cyber infrastructure.

Cybersecurity is a growing area of effort across government and private sector organizations as society grows ever more reliant on computerized, web-based cyber functions, including in the areas of banking, utilities management, education and elections. With the growth of reliance on cyber systems, the threat from malicious players who wish to attack systems in order to impact the safety and economies of adversaries also grows.

The 4-day virtual and in-person tabletop exercise seeks to bring together players from multiple statewide and local agencies, including school systems from around the state, to address potential and existing threats to cyber networks and systems. These attacks can include malware, ransomware, distributed denial-of-service, and a variety of other phishing and disruptive efforts. 

“Our primary goals for participation include hammering out our full concept of operations in coordination with the Office of Technology in the event of an attack, and to refine our existing standard operating procedures for response,” stated U.S. Air Force Lt. Col. Jody Ogle, a Cyber Space Operations Officer and WVNG’s Director of Communications in Cyber Programs. “Additional goals include refining our processes within the states incident response plan, to solidify mutual aid agreements, and to provide new members of the DCEO an opportunity to meet all the key state-level players involved in cyber response.”

“Building trust and nurturing relationships now prior to an incident lets us work much more efficiently and quickly during a response effort. This helps minimize the potential and real negative impacts of an attack,” he added.

The WVNG has played an active role in cyber security both statewide and nationally since 2016 when the need to assist with elections security was first requested by the West Virginia Secretary of State’s Office. In 2018, numerous WVNG members served a tour with the United States Cyber Command, a Department of Defense-level unified combatant command which seeks to strengthen DoD cyberspace capabilities, working on a concept of operations for threat intelligence sharing between the federal and state level. The final draft of that document was released earlier this year for implementation by the entire National Guard, establishing best practices, policies and protocols for cyber threat efforts.

Last week, fifteen members assigned to the WVNG’s Army Integrated Training and Education Command and the DCEO graduated from a Certified Ethical Hacking course, also referred to as white-hat hacking.  Ethical Hackers work with agencies to inspect network infrastructure in order to find security vulnerabilities which a malicious hacker could potentially exploit. The goal is to identify and correct vulnerabilities in systems and networks before they can be exploited.

“Cybersecurity is a function that we take incredibly seriously in the Guard, both on the preventative and response sides,” said Ogle. “Working with and training with our partners across the state to prevent and/or respond to cyber-attacks is a mission we are both proud of and are passionate about.”