VIRGINIA BEACH, Va. - Maryland Air National Guard Airmen participated in Cyber Fortress 3.0, a training exercise that tested the local, state and federal response to potential cyberattacks against critical infrastructure.
The exercise, hosted by the Virginia National Guard July 7-20 in collaboration with other agencies, simulated a cyberattack on water utility companies in Virginia operated on a virtual network.
“If you can shut down the water, then you essentially stop U.S. forces from being able to deploy and project power overseas,” said Virginia Army National Guard Maj. Andres Slonopas, operations director of the Information Operations Support Center and lead planner for the exercise.
Cybersecurity exercises related to critical infrastructure are vital to bolstering U.S. defense on an extreme scale, said Slonopas.
“We’re seeing that we’re so interconnected in this world; it truly is a worldwide web,” said Slonopas. “We can’t wait for an incident to take place and then react to it; we have to be proactive.”
Maryland’s 175th Cyberspace Operations Group sent 14 Airmen to participate. The 276th Cyberspace Operations Squadron augmented the exercise’s offensive red team. The 275th Cyberspace Operations Squadron collaborated with members from multiple states of the Army and Air National Guard and the Virginia Defense Force as part of the defensive blue team tasked with detecting simulated activity on the network.
Maryland Air National Guard Maj. Stephanie Travis, chief of weapons and tactics for the 275th Cyber Operations Squadron, said National Guard cyber operators would be the first groups activated if critical infrastructure is attacked, so it is important to know who you are working with beforehand.
“These exercises give us the opportunity to create relationships with the entities that are responsible for those various critical infrastructure groups,” said Travis.
Travis said 90 to 95% of the red team’s activity during the exercise was detected and handled effectively.
“They performed amazingly well,” said Travis. “Our Airmen did a great job of finding red team activity on the network, responding to it and working with our representative from the water treatment plant to help clean it up on the network.”
This exercise allowed for collaboration between Estonia, Maryland National Guard’s partner since 1993 through the Department of Defense National Guard Bureau State Partnership Program, and Finland, Virginia’s partner since earlier this year.
“We were segmented out into five different groups with the Finns and representatives from Estonia working together in their own space,” explained Travis. “Mostly it was just talking to them and getting to know the Estonian team during this exercise.”
Other partners in the exercise included representatives from the Cybersecurity and Infrastructure Security Agency, the Virginia Army National Guard, the U.S. Marine Corps, and the FBI.
“The truly unique piece about this is that it focuses on our state mission,” said Travis. “A lot of the times when we participate in exercises — we participate in a lot of exercises — we’re focused on our federal mission under Title 10.”
Travis said the lessons learned during the exercise will be a foundation for building effective disaster recovery procedures and refining processes in response to evolving cybersecurity threats.
“Critical infrastructure response to incidents is something that I think every state in the country’s National Guard is looking to how we would take action in that space,” said Travis. “This kind of exercise, focusing on the state mission, focusing on critical infrastructure, is a wonderful opportunity for us to be prepared going forward.”