Massachusetts National Guard Plays Key Role in Cyber Shield 2022, the DoD’s Largest Unclassified Cyber Defense Exercise

Photo By Sgt. Trenton Fouche | Staff. Sgt. Yamintina Tejada and Sgt. 1st Class Kimara Guillaume (left to right) of...... read more read more

Photo By Sgt. Trenton Fouche | Staff. Sgt. Yamintina Tejada and Sgt. 1st Class Kimara Guillaume (left to right) of the 126th Cyber Protection Battalion work in the command cell to assist with inprocessing participants for Cyber Shield June 10, 2022 at Camp Robinson in North Little Rock, Arkansas. Cyber Shield 2022 is the DOD’s largest unclassified inter-agency and joint national level training cyber defense exercise which includes representation from 20 states plus Guam. (U.S. Army photo by Illinois National Guard Sgt. Trenton Fouche)  see less | View Image Page

NORTH LITTLE ROCK , AR, UNITED STATES

06.09.2022

Story by Lt. Col. Bradford Leighton 

Joint Force Headquarters - Illinois National Guard Public Affairs

✔ ✗ Subscribe

14

NORTH LITTLE ROCK, Arkansas – Approximately 30 Massachusetts National Guard cyber and computer security specialists are honing their skills, June 5-17, as part of Cyber Shield 2022, the Department of Defense’s largest unclassified cyber defense exercise involving approximately 800 National Guard cyber specialists as well as law enforcement, legal, government and corporate partners from across the country.
The Massachusetts Army National Guard’s 126th Cyber Protection Battalion, headquartered on Joint Base Cape Cod’s Camp Edwards, is playing a major role in running this year’s exercise by filling multiple key leadership and staff roles.
Massachusetts Army National Guard Lt. Col. Christopher Elgee, the battalion commander, is serving as the Cyber Shield 2022 Chief of Staff. Battalion Command Sgt. Maj. Daniel Doherty is serving as the exercise’s senior enlisted leader. The 126th’s Maj. Joseph Blume is the exercise’s executive officer.
In addition, the battalion is leading the exercise’s personnel, logistics, and intelligence functions and playing key roles within its operations section.
“Cyber Shield 22 is a great opportunity for our Soldiers to build both their cyber skills and their leadership skills,” Elgee said. “It is a national-level exercise involving National Guard Soldiers and Airmen as well as civilian cyber experts from top-notch institutions. We even have teams from the Navy and Coast Guard participating.”
The exercise also gives Soldiers and Airmen the chance to network with some of the nation’s information technology leaders, Doherty said. “Training week gives troops the chance to earn certifications they can apply to both the military and their civilian jobs. These cost hundreds of dollars outside the exercise. They get these courses for free here. In fact, they are getting paid.”
During the mid-exercise cyber skills competition, called “Netwars,” the world-renown SANS Institute is hosting a jobs fair. “Participation in the exercise will help them in the military, and often helps them in their civilian careers as well,” Doherty said.
This year the exercise is being conducted at the Army National Guard’s Professional Education Center on Camp Joseph T. Robinson in North Little Rock, Arkansas. Service members and civilian experts from 20 states and the U.S. territory of Guam have gathered for the exercise.
The annual exercise, led by the Army National Guard and assisted by the Air National Guard, is a concentrated effort to develop, train and exercise cyber forces in the areas of computer network internal defensive measures and cyber incident response, according to the National Guard Bureau.
These cyber defensive measures can be employed to defend and protect critical cyber infrastructure including industry, utilities, schools, health care, food suppliers as well as military networks.
“Cyber warfare is not just our future — it is our contemporary reality,” said Gen. Daniel Hokanson, chief of the National Guard Bureau during an April U.S. Cyber Command summit. “The National Guard is positioned to be leaders in the digital domain and continues to enhance our nation’s cyber capabilities in combat and in the homeland.
“With 4,000 National Guard cyber operators across 40 states, many working for leading tech companies, the National Guard has the knowledge, skills and abilities to play a critical role in the DOD’s cyber enterprise,” he added.
Cyber Shield 22 brings together the nation’s top cyber defense professionals from National Guard Soldiers and Airmen to various governmental, nongovernmental and high-tech partners. This year’s exercise also involves teams from the U.S. Navy and the U.S. Coast Guard.
Effective cyber defense requires unclassified collaboration across multiple partners, said Maj. Gen. Rich Neely, the adjutant general of the Illinois National Guard and a master cyberspace officer. “We all need to be talking about these attacks and where they are coming from. To do that requires effective relationships and communications across all levels of government as well as the private sector.”
Neely said that many of those professional relationships the National Guard shares with its partners in cyber defense “all began at a Cyber Shield.”
The first week of the exercise involves training classes and hands-on exercises for participants. During this part of the exercise, service members have the opportunity to take top-notch information technology classes and earn industry-standard certifications that can be used both in the military and in civilian careers. There are 15 different classes and certifications.
On June 12, the second phase of the exercise begins. This second week puts the cybersecurity service members’ skills to the test pitting them against an opposing force of hackers. The cyber defenders will work on identifying an intrusion into a computer network and then countering the hacker’s actions, said George Battistelli, Cyber Shield 2022 exercise director and the deputy chief information officer for the Army National Guard.
“It is important for us to continue to train our Soldiers using real-world events, so they are able to cut down the noise and focus on the mission,” Battistelli said. “In the exercise, and in the real world, we strive to achieve and maintain information advantage over our adversaries.”
This year the exercise is focusing on responding to a “supply chain” attack similar to the SolarWinds attack that effected many corporate and government networks, Battistelli said. A supply chain attack is when the hackers insert malicious code into third-party software such as IT monitoring software. When the software, or updates to the software, are installed, the malicious software is also installed allowing the hackers access to the corporate and government networks. The SolarWinds attack infiltrated a wide array of corporate and government networks. The exercise also infuses social media “noise” into the scenario, making the exercise as realistic as possible.
This year the Blue Teams – the “good guys” – will work to defend the military’s own computer networks. In the past, the exercise scenario has had the Blue Teams responding under the authority of a state governor. This year, they are responding under federal authority. This changes the policy and regulatory bounds as well as the legal authorities of the response.
The exercise is also helping to train National Guard lawyers on assisting cyber service members in staying within those bounds and authorities, said Minnesota Army National Guard Capt. Cumah Blake, the lead staff judge advocate for the exercise.
“The Cyber Shield exercise is a great model,” Blake said. “The exercise pulls together an integrated team of experts, not just cyberspace experts. It addresses not just cyberspace operations in a vacuum, but how do you pull together other members of your team and make those missions successful.”
The Red Team – the “bad guys” – includes some of the best cyber experts in the industry, said Illinois Army National Guard Lt. Col. Jeff Fleming, the exercise officer-in-charge. Fleming said that members of the Red Team last year wrote their own malicious code and a bug bounty hunter brought proof of concept code to test a zero day vulnerability he discovered to train the Blue Teams with very sophisticated and challenging situations.
This year the exercise will have a “Purple Day” when the Red Team will meet with the Blue Teams to discuss the attacks, what was done, and where and when it could have been caught. This will help train the cyber service members to defend against real-world attacks.
The training cyber service members receive at Cyber Shield is vitally important to the ongoing effort to protect the nation in cyberspace.
“We have to be right 100 percent of the time,” Battistelli said. “Our adversaries only need to be right once to get into our networks.”

-30-
For more information: Lt. Col. Brad Leighton, Cyber Shield 2022 Public Affairs Officer at 217-725-2265 (cell) or by email at: Bradford.e.leighton.mil@army.mil or search “cybershield22” on www.dvidshub.net.