recommended reading

National Guard, Feds Double Down for Foreign Hack Against US

National Guard soldiers conduct a computer network defense exercise in 2012.

National Guard soldiers conduct a computer network defense exercise in 2012. // Virginia National Guard Public Affairs

The federal government deployed twice as many cyber professionals this year as in 2013 during a -- simulated -- foreign-based cyberattack on U.S. soil, Pentagon officials said Thursday.

About 550 participants recently completed "Cyber Guard 14-1," a two-week exercise executed by the U.S. Cyber Command and hosted at the FBI's National Academy in Quantico, Virginia.

The annual rehearsal, first run in 2011, tests governmentwide cooperation as well as tactical-level operations, according to the Defense Department. 

This year, the National Guard, Reserves, National Security Agency and CYBERCOM practiced supporting civilian agency responses to attacks on model "critical infrastructure" networks. 

At times, the departments of Homeland Security, Justice and Defense have clashed over who has authority to thwart hacks on critical infrastructure -- key private sector operations such as power generation and banking. 

"In the event of a domestic cyber incident, federal agencies have specific, complementary roles," Defense officials said in a statement Thursday. 

DHS leads the coordination of protection, prevention and recovery from a cyber incident, officials stated.

Justice is in charge of "the investigation, attribution, disruption and prosecution of domestic cybercrimes," as well as circulating domestic cyber threat intelligence, they added. "DOD is responsible for defending the nation from attack, collecting, analyzing and distributing foreign threat intelligence, and supporting DHS in their protection, prevention and recovery role."

CYBERCOM oversees Defensewide efforts to protect military networks, infiltrate adversary networks and obstruct hacks targeting domestic critical infrastructure. 

CYBERCOM Commander Michael Rogers has set a goal of training and certifying 6,000 DOD cyber pros by the end of 2016. 

In remarks to private sector visitors observing the exercise, he said: "We are continuing to learn and mature. We have to build a construct to work seamlessly and effectively with our partners, and not just within the government, but also with industry and academia outside [Defense]."

A majority of the participants were National Guard service members, who represented more than 20 states.

One CYBERCOM mission force team partnered with the Coast Guard, a DHS agency, to protect military information networks, “building on our great relationship with DHS,” Phil La Perla, chief of readiness and exercises for the Defense Information Systems Agency, said in a statement.

Coast Guard Rear Adm. Kevin Lunday, CYBERCOM's director of training, added, "We have gone from just a few Guard teams two years ago to incorporating critical government and private sector partnerships to test whole-of-nation solutions in this dynamic domain." 

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.