LAUREL, Md. — The Maryland Army National Guard’s 169th Cyber Protection Team, Maryland Air National Guard’s 175th Operation Support Squadron and members from the Armed Forces of Bosnia and Herzegovina, shortened as AFBiH, participated in a joint cyber seminar at the Pvt. Henry Costin Readiness Center in Laurel, Maryland, on June 29, 2022.
The cyber initiative in Maryland is growing, and 169th CPT is an important part of Maryland’s adjutant general overall strategic direction toward intelligence, cyber and information capabilities for both federal and state missions.
Army Brig. Gen. Adam Flasch, the director of the Joint Staff, Maryland National Guard, observed the exercise and spoke with Soldiers and AFBiH members, highlighting the importance of cyber military capabilities.
“Everyone is a near peer competitor in cyber,” said Flasch. “Our job is to make sure that not only are our networks protected, but that our partner’s networks are robust and capable of repelling attacks. And, when attacked, to remediate and return back to as much normalcy as possible as quickly as possible.”
Beginning in August 2018, the 169th CPT has supported military-to-military knowledge transfers and team-building events with the AFBiH. The Maryland National Guard has been a partner with Bosnia and Herzegovina for nearly 30 years via the National Guard Bureau's State Partnership Program.
The unit is currently conducting a four-phased approach to assist with assessing the AFBiH network infrastructure and will provide guidance on the way forward. The four steps are: establish the baseline of cyber incident response plan, establish a legal and technical framework for cyber operations, integrate training and personnel and finally, expand knowledge and expertise. The end state is to assist with creating a secure, defendable network that is scalable, agile, non-centralized, proactive, innovative and smart with cyber security architecture not highly dependent on public critical infrastructure.
“We're going to be working towards getting their SOPs together, filling their playbooks with procedures and helping them understand the strategic part of [cyber security],” added Warrant Officer Marcus Vendittuoli, project lead for the SPP event with 169th CPT, sharing some insights on the four-phased approach.
An incident response plan instructs network users and cyber professionals on how to respond when something strange starts happening on their computer or network. Without a plan, someone may not know what to do or who to talk to in the event of a cyber incident. Because computer malware can infect a network quickly, every minute counts.
“If somebody recognizes their computer is rebooting all by itself, or something like that, you're going to execute the incident response plan,” said Chief Warrant Officer James Stahecki, a member of the 169th CPT. “At that point, the defenders will take steps to find out what's happening and secure the network.”
Civilian and military organizations are frequently the targets of cyber-attacks. These attacks can leak personal information, hold systems hostage for ransom or even remotely control certain aspects of the system. The risks to an organization are high, so everyone in an organization has to be a sensor and point out abnormalities. The 169th CPT works with many organizations in the US to help them improve their cyber preparedness.
“Anything that we do where we integrate with our partners — both Estonia, a NATO ally, and Bosnia and Herzegovina, as they seek NATO consideration — that interaction is more than just the technical skills being transferred,” said Flasch. “It's the shared experience of Soldiers and Airmen as they work with their counterparts. The information shared goes both ways and we get to see what each other deals with on a daily basis.”
The 169th CPT was established in 2017 to bring a more secure cyber program to the Maryland National Guard. Its primary mission is to assist with validation of other Cyber Protection Teams around the world. This includes supporting events like Cyber Shield and Cyber Flag, events intended to develop, train and exercise cyber forces in the areas of computer network internal defensive measures and cyber incident response, as well as partnering with Maryland’s State Partnership Program partners in AFBiH and the Estonian Defense Forces.