TUMON, Guam – Thanks to the whole-of-community approach between local and federal governments and community partners, the scars to critical infrastructure from Typhoon Mawar appear to have healed. Power and water have been restored and roads are clear. But not all the scars are visible.
On the day of Typhoon Mawar’s landfall less than two months ago, a multinational advisory and Microsoft announced a malicious computer code was discovered in telecommunications systems in Guam and elsewhere in the United States. The attacks were attributed to Volt Typhoon, a state-sponsored hacking group for the Chinese government.
Inside a hotel conference room on July 18, Guam Gov. Lou Leon Guerrero spoke to over 100 cyber stakeholders at a gathering hosted by the Guam National Guard. The audience included representatives from the U.S. Indo-Pacific Command, U.S. Cyber Command, Fleet Cyber Command, the Cyber Infrastructure and Security Agency, the FBI, FEMA, Guam Homeland Security and Office of Technology.
“Cybersecurity is one of the things that keeps me up at night,” Guerrero said. “Our communications went down during Typhoon Mawar, and it was frustrating trying to connect with frontline workers to find out what was going on. But this gives me relief in knowing we will have a comprehensive and unified cyber plan. As a whole-of-community, we need each other to make this happen to protect our island and nation.”
Led by Guam National Guard Lt. Col. Bumjin Park, chief information officer, the conference began with partner agencies briefing on their capabilities and cyber postures. Breakout sessions afforded opportunities to analyze strengths and weaknesses, share best practices, and provide input to develop a charter.
“It’s really exciting to see an event like this get so much participation,” said Park. “We have so much to learn from each other, and all the cross-pollination I’m hearing from the breakout sessions tells me we are going in the right direction. Many agencies didn’t know about certain programs offered by CISA, for example. So I think everyone is taking away something useful.”
Among the crowd favorites was a presentation by Capt. Stephen Romans of U.S. Cyber Command. Romans introduced The Persistent Cyber Training Environment (PCTE), a cyber training ecosystem that allows teams of operators to configure, attack and defend in a learning environment. On Day Two of the conference, stakeholders focused on the fundamental cybersecurity skills necessary to protect against known advanced persistent threat actors.
“This event was a great opportunity to demonstrate the effectiveness and strength of a whole of government approach, to train and fight together in terms of bringing increased cybersecurity capacity to Guam,” said Geoffrey Pease, integrated cyber planner with U.S. Indo-Pacific Command. “Cyber is something that is here, and we all need to come together. We have to be aware there’s a threat that’s out there, and we have to be prepared to deal with that threat.”
The Guam National Guard is planning to facilitate subsequent cyber events with support from U.S. INDOPACOM and U.S. CYBERCOM, with expanded attendance from across the Northern Marianas, Federated States of Micronesia and Palau.