AASHTO Journal - National Guard Runs Transportation Cyber Exercise

The U.S. National Guard recently wrapped up an annual exercise that focuses on responding to cyberattacks against the U.S. transportation system.

[Above photo by the U.S. National Guard]

Cyber Shield 2023 began June 4 and ran until June 16 at the Army National Guard Professional Education Center in North Little Rock, Arkansas.

Convening at the Camp Joseph T. Robinson Maneuver Training Center in Arkansas, about 800 Guardsmen from 36 states and territories learned how to address cyber incidents involving some of the nation’s most critical transportation infrastructure during the two-week exercise.

“It’s really about integrated deterrence,” explained Brigadier General Teri Williams, the exercise’s director, explained in a statement.

“That’s really kind of the next step, whether it’s operational technology, working in close collaboration with our allies, but basically to ensure that potential foes in cyber understand the folly of aggression,” added Williams, who also serves as the National Guard Bureau’s vice director of operations.

“It’s really cultivating ideas from a broad range of experiences and backgrounds that really make this exercise what it is,” she said. “Resolve is tested, but it’s tested in a safe environment that we can really get after things and rehearse, you know, for one of our worst days.”

Launched in 2007, the annual “Cyber Shield” exercises are conducted in an unclassified environment, enabling more participation from the Department of Defense or DoD external partners.

Since that time, the National Guard said Cyber Shield has helped develop cyber forces in areas including computer-network internal defensive measures and cyber incident response.

For 2023, the Cyber Shield exercise focused on America’s freight rails, with the DoD designating 30,000 miles of freight infrastructure as critical for mobilizing and resupplying U.S. armed forces.

Approximately 12,000 trains operate daily nationwide, the National Guard noted, with more than 1.33 million freight cars traversing 138,000 miles of active railroad from coast to coast.

Colonel Jeffrey Fleming with the Illinois Army Guard – who served as the exercise’s officer in charge – said participants in the Cyber Shield 2023 encountered “the common way the attack-chains play out” common to today’s cyberattack incidents.

“They faced several different levels of the bad groups in the network utilizing the advanced tactics for whatever skill set or whatever operational campaign for the exercise that those bad actors have been selected to carry out,” said Fleming.

Cyber Shield 2023 also marked the first time State Partnership Program or SPP members collaborated with National Guard cyber teams. Created in 1993, the SPP pairs Guard organizations with nations overseas in mutually beneficial relationships. For the 2023 exercise, five SPP teams participated: Poland and Illinois, Kosovo and Iowa, Armenia and Kansas, Moldova and North Carolina and Azerbaijan and Oklahoma.

State departments of transportation have also participated directly with the National Guard units on a number of cyber security exercises.

In June 2020, for example, the 272nd Cyber Operations Squadron within the Michigan National Guard provided the Michigan Department of Transportation and other state agencies insight into the identification of possible cyber threats to their information technology networks during Operation Resilience.

Members of that unit – consisting of 17 cyber operators, three intelligence analysts, and one cyber transport system specialist – participated in Operation Resilience, a federal Innovative Readiness Training or IRT program.

The military unit’s cyber operators collaborated with the Michigan Department of Technology/Management and Budget (DTMB) as well as the Michigan Department of Transportation – conducting an intelligence-driven assessment on critical host and network devices that run the Advanced Traffic Management System or ATMS throughout Michigan.

Additionally, the need for tighter cybersecurity measures when it comes to transportation infrastructure has been noted in several national reports.

For instance, in January 2022, a report issued by the Mineta Transportation Institute noted that U.S. transit agencies need to improve their data management and data privacy practices as they are being targeted more frequently by cyberattacks.

That report – entitled Personal Data Protection as a Driver for Improved Cybersecurity Practices in U.S. Public Transit – explored how the increase in cyberattacks against public transit agencies further underscores the importance and increasing responsibility transit agencies have to prioritize the protection of any personal data they collect, retain, or distribute from their ridership.