Illinois's top military officer says the growing threat of cyber attacks requires more resources to combat them.
Maj. Gen. Rich Neely is adjutant general and commander of the Illinois National Guard. He's also a master cyberspace officer at the forefront of training others to defend the nation’s at-risk information infrastructures.
In 2021 alone, Neely said America's power plants, food suppliers, water utilities, health care systems and law enforcement agencies have all come under cyber attack.
Last month, a ransomware attack on the Colonial Pipeline shut down nearly of the East Coast's fuel supply. JBS, the world's largest meat supplier, paid cyberhackers $11 million to get back its computer network in another attack.
These are high profile cases. Neely said Illinois has had trouble of its own.
"Just in the last month, the St. Clair County government was attacked by ransomware. Then back in April, the Illinois Attorney General's computer network was attacked," Neely said. "Many (are) probably aware of the hack that occurred against the Illinois State Board Elections in 2016, along with 19 other states that were hacked, during the general election."
Neely said cyber security needs are constantly evolving, adding the U.S. cannot rely on the procedures it had in place even six months ago to "keep the bad guys out."
"We live in an IP based society, which means we have a lot of conveniences with things like refrigerators with cameras in it and WiFi-enabled everything. But those products also bring vulnerabilities because of cybersecurity issues."Maj. Gen. Rich Neely
That's why the U.S. National Guard hosts annual training exercises focused on cyber security. The next Cyber Shield program will be held July 14-24 in Utah, with teams participating virtually from around the country and the world.
There are currently about 4,000 National Guard cyber operators across 40 states. Neely said guard members have a unique advantage: they're scattered in communities across the state and bring different skill sets from their civilian day jobs.
Not all who participate in Cyber Shield have military connections. Neely said only about 20% of last year's participants were Guard members.
"Cyber Shield is special because it integrates all levels of government, along with utilities, high-tech industries, law enforcement and other partners," Neely said. "Some describe it as kind of a pick-up basketball game where the best of the best of the players are selected from both the military and outside the military to take place in the exercise."
Neely said as technology changes, innovations like artificial intelligence, quantum computing and autonomous vehicles offer new opportunities for cyber attackers.
"We live in an IP-based society, which means we have a lot of conveniences with things like refrigerators with cameras in it and Wi-Fi-enabled everything. But those products also bring vulnerabilities because of cyber security issues," Neely said. "We'll constantly be, I think, working through this as we continue to look for the better way to build the mousetrap and protect our country."
Neely said the National Guard is called about twice a month to respond to a cyber attack. He said the key is to plan and train before an emergency arises.
"Not all cyber attacks require a national guard response, but as with other domestic emergencies, it's important for the National Guard to be ready in the event that civilian resources are exhausted," Neely said. "As with other emergencies, it's not a good idea to be trading business cards in the middle of a crisis."
Neely said 14 state governments and private companies like Microsoft, Dell and utility provider Southern Company are participating in this year's Cyber Shield training.
Neely said Cyber Shield has evolved into the largest, unclassified cyber training exercise in the military, and it will continue to evolve each year as threats evolves.
