The "shadow warriors" brigade

(To Ciro Metuarata)
25/11/19

It is a few days ago the news about the constitution of the 127th Cyber ​​Battalion of the Indiana State Army National Guard. The new unit, based about 75 miles from Indianapolis, is the fifth battalion of this type established in the last few years, together with the 123rd and at the 124th, both based in Virginia and the 125th e 126th, respectively located in Columbia and South Carolina. These departments share the same superordinate command, that is, the 91st Cyber ​​Brigade, established in February 2017 in Virginia, just seven months after the start of the related project.

Taking inspiration from the aforementioned news, we see below what the really consists of Cyber ​​Brigade of the "shadow warriors" (from the related motto "umbra bellatores"), or how it is articulated and what capacity it is able to express.

First of all it must be said that the cyber capabilities of the 91st Cyber ​​Brigade, units of the National Guard, are framed in a much broader context, made up of the capabilities of the Armed Forces formed by full-time professional soldiers, who report to the Cyber ​​Commands of the Army, Air Force, Navy and Marine Corps, gathered under the US Cyber ​​Command. There are also the skills expressed by the numerous federal intelligence and law enforcement agencies (NSA, CIA, FBI, etc.).

In general, what distinguishes the cyber units of the National Guard, in addition to the status of "part time" citizen-soldiers of its members, is the orientation of the capabilities expressed: if the cyber units of the Armed Forces are oriented to fulfill the entire spectrum of operations in cyberspace, the shadow warrior brigade, while also capable of expressing the full range of cyber capabilities, has the primary task of planning and conducting mainly defensive operations on the national territory, through units dependent on battalions such as the aforementioned 127th.

Each of the five battalions so far constituted is capable of operating on networks and military computer systems, on those of the Ministry of Defense or on those belonging to any other state or private structure and is formed by four subordinate units, namely: a company of cyber security, a company of cyber warfare and two Cyber ​​Protection Team (CPT), for a total of about one hundred, between men and women of the Army National Guard.

Specifically, the companies of cyber security conduct business of vulnerability assessment (search for "weak points" - programming or configuration errors - computer networks and systems), forensic analysis following security events or incidents (analyzes aimed at identifying the characteristics of cyber attacks, such as: techniques used, origin, presumable purpose, etc.) safety assessments and support to operators of critical infrastructures (electricity production plants, water network managers, hospitals, etc.) and, finally, consultancy in the field of cyber security in general. Companies of this type, through their respective commander, exercise the necessary authority to carry out the missions assigned to employees of cyber security teams, cyber security support or critical infrastructure support, in the framework of defensive operations in the cyber space.

The companies of cyber warfare, instead, I am able to play or support the role of opposing force (the "bad guys") in the context of cyber exercises, to conduct the entire range of military activities in cyberspace, including those of ISR (Intelligence, Surveillance and Reconnaissance). Such units are capable of enucleaving teams of network warfare, cyber analysis and cyber support, exercising on them the direction and address for the conduct of all types of cyber operations (therefore also of the offensive ones). Finally, the CPTs have the task of conducting cyber defense operations on military networks, which may also include the provision of services and consultancy in accordance with the federal regulatory framework and the respective States of belonging, such as validations / inspections of military Commands, vulnerability assessmentopposing forcescritical infrastructure assessment, support for theater security cooperation and training support e advisory and assistance.

It is interesting to note that the CPTs have the task of intervening within four hours of activation by the Higher Command, in the event of a cyber crisis. In addition, CPTs from already operational battalions, such as the Baltimore-based 169th CPT, are permanently employed in operations and also actively participate in all major cyber exercises.

Returning to the opening news, in a recent interview brig. gen. Lyles of the Indiana National Guard outlined further steps to be taken to ensure the 127th Cyber ​​Battalion become fully operational and highlighted some interesting aspects of the project. In particular, the senior officer highlighted that the battalion's staff will be completed in the next two years both by converting cyber personnel already enlisted in the National Guard to new positions and by recruiting "new talents" directly from the civilian world. At the same time the unit will receive the necessary training and will be equipped with specific materials, in order to achieve the expected operational standards.

General Lyles also drew attention to how the choice of the location where the battalion was constituted was not casual, but well thought out. The State of Indiana was chosen as it is a particularly "fertile" environment for cyber: on its territory there are many military and civil professionals, as well as universities and research centers operating in the specific sector. In essence, this favorable environment not only allowed the new unit to be formed with relative ease but will allow it to implement its capabilities just as quickly, generating a virtuous circle between the military and civil, academic and industrial worlds.

In this regard, it should be pointed out that what is being achieved in the National Guard could constitute a valid reference to which our Armed Forces could draw inspiration, with due proportions, in order to rapidly acquire cyber capabilities, assuming a leading role in strengthening the Country in that sector. On the other hand, something similar has already been put in place in France, a nation much closer to our reality, where the professional military of the cyber units of the Armed Forces, very similar in structure and Cyber ​​Battalion In the United States, "fixed-contract" reservists and reservists who provide free service are added. In particular, the elements that could be used as a model are: the predominantly defensive orientation of cyber units, however capable of conducting any type of operation, operating in support of military activities and, if required, also in relation to networks systems belonging to other State Administrations and / or critical infrastructure operators; the physiognomy and the concept of use of the CPTs; the use of professional skills already existing in the area, even if not of a continuous nature.

All this, applied in our country, would make it possible to create a "pool" of military experts in the sector, by profession or not, always up to date and readily usable both at home and in Operational Theaters. Moreover, this potential of the Defense could be made immediately available to the entire Nation in a real perspective dual use which, given the transversal characteristics of cyberspace, naturally connotes both threats and cyber capabilities aimed at countering them. Ultimately, it would be a very precious resource for our country, which would not necessarily come into play only in the event of a cyber crisis but, on the contrary, could act as a catalyst for the nation to grow rapidly in the sector of cyber security, increasingly crucial for the economy, society and security.

Sources:

https://nationalcybersecurity.com/infosec-midwest-to-get-first-cyber-bat...
https://www.army.mil/article-amp/228807/army_guard_announces_stationing_...
https://www.arcyber.army.mil/
https://www.army.mil/article/229547/169th_cyber_protection_team_is_capab...
https://www.army.mil/article-amp/194646/91st_cyber_brigade_activated_as_...
https://www.insideindianabusiness.com/story/41255709/adjutant-general-ta...
https://www.defense.gouv.fr/portail/enjeux2/la-cyberdefense/la-cyberdefe...
https://warontherocks.com/2019/04/a-close-look-at-frances-new-military-c...

Photo: US National Guard