The language appears in the SASC-passed version of the annual defense policy bill for fiscal 2026. While the committee approved the legislation last week, the full text was only released Wednesday.

Specifically, if it becomes law, the legislation would require a report from the Pentagon on the integration of reserve components, namely the National Guard, into the cyber mission force. It would also mandate an implementation plan.

The cyber mission force is comprised of 147 teams — including offensive, defensive and support teams — that the military services provide to U.S. Cyber Command to employ for operations.

Guard units have been used to support or supplement active units in various capacities. In fact, at the outset and creation of the cyber mission force nearly 15 years ago, the Air Force decided to initially take a total force approach to build its contribution, meaning its teams were made up of a mix of active component and Guard members.

Other assistance, most notably, includes Task Force Echo, the biggest Guard cyber mobilization to date with soldiers from 32 states having supported it over a number of years.

Little public information is known about the task force other than it aids full-spectrum cyber operations for Cybercom’s Cyber National Mission Force. While not so-called “trigger pullers,” sources have also indicated the task force provides infrastructure support.

The Guard has also conducted experiments with Cybercom in years past to test what was called the Cyber 9-Line, a tool that allows participating Guard units from their respective states to quickly share incidents with the Cyber National Mission Force, which can provide analysis of discovered malware and offer feedback to the states to help redress the incident, while also potentially taking action against the threat outside U.S. borders.

The Senate Armed Services Committee’s fiscal 2026 policy bill would require a report that provides an assessment of different authorities in each status of the reserve components, with particular focus on the National Guard and authorities under title 32, and how the DOD can use those personnel in such statuses within the cyber mission force.

It should also include an analysis of current and planned efforts to work with the military departments, the National Guard and the adjutants general of each state to develop unique cyber capabilities that address identified operational requirements — and a description of methods to work with those entities to track and identify key skills and competencies that aren’t part of primary military occupational specialties.

Moreover, senators want to see an evaluation of what types of authorities would be most beneficial to maximize the activation and support of the reserve components to cyber operations as well as an evaluation of the existing barriers to or impediments for integration of the reserve components into the cyber mission force.

The Guard has been lauded as an under-tapped and potentially vital resource for the nation in cyberspace. Many of its members work in cybersecurity as their full-time jobs when they’re not in uniform, meaning they oftentimes possess unique skills not always found in the active component.

There have been big pushes in recent years to more tightly integrate these Guard and Reserve forces into the larger DOD cyber enterprise to be able to act as surge capability in the event of a major cyber incident against the nation.

Legislation has also been introduced previously to help clear hurdles — real or perceived — to allow the Guard to respond to cyber threats.

The post Senate bill calls for tighter reserve component inclusion in cyber mission force appeared first on DefenseScoop.

Cyber Yankee, now in its 11th year, is a one-of-a-kind exercise that acts as a dry run of sorts in which members of the Guard in the six New England states work side-by-side with the private sector, utilities and other entities to protect critical infrastructure — which includes operational technology and industrial control systems — in a simulated attack.

A small utility in Littleton, Massachusetts, nearly 40 miles from Boston and roughly 20 miles from New Hampshire, was notified in 2023 by the FBI that it had been compromised by the Chinese entity dubbed Volt Typhoon.

Volt Typhoon is one of a number of cyber players from China that have been discovered in U.S. networks, troubling American officials. For its part, Volt Typhoon was discovered inside U.S. critical infrastructure using a technique in the cybersecurity world dubbed “living off the land,” which means it’s using legitimate tools organic to the systems for malicious purposes.

What has particularly alarmed officials regarding Volt Typhoon is the paradigm shift of Chinese threats moving from espionage and intellectual property theft to holding critical infrastructure at risk.

Other high-profile threats include Salt Typhoon, which targeted and breached telecom companies.

Littleton Electric, Light, and Water Departments provided a briefing to the participants of Cyber Yankee this year during a “lunch and learn” event in what proved to be an eye-opening and educational experience for attendees.

“Volt Typhoon penetrated their network, had access to IT systems and potentially OT systems. That’s the type of thing that our exercise scenario is built around,” Lt. Col. Matthew Dupuis, exercise director for Cyber Yankee with the New Hampshire Army National Guard, said in an interview.

Officials said after that briefing, there was a noticeable shift to more of the military members focusing on the OT track of the exercise.

The briefing was new to Cyber Yankee this year and it was so useful, planners hope to have more companies with similar experiences do the same thing next year.

“It was great being able to hear that from real, live people,” Dupuis said.

The Guard is a critical resource for states and localities as the first responders to cyber incidents that affect critical infrastructure, which are becoming more rampant from attacks on pipelines and water systems. When threat actors — from hacktivists to ransomware deployers to nation-states — compromise private critical infrastructure companies, the Guard often acts as a surge force when called up by the governor to aid in the remediation of threats on private networks.

Exercises like Cyber Yankee allow trust to be built between the Guard and private companies, who ultimately own the networks and have to invite Guardsmen to come in and help.

The operational technology for a water treatment plant is different than an electric power generator or a grid operator or natural gas pipeline, and thus it’s important for each sector and the government to come together through different tracks to rehearse and learn.

Cyber Yankee rotates every year, taking place in a different New England state. This year, it was held in New Hampshire May 5-16. By the end of the exercise, it saw almost 400 participants, which included 240 military, 20 government, 35 private industry — such as water, power and utilities — and 40 international partners from Albania, the Bahamas, El Salvador, Israel, Kenya, Paraguay and Uruguay.

While last year was the first iteration to introduce foreign partners, only a few actually played in the exercises as most observed. This year, the majority were slated to be active participants alongside their U.S. counterparts.

The scenario that plays out is unattributable cyberattacks against critical infrastructure in the New England region. Guard cyber forces are activated by governors to support the critical infrastructure companies with incident response.

“Everyone knows who our pacing threat is. China is our pacing threat, if you look at our strategic guidance from the president. China is an active threat, as we’ve learned from Volt Typhoon. We’ve seen Volt Typhoon [in] the news and the other ‘typhoons’, [including] Salt Typhoon,” Col. Cameron Sprague, deputy director for Cyber Yankee with the Connecticut Army National Guard, said. “This year’s scenario is focused on that peer, near-peer nation-state threats against United States critical infrastructure specific to the New England region.”

The exercise uses real-world scenarios and open source tactics, techniques, procedures and exploits to simulate the most realistic environment for participants as possible. It uses open source products purposefully to keep the event unclassified.

“We base the scenario on real world from an open source standpoint, so we can keep it completely unclassified because of the foreign, coalition partners that are here, as well as the civilians from [critical] infrastructure. That way, it allows us to have a good interaction without having to be concerned with security clearances. There’s enough open source material that’s very realistic for the scenario that allows us to do that training,” Col. Barry Groton, Unified Coordination Group lead for Cyber Yankee with the New Hampshire Army National Guard and one of the exercise’s founders, said. “We could do this at the [top secret] level, but it wouldn’t be the same. A lot of these utility folks, they do have some that have clearances, but it would just be really difficult … what happens at a utility that’s not classified.”

The companies find the exercise useful because it’s something that they can’t just go out and buy, officials said. They receive top-notch training that they can’t get anywhere else by partnering with the Guard as well as other companies in their sector.

For the Guard, it also aids in their homeland defense mission as a critical resource to the federal government.

The “National Guard [is] looking at the potential homeland defense mission in support of defense critical infrastructure, which the working definition of that is, critical infrastructure that supports military installations and military ability to project power and to have habitual relationships — and specificity with those particular nuances of the different utilities because it’s not generic,” Groton said.

From an active-duty military perspective, there has been growing interest in recent years. While last year was the first year the Space Force observed Cyber Yankee with a small contingent, this year additional guardians came.

Their interest is the operational technology aspect, as the Space Force’s cyber element focuses a lot on those types of systems.

The post National Guardsmen receive brief from Volt Typhoon utility victim at cyber exercise appeared first on DefenseScoop.

Task Force Echo has aided the combatant command’s Cyber National Mission Force, which conducts what are essentially offensive operations to protect the nation from malicious cyber actors. Little public information is known about the task force other than it supports full-spectrum cyber ops. Sources had indicated that it has also supported Joint Task Force-Ares, which sought to limit the Islamic State group’s abilities in the digital world, and now focuses on state actors, namely, China.

While not so-called “trigger pullers,” sources have also indicated the task force provides infrastructure support.

The organization was officially sunset in a ceremony at Fort Meade, Maryland, according to a post by the 780th Military Intelligence Brigade.

The closure was a planned move with Marine Corps Forces Cyberspace command taking over the mission. Responsibility transferred to MARFORCYBER to support the Joint Mission Operations Center Maryland (JMOC-M) at Fort Meade, which is where cyber ops are launched from.

There was a transfer of authority to MARFORCYBER last year between Task Force Echo VII and VIII, according to an Army official, for the JMOC mission. Task Force Echo continued to support MARFORCYBER and the mission until the end of its last rotation on Tuesday.   

Cybercom identified an immediate need in 2017 and called upon the 91st Cyber Brigade, an Army National Guard unit with five cyber battalions across several states, according to the post.

Sources have indicated that when the JMOC was established, technical support in the way of infrastructure, network operations and security operations center support was needed.

Overall, soldiers from 32 states have supported the effort on a rotating basis. It was aligned under the 780th and Army Cyber Command with soldiers engineering, installing, operating, maintaining and defending critical network infrastructure and conducting cyberspace ops in support of Cybercom and the CNMF.

Officials have indicated the task force mobilization was historic given it was the first Army National Guard mobilization of its size to support Cybercom full time. It was seen as a mutually beneficial relationship allowing the Guard to gain real-world experience while taking the mission from the brigade, which had to use resources to initially support the effort.

The Guard has been lauded as a critical resource in the overall national cyber defense landscape, serving as the first responders to cyber incidents that affect critical infrastructure, which are becoming more rampant from attacks on pipelines and water systems. They can also be mobilized to support broader national security missions.

The post Army National Guard task force supporting Cybercom comes to a close appeared first on DefenseScoop.

While the Department of Defense has teams that conduct cyber operations, those joint forces are limited in number and focused on attacking enemy systems and defending the network. As such, the Air Force believes it needs its own cyber capabilities to ensure it can gain and maintain air superiority.

“We have started to make investments in our own service capabilities … not just of course for cybersecurity, or defensive capabilities, but we do believe that at a tactical level we might need a cyber-enabled air superiority type of capability,” Lt. Gen. Leah Lauderback, deputy chief of staff for intelligence, surveillance, reconnaissance and cyber effects operations, said during a webcast hosted by Defense One last week. “Air superiority, that’s the function that we absolutely know that the Air Force presents and we think that there’s a tactical cyber capability that we might be able to develop. We’re doing that today in very small numbers, but that is a growth area for sure.”

Lauderback in the past has described the effort as “provid[ing] operationally integrated cyber capabilities to the air component to help assure the projection of air power against the adversary in future operating environments.”

Based upon a series of wargames with the Joint Staff that brought together multiple concepts aimed at informing an integrated future force design, the Air Force determined it needed to develop a new concept and thus validated what it calls cyber-enabled air superiority, according to a service spokesperson.

The concept was built with integration of kinetic and multi-domain operations across planning, targeting and fires as a primary goal, they added, noting it is necessary because advanced threats have forced the service to more closely integrate so-called tactical cyber capabilities to give air components an edge in aircraft survivability and munition effectiveness in highly contested environments where small percentages of positive gain can make the difference between victory and defeat.

Currently, U.S. Cyber Command owns the forces and authorities to conduct operations off DOD networks while each of the services provide those forces. Authorities for cyber ops have been held at the highest levels of government for many years due to fears that such activities could have unintended consequences or spread into networks beyond the intended target.

As the cyber landscape has evolved along with a maturation and understanding of cyber operations in the military and targets that might not be connected to the traditional internet, each of the services have begun investing in capabilities and forces for their own offensive needs. However, this is mostly in the blended electronic warfare or radio frequency-enabled realm at the tactical level.

Each of the services now, in one way or another, are beginning to grow their own organic cyber teams and capabilities separate from Cybercom for tactical or expeditionary cyber operations.

“This doesn’t surprise me at all. This is overdue and it’s a great step forward for the Air Force,” Charles “Tuna” Moore, a retired three-star Air Force general who most recently served as the deputy commander of U.S. Cyber Command, told DefenseScoop regarding the cyber-enabled air superiority concept. “I hope they move very rapidly. And I hope they move to the other core missions that the Air Force has, not just air superiority.”

Moore noted that while Cybercom is set up to primarily operate at the strategic to operational levels of war, the services must be engaged at the tactical level and provide cyber capabilities to their service component commanders.

“When I spoke with senior members of the Air Force, I had conversations about this, which was you can’t successfully accomplish your five core missions, one of which is air superiority, if you haven’t invested in success in the digital space — not just from a defensive standpoint, but from an offensive standpoint, because the best defense is still offense,” he explained.

“At the tactical levels, the services are going to need to produce capabilities that they present to the service component commander, just like any other capability. For example, it might be a cyber capability, employed in conjunction with some type of EW capability, that comes off one of our fifth-generation aircraft like the F-22 or F-35. Those types of capabilities, tools and weapons are not the types of things that are really the main focus of Cyber Command. So we need the services to do this,” he added.

Tapping the National Guard

As part of the concept, the Air Force will be relying on a new National Guard unit, the 179th Cyberspace Wing, based in Mansfield, Ohio. In fact, the Air Force re-missioned this wing from a C-130 wing to become the first ever Air National Guard cyber wing.

Cyber-enabled air superiority is broader than just this unit — with contributions from the Air Force’s main cyber organization, 16^th Air Force — but the 179th will be a key player.

According to the unit’s website, it’s new mission “will provide cyber-enabled capabilities supporting tactical needs in air superiority and information warfare, which will provide a competitive advantage in combat performance and survivability in joint force operations.”

A National Guard Bureau memo in May of 2023 providing guidance on the 2022 National Defense Strategy, lauded the Air Guard for its overall innovation, noting that it develops asymmetric capabilities that informs future force design and is “leading innovation in the Information Warfare domain through establishment of a first of its kind Cyberspace Wing and development of the Cyber-Enabled Air Superiority operational concept.”

According to the unit, the process of re-missioning will take time. Its near-term focus is recruiting, training, retraining, creating infrastructure and updating the unit to prepare for the new mission, with the goal to reach initial operating capability sometime in 2025 and full operating capability sometime in 2027.

A spokesperson from the unit said the Air Force has committed nearly $150 million to the 179th for the establishment of a new Cyberspace Operations Group, ensuring it has the resources to deliver the competitive edge for joint forces in the cyber domain. Over the next five years, the president’s budget plans include $349.3 million for facilities, manpower, training and equipment to establish the 179th as an Air National Guard cyber-enabled air superiority unit, according to an Air Force spokesperson.

What is cyber-enabled air superiority?

Officials and sources weren’t totally forthcoming on the types of capabilities and missions these forces would be conducting, due to obvious sensitivities. Some have hinted that it will be mostly RF-type activities to create cyber effects, or active cyber-type effects launched from active electronically scanned array radars to disable enemy integrated air defense systems.

“We’re a wing that’s gonna produce leading-edge cyber effects in the next high-end conflict. That is just amazing because we would be at the leading edge. We’re not flying all the airplanes anymore, but we will help dominate the skies and have air superiority in the next fight. And our forces depend on us,” Col. Darren Hamilton, the commander of the 179th, said during the redesignation ceremony in September.

It could also be leveraging the variety of connected sensors the military plans to architect in the coming years.

“If we think about JADC2 properly, it won’t just be about moving data around between sensors and shooters. While that is important, and must be defended from a cyber perspective, we also need to think about JADC2 as an extension of our offensive cyber capabilities. We can use the JADC2 network to deliver cyber capabilities, not just traditional military capabilities and effects,” said Moore, the former Air Force three-star, referencing the Pentagon’s top priority of Joint All-Domain Command and Control, which envisions how systems across the entire battlespace from all the services and key international partners could be more effectively and holistically networked.

According to a 16th Air Force spokesperson, the intent is to posture the 179th to deliver non-kinetic effects to increase survivability of air platforms in a highly contested environment. That will provide an opportunity to evolve the capabilities, tactics and operational concepts necessary to integrate cyber capabilities and other non-kinetic effects with theater air components’ scheme of maneuver.

The 179th will also provide additional capacity to support ongoing operations in the information environment, the 16th Air Force spokesperson added. The expectation is that the 179th will provide expertise and focus on unique capabilities that integrate electromagnetic spectrum operations and radio frequency capabilities with cyber ops.

Officials explained that the cyber-enabled air superiority concept requires a blending of the total force to be successful.

“By partnering closely from the beginning, the Air Force has been able to harness ANG’s operational expertise in designing and building fully mission capable, combat equipped elements that are ready to be mobilized when needed in competition and conflict,” a spokesperson from the 179th stated. “Cyber-enabled air superiority will support tactical air domain objectives though cyberspace. Broadly speaking, our goal is to help secure a competitive advantage for joint forces to get in and out of airspace safely, increasing our effectiveness across all domains.”

The 179th also complements 16th Air Force activities with a focus on delivering cyber effects to enable air operations, the 16^th Air Force spokesperson said, noting that although the 179th will be focused on creating operational and tactical-level effects for a theater air component commander within a joint task force or combatant command, the 179th’s capabilities will be synchronized with Cybercom’s broader mission.

When it comes to what the concept will require, at the very least, experts noted that the forces will need kit and possibly infrastructure to operate.

“The challenges aren’t going to surprise you. You’re going to have to have a commitment to fund the billets and actually train and place the people in the positions. It’s one thing to talk about all these things, it’s another thing to follow through with the prioritization of the commitment of resources,” Moore said.

He added that policy and authorities will be another key issue to flesh out.

“The one area that is going to require some work is policy and authorities because to get where we are today requires an incredible amount of transparency and openness about cyber operations that we’re performing with other members of the interagency and our friends and allies,” he said. “There’s a lot of organizations that have legitimate equities in this space, but when you get down to the tactical level the time to act and … to be proactive can’t be constrained by strategic-level policies and authority frameworks.”

The post ‘This is overdue’ — Air Force creating tactical cyber capabilities to ensure air superiority appeared first on DefenseScoop.

“If we were to go back to 10 years when we started this, there were a lot of challenges working through what to do in this space. You have eliminated the gaps where law or policy or public private partnerships have stretched,” Lt. Gen. Maria Barrett, commander of Army Cyber Command, said May 15 during the distinguished visitors day at Cyber Yankee 24, which ran from May 6-17 at Joint Base Cape Cod.

Cyber Yankee, now in its 10^th year, is a one-of-a-kind exercise that acts as a dry run of sorts in which members of the Guard in the six New England states work side by side with the private sector, utilities and other entities to protect critical infrastructure — which include operational technology and industrial control systems — in a simulated attack.

Barrett noted that the exercises year after year have incrementally worked to take down barriers, further partnerships, and illuminate ideas, gaps and areas to change policies.

“Among the things that keep me awake at night is the resilience of our critical infrastructure, and particularly operational technology and industrial control systems, both on military installations and in the homeland,” Barrett said.

The Guard is a critical resource for states and localities as the first responders to cyber incidents that affect critical infrastructure, which are becoming more rampant from attacks on pipelines and water systems.

“We have to be ready and our governors when the bad day happens, the first response local, and it’s going to be state and the governors are going to say, ‘What do I have? What resources do I have here in the state before the federal government gets here? What can we do now?’” Lt. Col. Tim Hunt of the Massachusetts National Guard and Cyber Yankee exercise director, told visitors. “One of those resources is the National Guard, so we have to be ready for this. That’s why Cyber Yankee [is important] and that’s why we’re here.”

The event simulated cyberattacks stemming from an unknown actor against critical infrastructure across all of the New England states, with the governors mobilizing the Guard to respond.

The goal is to build relationships with utility companies so that in the event of a real-world incident, there is trust among responders as the Guard will have to operate inside utility networks. These exercises lay the groundwork for the utilities to understand what the Guard can do and vice versa, helping illustrate that Guard members aren’t trying to go places within the network where they’re not supposed to be.

While the exercise had five fake utility companies, members of real utility companies served as role players of the CIOs at the fictional companies.

The exercise is of interest to the active duty component and Army Cyber Command given that it runs the largest portion of DOD’s network.

Army Cyber Command is also responsible for cyber operations within the Northern Command area of responsibility, which includes the U.S. homeland.

Of particular interest now is the Chinese actor Volt Typhoon, which was discovered inside U.S. critical infrastructure using a technique in the cybersecurity world dubbed “living off the land,” which means it’s using legitimate tools organic to the systems for malicious purposes.

What has particularly scared officials regarding Volt Typhoon is the paradigm shift of Chinese actors moving from espionage and intellectual property theft to holding critical infrastructure at risk.

“I would be remiss if I didn’t mention the biggest thing to hit the cybersecurity landscape since you all gathered for Cyber Yankee a year ago, and that is what we are seeing happening [with] Volt Typhoon,” Barrett said.

“What got everyone’s attention is the seeming paradigm shift from cyber exploitation and traditional military targets or industry targets for foreign intelligence or espionage … to a new set of targets — aviation, water, energy, transportation. In other words, our critical infrastructure,” she added, noting that this actor will just sit and lurk with the purpose of disrupting these services at the time and place of its choosing.

In fact, there was a simulated actor within the exercise to replicate, as close as possible, Volt Typhoon.

At its initial instantiation, U.S. Cyber Command and its subordinate units, such as Army Cyber Command, were focused on Internet Protocol-based networks. However, Army Cyber Command in particular in recent years has worked to get more into the operational technology and ICS space.

Events like Yankee Cyber “inform what we’re doing at Army Cyber … [and] the mission that consumes easily 80% of my time, resources and people is operating and defending the Army’s portion of the DOD Information Network. The Army’s network is 1.2 million people spread across 288 posts, camps and stations. It is the DOD’s biggest network if you count both on premises and cloud,” Barrett said. “We are converging these networks, not just to get efficiencies … but really to substantially improve our resilience against an advanced persistent threat like Volt Typhoon.”

Army Cyber Command also must set the theater for the combatant commands it supports, meaning it must enable them to transition swiftly from crisis to conflict should deterrence fail.

Army Cyber Command has additionally placed a greater emphasis on hunting methodology in order to identify living-off-the-land techniques. Barrett noted that recently, following Russian cyber events, it had two of its high-end defensively oriented cyber protection teams focused on industrial control systems.

More broadly, the command’s cyber protection brigade is working more closely others to defend hydroelectric power plants and supply depots, with specializing training to defend industrial control systems.

This work is building toward the recent decision that Army Cyber Command is the organization in charge of the Army’s operational technology. Officials are in the process of providing how it will do that to senior leadership.

“This will enable us to move from the episodic CPT engagements on critical infrastructure to something that is more enduring, [with] continuous monitoring that is absolutely necessary in order [stay ahead of] a persistent threat,” Barrett said.

She noted that when U.S. Cyber Command was first created, it was focused primarily on nation-state threats. However, digital threats are much more pervasive now with both nation-state and independent actors executing ransomware attacks.

State Partnership Program

This was the first year in which international partners participated in Cyber Yankee.

The State Partnership Program was started at the conclusion of the Cold War and pairs state National Guard units with other nations’ militaries.

Cyber Yankee 24 saw participation from the Bahamas, Cyprus, El Salvador, Israel, Japan, Kenya, Latvia, Montenegro, Paraguay and Uruguay.  

Additionally, outside of the New England states, members from the Michigan, New Jersey and Maryland Guard units participated. This was also the first year that members of the Space Force joined in the event.

“We think that’s really great because when we go on engagements in these countries and we’re talking about cyber, some of the things that they’re most interested in is the United States, what we call whole of government. And really with this it’s expanded to kind of whole nation because we’re doing public and private,” Hunt said during a media engagement May 8. “They’re really interested in that how we worked with the military, with the Department of Homeland Security, with our private industry, how we work together in this industry, or in this field of cyber. That’s something that our foreign partners are really interested in learning about. And … we’re really interested in learning about how do they do things in their country or what has been their experience — because learning from each other is really the key of the State Partnership Program.”

The program was lauded for the role it played in helping Ukrainians counter Russia’s invasion of their country, based on the support and training that troops had received. The benefit, officials have said, is that relationships and trust are built and maintained long before crisis or conflict occurs.

“It all starts with … Lt. Smith and a lieutenant from Kenya or whatever country meeting each other in person, breaking bread together, training together and just getting to know each other,” Hunt said. “In 10 years, when those two officers are now majors or lieutenant colonels, they know each other, they have a relationship and they have trust.”

He noted that cyber knows no bounds and what happens overseas will likely affect the continental U.S. and vice versa. Working together and learning from each other is mutually beneficial and makes each partner stronger.

The post Army Cyber Command taking key lessons on critical infrastructure defense at National Guard exercise appeared first on DefenseScoop.

During a press briefing at the Pentagon on Thursday, the chief of the National Guard Bureau, Army Gen. Daniel Hokanson and Senior Enlisted Advisor Tony Whitehead discussed how these aims fit into the organization’s priorities for 2024.

“With an aggressive China asserting influence in the Indo-Pacific and around the globe, over to a belligerent Russia invading a peaceful neighbor, North Korea developing long-range offensive weapons — and numerous violent non-state actors at work in the Middle East and beyond — the mission of the National Guard, and the capabilities we bring to the fight, have never been more important,” Hokanson told reporters.

His team has moved deliberately in recent years to test out how drones can advance their efforts related to hurricane relief, infantry training, active shooter response, nuclear operations, and more. 

Last December, the Texas Air National Guard’s 147th Attack Wing announced it had recently received the Block 5 variant of the large MQ-9 Reaper drone, developed by General Atomics.

“Obviously, we’re very vested in the MQ-9. And when we look at the smaller drones, we’re trying to learn everything we can from what we’re seeing in the Ukrainian and Russian conflict. I was just in Poland two weeks ago and I met with our folks there and they’re looking very closely at what’s working, what’s not working — and we’re trying to learn from that so that we can develop the capabilities that we need to not only defend our forces, but also look at those that provide offensive capability. I think it’s too early to tell exactly what those systems will be,” Hokanson told DefenseScoop during the briefing. 

The general added: “But I will tell you, it is very important — based on what we’re seeing in the Red Sea and what we’re seeing with some of our locations in [U.S. Central Command] — to learn as much as we can and develop counter capability, but then also develop that capability as well.”

Three U.S. troops were killed by a one-way attack drone in Jordan late last month. In that same attack, 41 guardsmen were also injured, Hokanson noted — including one who he and his wife visited at a hospital earlier this week.

“It is a reminder that the National Guard serves alongside our active duty and reserve teammates on the frontlines as an operational force in a turbulent and ever-changing global security environment,” Hokanson said.

He and Whitehead both acknowledged their recognition of the critical importance of air defense capabilities for their personnel — both now and in the future.

“So, as a result, we work pretty closely with the Army. If they’re going to grow capability in air defense, of course they’ll consider putting some of that stuff in the National Guard. And historically, we’ve had large numbers of air defense units that have changed over time. So, we have the capability to regrow that if we need to,” Hokanson said.

When asked whether he’s happy with the current state of U.S. capabilities to counter enemy drones, Hokanson responded that “none of us will ever be happy until we have a 100% system that’s going to work and protect everybody and everything” all the time.

“But the beauty of our nation is we have a lot of researchers and folks looking at all these problems and really using technology, and what we’re learning on the ground, to improve the systems we have and develop future ones that are going to be even more capable. So, that said, I’m very supportive of the work that we’re doing. We know that there are issues and things that we need to face. We’re working on those each and every day,” he told reporters.

The post National Guard eyes UAS, air defense among 2024 priorities appeared first on DefenseScoop.

Teixeira is set for an initial appearance at the U.S. District Court for the District of Massachusetts, where he was arrested Thursday.

“FBI agents took Teixeira into custody earlier this afternoon without incident,” Garland confirmed in a press briefing shortly after the suspect was arrested. The attorney general said the arrest is directly associated with the federal “investigation into alleged unauthorized removal, retention, and transmission of classified national defense information.”

This arrest comes after U.S. authorities scrambled for days to hunt down the source of the leaked materials, which allegedly encompassed sensitive details about Ukrainian military operations and other classified national security and intelligence information that was shared globally on social media for a notable period of time before being taken down.

Pentagon press secretary Brig. Gen. Pat Ryder would not confirm initial reports that a Massachusetts Air National Guardsman was taken into custody Thursday in response to questions during a weekly Defense Department briefing that occurred at roughly the same time as Teixeira’s arrest.

“I don’t want to speculate or get ahead of the DOJ investigation — we need to allow that to run its course,” Ryder repeatedly told reporters.

Still, he did confirm that the Office of the Secretary of Defense is conducting its own internal review of multiple factors relating to safeguarding classified materials.

“This includes examining and updating distribution lists, assessing how and where intelligence products are shared, and a variety of other steps. I would say, though, that it is important to understand that we do have stringent guidelines in place for safeguarding classified and sensitive information. This was a deliberate criminal act — a violation of those guidelines,” Ryder said. 

In response to DefenseScoop’s questions at the Pentagon briefing, Ryder would not confirm whether the Defense Department is deploying technologies right now to spot leaked documents online and track potential indicators of internal leaking-type practices.

“I’m not going to get into the specifics of where, how and when we conduct our intelligence activities. But we’re always looking at potential gaps or potential vulnerabilities — and that’s something that will just be ongoing,” Ryder told DefenseScoop.

The post FBI agents arrest Air Force National Guard member in connection with DOD documents leak appeared first on DefenseScoop.

“Last year, the Texas National Guard 3D-printed the first-of-its-kind military barracks,” Chief of the National Guard Bureau Army Gen. Daniel Hokanson told reporters on Tuesday.

During a press briefing at the Pentagon, Hokanson and his Senior Enlisted Advisor Chief Master Sgt. Tony Whitehead detailed their priorities for the guard in 2023 — and high on that list is reform through innovation with various emerging technologies. 

One that’s already making waves for the branch (as well as other Pentagon components) is additive manufacturing, through which officials can construct three-dimensional objects with data computer-aided-design software or special object scanners that continue to advance.

“When you look at the importance of 3D printing, the ability to create just, say, parts of a piece of equipment, instead of storing it on the shelf or trying to get it one way or another — if you’ve got that 3D printer capable of making those parts, at the point of need, then just being able to make it when you need it, I think it’s one of those ways that we cannot only save money but become more effective and more efficient by having that ability to produce that stuff on hand,” Hokanson told DefenseScoop during the briefing.

Pointing to the recently completed barracks that were printed by Texas’ guard, Hokanson noted that at over 5,000 square feet, they house 72 soldiers — and were printed in 113 days. Then, he said, they were ultimately “ready for occupancy in 209 days, and at approximately 70% the cost of a conventional barracks.”

Hokanson has observed video footage and photos of the nascent barracks, and said he believes they are in use by guard members.

“But to us, when we look at the cost savings and the time at which, you know, we can’t help but take a look at this as a possible solution going forward. And this was really the first test, and then we’re looking for other applications where we can consider that,” he told DefenseScoop. 

During the briefing, Whitehead confirmed that, on a recent trip down to Texas, he had the opportunity to visit the printed-out barracks there and the team that led the innovation.

“It’s amazing — the things that they’re teaching now to some of our newest soldiers and airmen that are coming in under STEM. And so [3D-printing] is probably going to be the wave of the future — not just, as we see it, as building the infrastructure — but those that are coming in that will be part of the conversation that will help it move forward,” Whitehead said.

The post Following first-of-a-kind military barracks, the National Guard hunts for new innovations to 3D print appeared first on DefenseScoop.

“They built capability that’s dual use. It’s built for the Title 10 mission, the warfighter, but it also can be built [and fielded] in a homeland [scenario] because of the technology,” Kenneth McNeill, chief information officer/J6 for the National Guard Bureau, told FedScoop on a recent trip to Aberdeen Proving Ground, Maryland, in late June for a demonstration of capabilities associated with the Army’s integrated tactical network.

When called to respond to a national disaster or crisis, there are local, state and federal organizations the Guard must communicate and coordinate with. As a result, there needs to be technologies that make this easier.

“You’ve got to have technology that bridges and you can talk to those civilian agencies. The PEO has played a significant role in building out capability in the past and continue to build our capabilities,” McNeill said, referring to Program Executive Office Command, Control, Communications-Tactical, which fields the Army’s network equipment.

One such situational awareness tool is the Command Post Computing Environment (CPCE), which consolidates disparate standalone systems into a single user interface.

There’s an opportunity for the Guard to put some of its applications and systems in the proverbial app store that can be used for domestic operations, said Col. Evert Hawk, the leader of the network cross-functional team assigned to Army Futures Command.

“For security operations, you need to talk to the various law enforcement agencies,” he said. That could include the FBI or other federal and local agencies. In the case of the Jan. 6, 2021, insurrection, for example, it included D.C. Metro Police and Capitol Police.

“How do all these people [who] are on their own little network siloed, how do they all get together and talk?” he said.

Eleven units and mission training centers in Pennsylvania have already received CPCE and tactical server infrastructure, with 35 more expected in fiscal 2022.

Getting cloud-based applications and equipment that have a limited physical footprint is critical to rapid response.

“Having small scalable capability that you get to a location, you pop up, you plug into the D.C. Police Department or the Park Police or the Capitol Hill Police Department, that’s tremendous,” McNeill said of dealing with a domestic crisis like the events of Jan. 6, 2021.

In addition to the domestic mission of the Guard, fielding this equipment is important from a broader Army operational and modernization perspective. If Guard units have to be mobilized to conduct missions with the active component, they should be proficient in how the systems work.

“Network modernization is an enduring mission across the total force, and we need to not only understand what the future network looks like, but we need to make sure we have the right people in the right positions to operate it,” Col. Isaac Martinez, Army National Guard chief information officer and network communications officer, said during an Army National Guard G-6 tactical communications conference in May.

Other equipment that has been or will be fielded includes handheld and small form fit Manpack radios, secure wireless technology and terrestrial transmission line-of-sight radios, among others.

The Army is also in the process of converting the first National Guard Expeditionary Signal Battalion to an Expeditionary Signal Battalion-Enhanced. Such units are primarily meant to support other units that don’t have organic communications capabilities.

As part of this conversion, there are force structure changes that take place as well as replacing legacy equipment with technology that is more capable for satellite communications.

“You’re moving them from a legacy, more stationary … kit to much more expeditionary,” Col. Shane Taylor, program manager for tactical networks at PEO C3T, said. “Much more lighter, much more expeditionary up and down … for simple, intuitive to use.”

The post Army equipping National Guard with modernized network equipment appeared first on DefenseScoop.

This year’s Cyber Yankee exercise, which took place June 5-18 in Connecticut, sought to mature the Guard’s partnership with Cybercom through a threat-sharing portal called Cyber 9-Line.

This tool allows participating Guard units from their respective states to quickly share incidents with the combatant command’s elite Cyber National Mission Force, which conducts operations aimed at disrupting specific nation-state actors. The force is able to provide analysis of discovered malware and offer feedback to the states to help redress the incident, while also potentially taking action against the threat outside U.S. borders. Cyber Command can also, in turn, share threat data discovered in their operations outside U.S. networks with these states as a warning against potential attacks.

Cyber Yankee is a one-of-a-kind exercise that acts as a dry run of sorts in which members of the Guard in the six New England states work side by side with the private sector, utilities and other federal agencies to protect critical infrastructure in a simulated attack.

Given many defensive cyber teams in the Guard are spread across several states — and the fact that in the event of an incident, Guardsmen will have to work in private utility networks — the exercise acts as a dress rehearsal, enabling the organizations involved to gain partner trust, work through technical chops, and learn how to better run incident responses and operations.

“We had this year probably the strongest partnership we’ve ever had with Cyber Command in using the Cyber 9-Line tool,” Lt. Col. Cameron Sprague, executive director for Cyber Yankee and a Connecticut Guardsman, said in an interview. “I think last year, we might have done one or two Cyber 9-Lines. This year, I believe we did over 30 Cyber 9-Lines into Cyber Command.”

Those 9-Lines went directly to Cybercom’s joint operations center floor where they were actioned as part of the exercise.

Improving this relationship and exercising the use of the 9-Line had a two-pronged effect, Sprague said: First, it educated Guardsman in the six New England states on the tool and how to employ it.

“There are people that go home and realize, ‘Hey, this thing exists and I used it in an exercise. If something happens in my state, I can then use it during that incident,’” Sprague said.

He found the 9-Line beneficial in an actual real-world situation when in 2020 the city of Hartford, Connecticut, was hit with a major cyberattack.

One of the first real-world instances of using the 9-Line, Sprague said it was very successful with Cybercom exploiting the intelligence the state provided it and taking action with it.

“Our goal this year [at Cyber Yankee] was to push that experience out to the other states in New England and train all their people how to do that,” he said.

The second effect was Cyber Command continuing to mature the 9-Line and even beginning to develop policy guidance for it.

“They’re going to go out and develop more granular policy and what they’re looking for, which will benefit like everyone nationwide,” Sprague said.

Cyber Yankee “really advanced the 9-Line quite a bit,” he said. “It will be very critical if this ever happens in the real world.”

This year’s exercise also saw unique participation from active-duty cyber teams under a construct known as Defense Support to Civil Authorities. The U.S. military is barred from conducting operations on domestic soil unless explicitly asked to assist in disasters under this mechanism.

“If there was a large-scale cyber event, we want to do it with active components. That’s why we exercised it this year,” Sprague said of the active-duty participation from the Navy, Coast Guard and Air Force.

The goal is to work on these relationships before a crisis occurs.

Improved communication

One of the key successes at this year’s event, according to Sprague, was standardized communications and platforms to share information among the participants.

In the past, participants have been confused as to where information is posted, be it email, a Slack channel or elsewhere.

“We’re able to standardize a lot of that and print a playbook. That really, I think, lessened the confusion and enhanced training value of all the participants,” Sprague said. “This year we centralized on one communication platform, Hive-IQ. We also used that platform for assessments and it was this year much, much better than the previous patchwork of platforms we used in the past. We had a much, much smoother exercise. There weren’t as many hiccups.”

The playbook has been shared with other states so they can improve their cyber defenses.  

“Any state that wants to do a regional exercise, we like to bootstrap them into doing it,” Sprague said. “We have people come visit us all the time. I think we have people from Illinois this year, with the intent of taking our material and running their own infrastructure, their own regional exercise with our infrastructure, our stuff … our playbook, things like our scenario.”

The simulated threat this year was also more advanced than in years past.

“The biggest difference from last year to this year is that we elevated our game because the threat has elevated,” Sprague said. “The very first day we kicked off the hands-on exercise, we had a real world FBI threat brief with all of our private sector partners in the room. That further drove home the point that this isn’t just a notional thing anymore. This is real world, this could really happen and you need to take it very seriously.”

The post Cyber Yankee exercise helps National Guard mature partnership with Cyber Command appeared first on DefenseScoop.