National Guard Participates in Adriatic Cyber Exercise in Slovenia Published July 10, 2024 By Maj. Benjamin Hughes, Maryland National Guard Public Affairs Office POSTOJNA, Slovenia - Approximately 50 National Guard Soldiers and Airmen from six states participated in the Adriatic Regional Security Cyber Cooperation exercise with their armed forces partners from seven nations at the Slovenian Armed Forces Baron Andrej Čehovin barracks from June 24 to July 5. The two-week cybersecurity training event included approximately 60 representatives from Albania, Bosnia and Herzegovina, Croatia, Kosovo, Montenegro, Slovenia and North Macedonia, who joined their State Partnership Program counterparts from New Jersey, Maryland, Minnesota, Iowa, Maine and Colorado. Each state and its partner nation formed a 10-member defensive cyber blue team, while some supported an offensive red team and a white cell for the live-fire cyber exercise on the Slovenian cyber range. Each blue team worked on the same simulated scenario as the other teams did simultaneously. The exercise’s purpose was to enhance cooperation between the partners. At the same time, they investigated the network together and identified where the enemy was attacking so they could develop remediation and mitigation plans. The defensive cyber operators also tracked threat actors’ movements to create a timeline of the attack and how it might impact the network systems. “ARSC2Ex was different from other cyber exercises as we didn’t allow the blue team to take actions against the red team for three days,” said Colorado Army National Guard Lt. Col. David Cutler, chief information officer/G-6 director. “They instead were required to investigate the network to identify every presence of the red team they could find, develop a mitigation plan, and then execute that plan on the final day to see if they could completely remove the red team from the network.” After an adversary is removed from the network, the cyber teams ensure the network is hardened to prevent continued access. Five Soldiers with the Maryland Army National Guard’s Cyber Protection Team 169 trained with four Armed Forces of Bosnia and Herzegovina’s Security Operation Center members during the defensive cyberspace operations to continue developing their cyber collaboration and information sharing. “I am excited to see the progress we have made as I’ve been working SPP events with the Armed Forces of BiH for three years now,” said Maryland Army National Guard 1st Lt. Briana Harvey, blue team lead for the exercise. “We started out as strangers, but now we are like family, so we are more intertwined. I really see the closeness between us and how we are one team together.” This is the first exercise in which AFBiH and the CPT 169 were on a cyber range simultaneously. Harvey expects more similar exercises in the future. “I think of all of us like a family,” said AFBiH Lt. Armin Kolašinac, Security Operations Center member. “We have a good time on the job and off the job. I hope that in the near future, we will be able to create a cyber exercise so that the 169 CPT members can come to our range and we can share our knowledge with them.” One Maryland Air National Guard Airman from the 276th Cyberspace Operations Squadron, one AFBiH civilian, and two Soldiers from CPT 169 supported the red team from another building at the Slovenian base. The Colorado National Guard and its partner, Slovenia, led the overall exercise. The Iowa Air National Guard’s 132nd Combat Training Squadron Detachment 2 took the technical lead for setting up the cyber range and the scenario development in coordination with the civilian company Simspace, which specializes in military-grade cyber ranges, and Slovenia’s new Cyber Range Department. “This exercise is fundamentally about building enduring relationships for this shared fight we have in the cyber domain,” said Iowa Air National Guard Lt. Col. Erik Howg, commander of the 168th Cyberspace Operations Squadron. “The more connected we are with information sharing, the better equipped we’ll be to prevent our cyber adversaries from achieving their goals.”