In response to reported cyber attacks earlier this year, Guam has been actively working on an island-wide threat response plan to enhance cybersecurity.

The U.S. Department of Homeland Security (DHS) recently approved this comprehensive plan, marking a crucial step in fortifying the island's cyber defenses.

The vulnerability of Guam's cybersecurity gained national attention when The New York Times revealed that a Chinese government-backed hacking group, known as "Volt Typhoon," successfully infiltrated local systems. 

The report emphasized the strategic importance of Guam in the context of American military response plans in case of a Taiwan invasion, making it a potential target for cyber attacks.

Furthermore, the report suggested that China’s first anticipated moves would be to cut off American Communications, slowing the ability to respond. 

It’s under this backdrop that Guam’s been working on the islandwide cyber security plan. 

Homeland Security Adviser Esther Aguigui shared some important information. 

“The majority of the plan that we have is going to focus on training and education. building our network, building sustainability, building our workforce before we can proceed with any other factor in that plan.”

“Like anything we have to start somewhere, and right now I think an objective might be to build and sustain our cyber readiness, look at our resources that are available to us, but its not gonna come, its gonna come at a pretty penny.”

Despite receiving an initial funding injection of $1.5 million from the DHS Cybersecurity and Infrastructure Security Agency, the plan's comprehensive nature indicates that more funding will be required.

A notable example of Guam's cybersecurity vulnerability occurred earlier this year when the island's hospital had to shut down its entire system for about a week due to multiple intrusions.

However, Lillian Posadas, GMH Administrator, assured that no sensitive information was compromised during the incident.

“Given the totality of the evidence there is a low probability that protected health information held by GMH was compromised, and there was no evidence that patient or employee financial or biographical data was compromised.”

Given the ongoing vulnerabilities, the approved plan will play a pivotal role in fortifying Guam's defenses against cyber threats. The cybersecurity team aims to establish a baseline to determine where future funding should be invested. 

A roundtable discussion on the subject matter shedded light on a few key points. 

“The good news overall is these breaches, none of these breaches were able to penetrate any of our data. They were just registered signatures by our sensors and we were able to stop it so it couldnt actually travel throughout our network.”

“DOD's indo pacom, their cyber incident response team that's gonna be helping us move a little faster along the way. What we dont want to do is rushing and skipping steps. Because cyber security is expensive, we dont want to kinda like say we're here, we thought we were really well-prepared, and then when we start going back we see more gaps.”