The head of US Cyber Command, General Paul Nakasone, has revealed that the agency he heads conducted nine “forward hunting” operations in the last year, sending teams to different counties to help them. improve their defensive security posture and ward off cyber threats.
These missions keep “our nation secure in cyberspace,” Nakasone, who is also director of the National Security Agency, said at a summit on modern conflict and emerging threats at Vanderbilt University. “It provides an inoculation of those threats, and it provides a partnership with a nation that has asked us for help.”
Such missions are a win-win situation for the two participating governments, he said. Foreign nations benefit from U.S. cybersecurity tools and threat intelligence, and U.S. Cyber Command can install sensors on those nations’ networks, giving the military better visibility into threats at home. beyond the US border.
The agency’s first forward hunting exercise sent a Cyber Command team to Ukraine in 2018 with the goal of “understanding what our adversaries are doing, being able to capture that and then being able to share it,” said said Nakasone.
The adversary was presumably Russia, and as soon as the security analysts got off the plane in kyiv, they were met by the California National Guard, which had already been partners with Ukraine since 1993.
These types of information-sharing partnerships exemplify the importance of engaging with allied nations to win current and future conflicts: “The idea that we will enable and act,” Nakasone said. “Allow our partners to gain insight, share commerce, and then act when permitted – defensively, offensively and informatively.”
But they also underscore the “cross-border” nature of cyber threats, and how this influences decisions about how and where intelligence and information is collected, and how and where conflicts take place.
Case in point: the current illegal invasion of Ukraine, which involved a gruesome and bloody ground invasion and bombing campaign. Conflicts have also taken place in cyberspace, as Kremlin-sponsored groups have deployed at least six destructive instances of erasure malware against Ukrainian organizations and infrastructure. And according to Western government cybersecurity agencies, Putin’s henchmen are seeking to expand their cyberattacks on critical infrastructure of the United States and its allies.
While the battlefields were land, air and sea, “now it’s definitely space and cyberspace,” Nakasone said. “And if you think about space and cyberspace, it’s no longer the purview of one nation, one government, but a multitude of players, including the commercial sector.”
Rapidly mobilizing defenses against cyber threats and physical threats also requires tools such as big data, AI and machine learning, he added.
“In the environment we are in today, we can no longer rely on the ability of forward operating bases to provide ground centers, or the ability to use airborne intelligence surveillance and reconnaissance,” Nakasone said.
“We will rely on cyber operations and space for most of our intelligence gathering and essential key information about our adversaries.” ®