Cyber Command Finishes its First ‘Hunt Forward’ Operation in Latin America
The agency and its allies engaged in an exercise to demonstrate their defensive operations and improve cyber defenses in the U.S.

The U.S. Cyber Command this month completed its first mission to detect adversaries operating on partner networks in the U.S. Southern Command’s jurisdiction and expand its overseas defensive cyber operations.
Cyber Command, which runs the military’s defensive and offensive cyber operations, has conducted over two dozen so-called “hunt forward operations” where cyber specialists deploy to partner nations to monitor adversary activity in foreign cyberspace. These operations are meant to both strengthen the defenses of shared networks around the globe and provide greater insight into adversary activity to improve the Defense Department’s cyber posture.
“We had our first … hunt-forward mission in SOUTHCOM just recently, which is amazing,” Brig. Gen. Reid Novotny, special assistant to the director Air National Guard for U.S. Cyber Command, J5, said at the Potomac Officers Club Cyber Summit this month. “The whole point of the defense-forward mission is to learn something on someone else’s network, a partner network, another nation’s networks, so we can bring back that information and make sure our networks are more secure.”
Novotny did not say which country the cyber specialists deployed for the hunt forward operation. SOUTHCOM covers 31 countries, 12 dependencies and areas of special sovereignty, specifically the land mass of Latin America south of Mexico, the waters next to Central and South America and the Caribbean Sea.
While abroad, expert teams help partners detect malicious activity on their government and military networks. The information gathered during hunt-forward operations is then shared with the host nation, the broader DOD community, the Department of Homeland Security, the Federal Bureau of Investigation and private industry.
Over the past several years, Cyber Command sent teams to Europe to help identify tools that Russian hackers use to break into partner systems and to Asia and the Middle East to help identify Chinese and Iranian hacking tactics.
Last month, a cyber team returned from a three-month-long hunt-forward operation in Latvia to work with the Canadian Armed Forces and the Information Security Incident Response Institution of the Republic of Latvia on identifying cyber threats posed to the Latvian critical infrastructure. Latvia is one of the most targeted states in the European Union from Russian hacking teams.
“Adversaries often use spaces outside the U.S. as a testbed for cyber tactics, which they may use later to access U.S. networks, but with our hunt-forward missions, we can deploy a team of talented people to work with our partners, find that activity before it harms the U.S. and better posture the partner to harden critical systems against bad actors who threaten us all,” Army Maj. Gen. William J. Hartman, commander of Cyber National Mission Force, said in a statement.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Space Force’s Former CITO Talks AI Dominance Amid Rising Global Competition
Lisa Costa explains how the Trump administration’s recent AI legislation has signaled a strategic shift toward more agile and collaborative federal AI development.
9m listen -
Navigating Zero Trust for Cybersecurity
The World Bank Group and Lumen advance zero-trust strategies and identity management to secure sensitive data.
18m watch -
JWCC Next Targets Longer-Term, More Flexible Cloud Approach
DISA emphasizes market research and partner feedback to adapt to changing technology landscape and demands.
3m read -
Implementing Zero Trust to Boost Resiliency
Modernization, data security and culture shifts power zero trust at DOD and Red Hat.
32m watch