Cyber Command Finishes its First ‘Hunt Forward’ Operation in Latin America
The agency and its allies engaged in an exercise to demonstrate their defensive operations and improve cyber defenses in the U.S.
The U.S. Cyber Command this month completed its first mission to detect adversaries operating on partner networks in the U.S. Southern Command’s jurisdiction and expand its overseas defensive cyber operations.
Cyber Command, which runs the military’s defensive and offensive cyber operations, has conducted over two dozen so-called “hunt forward operations” where cyber specialists deploy to partner nations to monitor adversary activity in foreign cyberspace. These operations are meant to both strengthen the defenses of shared networks around the globe and provide greater insight into adversary activity to improve the Defense Department’s cyber posture.
“We had our first … hunt-forward mission in SOUTHCOM just recently, which is amazing,” Brig. Gen. Reid Novotny, special assistant to the director Air National Guard for U.S. Cyber Command, J5, said at the Potomac Officers Club Cyber Summit this month. “The whole point of the defense-forward mission is to learn something on someone else’s network, a partner network, another nation’s networks, so we can bring back that information and make sure our networks are more secure.”
Novotny did not say which country the cyber specialists deployed for the hunt forward operation. SOUTHCOM covers 31 countries, 12 dependencies and areas of special sovereignty, specifically the land mass of Latin America south of Mexico, the waters next to Central and South America and the Caribbean Sea.
While abroad, expert teams help partners detect malicious activity on their government and military networks. The information gathered during hunt-forward operations is then shared with the host nation, the broader DOD community, the Department of Homeland Security, the Federal Bureau of Investigation and private industry.
Over the past several years, Cyber Command sent teams to Europe to help identify tools that Russian hackers use to break into partner systems and to Asia and the Middle East to help identify Chinese and Iranian hacking tactics.
Last month, a cyber team returned from a three-month-long hunt-forward operation in Latvia to work with the Canadian Armed Forces and the Information Security Incident Response Institution of the Republic of Latvia on identifying cyber threats posed to the Latvian critical infrastructure. Latvia is one of the most targeted states in the European Union from Russian hacking teams.
“Adversaries often use spaces outside the U.S. as a testbed for cyber tactics, which they may use later to access U.S. networks, but with our hunt-forward missions, we can deploy a team of talented people to work with our partners, find that activity before it harms the U.S. and better posture the partner to harden critical systems against bad actors who threaten us all,” Army Maj. Gen. William J. Hartman, commander of Cyber National Mission Force, said in a statement.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Trump's FBI Pick Calls for Increased Cyber Resiliency
Trump's pick for FBI Director Kash Patel has expressed his plans for bolstering the nation's cyber resiliency if confirmed by the Senate.
3m read -
DOE Cyber Pilot Takes Centralized Approach to Threat Monitoring
DOE's cyber pilot drives a centralized approach to threat monitoring and builds robust defenses to defend the nation's energy infrastructure.
5m read -
Securing the Expanding Attack Surface in Cyberspace
Agencies undergoing digital transformation face a more intricate threat landscape and a wider threat target for adversaries looking to exploit vulnerabilities.
30m watch -
ODNI-UVA Partnership Develops Future Intelligence Workforce
The National Security Data and Policy Institute aims to bridge skills gaps and develop the intelligence community's next-gen workforce.
3m read