With the rise of new technologies and the expansion of the digital world, cyber has become a critical component of warfighting, national security and innovation for the United States. In February 2022, cyber took the global spotlight as Russia began its invasion of Ukraine, but U.S. cyber forces were ahead of the threat and played a pivotal role in helping allied forces defend themselves.
“Starting in late 2021, the U.S. started to see indications of Russia’s mobilization, buildup and potential invasion. So with that information in hand, U.S. Cybercom played a key role in supporting our Ukrainian partners in hardening their networks,” said David Frederick, executive director of U.S. Cyber Command, during GovCon Wire’s Cybersecurity in National Security Summit.
David Frederick’s full keynote address is available to view on-demand now in GovCon Wire’s digital event library. Click here to watch the full Cybersecurity in National Security Summit.
“We sent several hunt forward teams to Ukraine in late 2021, and these teams, which are part of our Cyber National Mission Force, worked hand-in-hand with Ukrainians to look at some of their critical government networks and critical infrastructure networks, identify adversary activity and make some recommendations to them in terms of hardening and resilience,” Frederick explained.
By conducting these “hunt forward” operations, Cybercom not only supported Ukraine’s cyber defenses but also gathered unique insights into Russian activities that could then be applied to bolstering protections for the Department of Defense’s networks; and in an even wider impact, the information Cybercom gathered could then be shared with public and private sector partners and broaden the nation’s cyber defense capabilities, Frederick outlined.
Cybercom’s hunt forward missions have garnered international attention in recent months. Frederick illustrated that “in a hunt forward operation, we send a cyber protection team to work cooperatively with allies and partners.” The United States’ first hunt forward operation was conducted over three months in early 2022, and it involved hunting malicious cyber activity on Lithuanian national defense systems.
Hunt forward efforts and the Cybercom unit that carries them out, CNMF, are critical in executing Cybercom’s Defend the Nation mission, which is one of three missions assigned to the command by the DOD.
In the command’s Defend the Nation mission, Frederick explained, “we have responsibility as part of a broader, whole-of-government effort to defend the United States against significant cyber attacks and work very closely with a number of partners to do so.”
Some of Cybercom’s key partners in this mission include CISA, the FBI’s cyber division, intelligence community agencies, U.S. Northern Command and importantly, private sector organizations. The command’s overarching “persistent engagement” strategy is implemented via two main thrusts: enable and act. The “enable” prong centers around information sharing with public and private sector partners, and the “act” prong involved playing defense and stopping cyber attacks where they originate in foreign cyberspace. Frederick said the only way the U.S. can be successful in this effort is by harnessing the speed and agility of industry.
“The private sector owns and operates almost all the networks in the United States. And as a result, the private sector has unique visibility into the cyber threats that have encroached on domestic networks. We can’t defend the nation alone. Even the broader federal government team of CISA, FBI Cyber, Cybercom, NSA and others can’t do it alone. The private sector has a major role to play in cyber defense,” Frederick shared.
Learn more about the role of cybersecurity in the future of the federal government during the Potomac Officers Club’s Cybersecurity and Infrastructure Security Forum on Oct. 13. CISA CIO Bob Costello is scheduled to keynote. Register here.