Cyber Command’s Plan to ‘frustrate’ Hackers Is Working

Uploaded on 2019-03-06 in FREE TO VIEW

Gen. Paul Nakasone, the head of US Cyber Command, used a prepared testimony before the Senate Armed Services Committee last month to describe an organisation that has been more active in recent months and one that is conducting cyber operations in multiple places throughout the world.

“They are actively in our network communications, attempting to steal data and impact our weapons systems. So advantage is gained by those who maintain a continual state of action.”

In prepared remarks before the committee, Nakasone said that under a new guiding philosophy referred to as “Defend Forward,” the Department of Defense will take action against those who attack the United States. Defend Forward is often described as fighting the cyber battle on someone else’s turf as opposed to fighting it at home.

This includes gaining access to adversary networks or infrastructure to get insights into what they might be planning.

“In practice, this means confronting our adversaries from where they launch cyberattacks and developing robust capabilities that are responsive to Defense Support to Civil Authorities (DSCA) activities,” Nakasone wrote in his testimony.

What has this Meant in Action?

Nakasone outlined how the command supported European Command, Northern Command, the Department of Homeland Security, the Federal Bureau of Investigation to defend against attacks on the 2018 midterm elections. This included establishing a Russia small group within the NSA, as well as working with European Command and European countries.

“We created a persistent presence in cyberspace to monitor adversary actions and crafted tools and tactics to frustrate their efforts,” Nakasone said.

Second, Cyber Command is also supporting ongoing DoD operations in the physical realm, namely against terrorist actors.

“We are employing cyber capabilities to improve force protection, bolster intelligence, understand and shape the information environment, and disrupt the operations, command and control and propaganda of several insurgent and terrorist groups in support of Central Command, Africa Command and Special Operations Command,” he said.

“Cyberspace operations in places like Iraq, Syria, Yemen and Afghanistan today integrate and synchronise cyberspace and information operations with kinetic missions, with each enabling the other for offensive, force protection and intelligence purposes.”

One aspect of Cyber Command’s operation apparently involved a form of electronic signaling to Russian hackers and their trolls who purposely say things that are controversial and conduct disinformation campaigns on social media.

The signaling said that the US knew where the Russians’ command-and-control systems were and could disrupt them if need be, according to officials, who spoke on the condition of anonymity to describe sensitive operations.

Officials have been reluctant to disclose additional details, saying that doing so could help US adversaries.

Nakasone also pointed to the shift in the counter-terrorism mission, aligning Marine Corps Forces Cyberspace Command to the cyber component supporting the joint and coalition efforts to degrade ISIS in Iraq and Syria and sought to deny ISIS’s use of cyberspace for spreading its message and coordinating operations known as Joint Task Force-Ares.

Previously, Army Cyber Command was in charge of the task force. Under what is known as the Joint Force Headquarters-Cyber (JFHQ-C) construct, which provides planning, targeting, intelligence and cyber capabilities to assigned combatant commands, MARFORCYBER supports Special Operations Command.

In one sense, this realignment was thought to be a natural progression as the Marines are aligned with Special Operations Command and its transregional mission to counter violent extremists.

Moreover, Nakasone wrote that Joint Task Force-Ares has embarked on a special mission partnership with NSA to act together as a hub for whole-of-government cyber planning in the ongoing counterterror fight.

Fifth Domain:       Washington Post

You Might Also Read:

Three Ways the Pentagon Could Improve Cyber Intelligence

 

 

 

« Four Ways That Fake-News Sites Trick People
Blockchain’s Newest Application Is Civil Aviation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

National Association of State Chief Information Officers (NASCIO)

National Association of State Chief Information Officers (NASCIO)

NASCIO's Cybersecurity Committee focuses helps state CIOs to formulate high-level security and data protection policies and technical controls.

Cyber Security & Information Systems Information Analysis Center (CSIAC)

Cyber Security & Information Systems Information Analysis Center (CSIAC)

CSIAC is chartered to leverage best practices and expertise from government, industry, and academia on cyber security and information technology.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

Sonda

Sonda

SONDA is the leading systems integrator and IT service provider in Latin America.

Dracoon

Dracoon

DRACOON is market leader in the German-speaking region for secure enterprise file sharing.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Valarian

Valarian

Valarian (formerly Worldr) is on a mission to build cutting-edge solutions that empower borderless collaboration in the new era of digital sovereignty.

European Center for CyberSecurity in Aviation (ECCSA)

European Center for CyberSecurity in Aviation (ECCSA)

ECCSA is a cooperative partnership within the aviation community to better understand emerging cybersecurity risks in aviation and provide collective support in dealing with cybersecurity incidents.

Allentis

Allentis

Allentis provide adapted solutions to ensure the security and performance of your information system.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

Rausch Advisory Services

Rausch Advisory Services

Rausch delivers solutions that address compliance, enterprise risk, information technology and human resource capital.

O'Reilly Media

O'Reilly Media

O’Reilly’s help professionals learn best practices and discover emerging trends that will shape the future of the tech industry.

Resemble AI

Resemble AI

Resemble AI is an innovator in Generative Voice AI technology and tools to combat AI fraud including audio watermarking and deepfake detection.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.