Cyber Command’s Plan to ‘frustrate’ Hackers Is Working

Gen. Paul Nakasone, the head of US Cyber Command, used a prepared testimony before the Senate Armed Services Committee last month to describe an organisation that has been more active in recent months and one that is conducting cyber operations in multiple places throughout the world.

“They are actively in our network communications, attempting to steal data and impact our weapons systems. So advantage is gained by those who maintain a continual state of action.”

In prepared remarks before the committee, Nakasone said that under a new guiding philosophy referred to as “Defend Forward,” the Department of Defense will take action against those who attack the United States. Defend Forward is often described as fighting the cyber battle on someone else’s turf as opposed to fighting it at home.

This includes gaining access to adversary networks or infrastructure to get insights into what they might be planning.

“In practice, this means confronting our adversaries from where they launch cyberattacks and developing robust capabilities that are responsive to Defense Support to Civil Authorities (DSCA) activities,” Nakasone wrote in his testimony.

What has this Meant in Action?

Nakasone outlined how the command supported European Command, Northern Command, the Department of Homeland Security, the Federal Bureau of Investigation to defend against attacks on the 2018 midterm elections. This included establishing a Russia small group within the NSA, as well as working with European Command and European countries.

“We created a persistent presence in cyberspace to monitor adversary actions and crafted tools and tactics to frustrate their efforts,” Nakasone said.

Second, Cyber Command is also supporting ongoing DoD operations in the physical realm, namely against terrorist actors.

“We are employing cyber capabilities to improve force protection, bolster intelligence, understand and shape the information environment, and disrupt the operations, command and control and propaganda of several insurgent and terrorist groups in support of Central Command, Africa Command and Special Operations Command,” he said.

“Cyberspace operations in places like Iraq, Syria, Yemen and Afghanistan today integrate and synchronise cyberspace and information operations with kinetic missions, with each enabling the other for offensive, force protection and intelligence purposes.”

One aspect of Cyber Command’s operation apparently involved a form of electronic signaling to Russian hackers and their trolls who purposely say things that are controversial and conduct disinformation campaigns on social media.

The signaling said that the US knew where the Russians’ command-and-control systems were and could disrupt them if need be, according to officials, who spoke on the condition of anonymity to describe sensitive operations.

Officials have been reluctant to disclose additional details, saying that doing so could help US adversaries.

Nakasone also pointed to the shift in the counter-terrorism mission, aligning Marine Corps Forces Cyberspace Command to the cyber component supporting the joint and coalition efforts to degrade ISIS in Iraq and Syria and sought to deny ISIS’s use of cyberspace for spreading its message and coordinating operations known as Joint Task Force-Ares.

Previously, Army Cyber Command was in charge of the task force. Under what is known as the Joint Force Headquarters-Cyber (JFHQ-C) construct, which provides planning, targeting, intelligence and cyber capabilities to assigned combatant commands, MARFORCYBER supports Special Operations Command.

In one sense, this realignment was thought to be a natural progression as the Marines are aligned with Special Operations Command and its transregional mission to counter violent extremists.

Moreover, Nakasone wrote that Joint Task Force-Ares has embarked on a special mission partnership with NSA to act together as a hub for whole-of-government cyber planning in the ongoing counterterror fight.

Fifth Domain:       Washington Post

You Might Also Read:

Three Ways the Pentagon Could Improve Cyber Intelligence

 

 

 

« Four Ways That Fake-News Sites Trick People
Blockchain’s Newest Application Is Civil Aviation »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LogmeOnce

LogmeOnce

LogmeOnce provides users with solution to multiple Password problems, Single Sign-On (SSO), and Identity Management.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions provides advanced, innovative data security solutions for enterprises, professionals and individuals.

Seavus Accelerator

Seavus Accelerator

Seavus Accelerator's goal is to create an enabling and stimulating environment for start-ups growth and provide continuous high quality acceleration and investment support.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

NanoVMs

NanoVMs

NanoVMs is the industry's only unikernel platform available today. NanoVMs runs your applications as secure, isolated virtual machines faster than bare metal installs.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

Netenrich

Netenrich

The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures.

Securosys

Securosys

Securosys is a technology company dedicated to securing data and communications. We develop, produce, and distribute hardware, software and services that protect and verify data and their transmission

Identity Management Institute (IMI)

Identity Management Institute (IMI)

Identity Management Institute (IMI) provides professional training and certification in cyber security with a focus on identity and access management, identity theft, and data protection.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

Encova Insurance

Encova Insurance

Encova’s cyber liability coverage protects you and your customers in case of a security breach in your company's data.

Software Improvement Group (SIG)

Software Improvement Group (SIG)

Software Improvement Group helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.

Bureau

Bureau

Bureau is a no-code, identity decisioning platform that offers businesses the complete range of risk, compliance and ongoing fraud monitoring solutions innovated with AI.