Cyber Command’s Plan to ‘frustrate’ Hackers Is Working

Uploaded on 2019-03-06 in FREE TO VIEW

Gen. Paul Nakasone, the head of US Cyber Command, used a prepared testimony before the Senate Armed Services Committee last month to describe an organisation that has been more active in recent months and one that is conducting cyber operations in multiple places throughout the world.

“They are actively in our network communications, attempting to steal data and impact our weapons systems. So advantage is gained by those who maintain a continual state of action.”

In prepared remarks before the committee, Nakasone said that under a new guiding philosophy referred to as “Defend Forward,” the Department of Defense will take action against those who attack the United States. Defend Forward is often described as fighting the cyber battle on someone else’s turf as opposed to fighting it at home.

This includes gaining access to adversary networks or infrastructure to get insights into what they might be planning.

“In practice, this means confronting our adversaries from where they launch cyberattacks and developing robust capabilities that are responsive to Defense Support to Civil Authorities (DSCA) activities,” Nakasone wrote in his testimony.

What has this Meant in Action?

Nakasone outlined how the command supported European Command, Northern Command, the Department of Homeland Security, the Federal Bureau of Investigation to defend against attacks on the 2018 midterm elections. This included establishing a Russia small group within the NSA, as well as working with European Command and European countries.

“We created a persistent presence in cyberspace to monitor adversary actions and crafted tools and tactics to frustrate their efforts,” Nakasone said.

Second, Cyber Command is also supporting ongoing DoD operations in the physical realm, namely against terrorist actors.

“We are employing cyber capabilities to improve force protection, bolster intelligence, understand and shape the information environment, and disrupt the operations, command and control and propaganda of several insurgent and terrorist groups in support of Central Command, Africa Command and Special Operations Command,” he said.

“Cyberspace operations in places like Iraq, Syria, Yemen and Afghanistan today integrate and synchronise cyberspace and information operations with kinetic missions, with each enabling the other for offensive, force protection and intelligence purposes.”

One aspect of Cyber Command’s operation apparently involved a form of electronic signaling to Russian hackers and their trolls who purposely say things that are controversial and conduct disinformation campaigns on social media.

The signaling said that the US knew where the Russians’ command-and-control systems were and could disrupt them if need be, according to officials, who spoke on the condition of anonymity to describe sensitive operations.

Officials have been reluctant to disclose additional details, saying that doing so could help US adversaries.

Nakasone also pointed to the shift in the counter-terrorism mission, aligning Marine Corps Forces Cyberspace Command to the cyber component supporting the joint and coalition efforts to degrade ISIS in Iraq and Syria and sought to deny ISIS’s use of cyberspace for spreading its message and coordinating operations known as Joint Task Force-Ares.

Previously, Army Cyber Command was in charge of the task force. Under what is known as the Joint Force Headquarters-Cyber (JFHQ-C) construct, which provides planning, targeting, intelligence and cyber capabilities to assigned combatant commands, MARFORCYBER supports Special Operations Command.

In one sense, this realignment was thought to be a natural progression as the Marines are aligned with Special Operations Command and its transregional mission to counter violent extremists.

Moreover, Nakasone wrote that Joint Task Force-Ares has embarked on a special mission partnership with NSA to act together as a hub for whole-of-government cyber planning in the ongoing counterterror fight.

Fifth Domain:       Washington Post

You Might Also Read:

Three Ways the Pentagon Could Improve Cyber Intelligence

 

 

 

« Four Ways That Fake-News Sites Trick People
Blockchain’s Newest Application Is Civil Aviation »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

rPeople Staffing

rPeople Staffing

rPeople provides direct placement in all areas of your organization, including and specializing in Technical and Executive hiring.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

Maryville Online - Cybersecurity Program

Maryville Online - Cybersecurity Program

The Cybersecurity Program at Maryville Online is designed to help students reach opportunities in cybersecurity leadership and management through an entirely online curriculum.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

cPacket Networks

cPacket Networks

cPacket’s distributed intelligence enables network operators to proactively identify imminent issues before they negatively impact end-users.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

Totaljobs

Totaljobs

Totaljobs is the UK’s largest hiring platform. We have over 280,000 live jobs adverts on our site, helping you to find any type of job in any industry, including cybersecurity.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Informer

Informer

Informer provides an Attack Surface Management SaaS platform alongside penetration testing services. We combine machine learning and human intelligence to reduce cyber risk.

NCC-CSIRT (Nigerian Communications Commission)

NCC-CSIRT (Nigerian Communications Commission)

NCC has established a CSIRT for the telecommunication industry to provide services and support for the prevention and management of potential cyber security related emergencies.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

Resillion

Resillion

Resillion (formerly Eurofins Digital Testing) is a global leader in quality engineering and cyber security services with operations in Europe, US, UK, India and China.

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.

DuploCloud

DuploCloud

DuploCloud offers an end-to-end DevOps software platform for dev teams that don’t have dedicated DevOps engineers and augments those that do.