Cyber Command’s Plan to ‘frustrate’ Hackers Is Working

Gen. Paul Nakasone, the head of US Cyber Command, used a prepared testimony before the Senate Armed Services Committee last month to describe an organisation that has been more active in recent months and one that is conducting cyber operations in multiple places throughout the world.

“They are actively in our network communications, attempting to steal data and impact our weapons systems. So advantage is gained by those who maintain a continual state of action.”

In prepared remarks before the committee, Nakasone said that under a new guiding philosophy referred to as “Defend Forward,” the Department of Defense will take action against those who attack the United States. Defend Forward is often described as fighting the cyber battle on someone else’s turf as opposed to fighting it at home.

This includes gaining access to adversary networks or infrastructure to get insights into what they might be planning.

“In practice, this means confronting our adversaries from where they launch cyberattacks and developing robust capabilities that are responsive to Defense Support to Civil Authorities (DSCA) activities,” Nakasone wrote in his testimony.

What has this Meant in Action?

Nakasone outlined how the command supported European Command, Northern Command, the Department of Homeland Security, the Federal Bureau of Investigation to defend against attacks on the 2018 midterm elections. This included establishing a Russia small group within the NSA, as well as working with European Command and European countries.

“We created a persistent presence in cyberspace to monitor adversary actions and crafted tools and tactics to frustrate their efforts,” Nakasone said.

Second, Cyber Command is also supporting ongoing DoD operations in the physical realm, namely against terrorist actors.

“We are employing cyber capabilities to improve force protection, bolster intelligence, understand and shape the information environment, and disrupt the operations, command and control and propaganda of several insurgent and terrorist groups in support of Central Command, Africa Command and Special Operations Command,” he said.

“Cyberspace operations in places like Iraq, Syria, Yemen and Afghanistan today integrate and synchronise cyberspace and information operations with kinetic missions, with each enabling the other for offensive, force protection and intelligence purposes.”

One aspect of Cyber Command’s operation apparently involved a form of electronic signaling to Russian hackers and their trolls who purposely say things that are controversial and conduct disinformation campaigns on social media.

The signaling said that the US knew where the Russians’ command-and-control systems were and could disrupt them if need be, according to officials, who spoke on the condition of anonymity to describe sensitive operations.

Officials have been reluctant to disclose additional details, saying that doing so could help US adversaries.

Nakasone also pointed to the shift in the counter-terrorism mission, aligning Marine Corps Forces Cyberspace Command to the cyber component supporting the joint and coalition efforts to degrade ISIS in Iraq and Syria and sought to deny ISIS’s use of cyberspace for spreading its message and coordinating operations known as Joint Task Force-Ares.

Previously, Army Cyber Command was in charge of the task force. Under what is known as the Joint Force Headquarters-Cyber (JFHQ-C) construct, which provides planning, targeting, intelligence and cyber capabilities to assigned combatant commands, MARFORCYBER supports Special Operations Command.

In one sense, this realignment was thought to be a natural progression as the Marines are aligned with Special Operations Command and its transregional mission to counter violent extremists.

Moreover, Nakasone wrote that Joint Task Force-Ares has embarked on a special mission partnership with NSA to act together as a hub for whole-of-government cyber planning in the ongoing counterterror fight.

Fifth Domain:       Washington Post

You Might Also Read:

Three Ways the Pentagon Could Improve Cyber Intelligence

 

 

 

« Four Ways That Fake-News Sites Trick People
Blockchain’s Newest Application Is Civil Aviation »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Repository of Industrial Security Incidents (RISI)

Repository of Industrial Security Incidents (RISI)

RISI is a database of cyber security incidents that have (or could have) affected process control, industrial automation or SCADA systems.

Watchcom Security Group

Watchcom Security Group

Watchcom is one of Norway's foremost suppliers of information security consultancy services.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

Cobalt Labs

Cobalt Labs

Pen Testing as a Service for Modern SaaS Businesses. Cobalt is redefining the modern pen test for companies who want serious hacker-like testing built into their development cycle.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

Cybertronium

Cybertronium

Cybertronium is a leader in managing cyber risk. We bring you the latest from the complex, ever-evolving online threat environment with the insights to inspire and the expertise to act.

Strac

Strac

Eliminate Personal Data Risks from your business. Our Dataless SaaS removes the need to manage sensitive data across web, mobile apps, servers and communication channels.

Paubox

Paubox

Paubox offers secure, HIPAA compliant email and marketing solutions to fit the needs of modern healthcare organizations of every size.

ACI Learning

ACI Learning

ACI Learning - Training tomorrow’s industry leaders with formats for all types of learners in Audit, Cybersecurity, and IT.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

Treacle Technologies

Treacle Technologies

Treacle Technologies are a Cyber Security startup with a focus on Defensive Security.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.