Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Government
US Cyber Command Expanded 'Hunt Forward' Operations in 2023
US Cyber Mission Force Led 22 Defensive Cyber Operations in 2023, Commander SaysA secretive U.S. cyber military force ramped up global operations in 2023, executing more than double the average number of "hunt forward" campaigns than the previous five years, according to the head of U.S. Cyber Command.
See Also: New OnDemand | People-Centric Security for the Public Sector
The Cyber National Mission Force carried out 22 operations in 2023, Air Force Gen. Timothy Haugh - commander of the U.S. Cyber Command - testified to the Senate Armed Services committee Wednesday. The mission force deployed a total of 55 times since 2018, Cyber Command said in December.
Haugh told lawmakers the Cyber National Mission Force "constrained adversary freedom of maneuver" in 2023, while supporting allies and generating important insights on the evolving cyber threat landscape. Cyber Command’s hunt forward teams are deployed after partner nations invite the military force to assist in detecting malicious cyber activity on government systems and networks.
The hunt forward teams carried out cyber campaigns in all regions where the combatant command was authorized to operate in 2023, according to Haugh, resulting in the public release of more than 90 malware samples for review by global cybersecurity analysts and research communities.
Those malware disclosures "can make billions of internet users around the world safer online" and "frustrate the military and intelligence operations of authoritarian regimes," Haugh said in his written testimony.
The Cyber National Mission Force has evolved significantly since its inception in 2014, expanding its range of operations to support election security efforts and measures to counter international cyber espionage, among other initiatives. Typically considered by outsiders to be an enigmatic military command, the Cyber National Mission Force celebrated several high-profile campaigns in 2023, including a resilience building operation in Lithuania and a series of joint advisories highlighting Russian-based cyber threats..
A joint cybersecurity advisory the Cyber National Mission Force published in December with the FBI, Cybersecurity and Infrastructure Security Agency and a cohort of international cyber authorities warned about advanced spear-phishing campaigns launched by the Russian state threat actor known as Star Blizzard, also known as Coldriver and Callisto Group. The advisory said the Kremlin hacking group had been observed targeting a wide variety of sectors, including academia, governmental organizations and defense.
Haugh, who also leads the National Security Agency, said the combatant command and intelligence agency are working in unison to counter foreign interference in upcoming elections.
"We are committed to supporting the interagency effort to ensure election contests across our states and territories proceed from caucuses to certifications without effective foreign influence," Haugh said. "Let me assure you that our mission focus is foreign actors overseas."