Cyber Command Finishes its First ‘Hunt Forward’ Operation in Latin America
The agency and its allies engaged in an exercise to demonstrate their defensive operations and improve cyber defenses in the U.S.
The U.S. Cyber Command this month completed its first mission to detect adversaries operating on partner networks in the U.S. Southern Command’s jurisdiction and expand its overseas defensive cyber operations.
Cyber Command, which runs the military’s defensive and offensive cyber operations, has conducted over two dozen so-called “hunt forward operations” where cyber specialists deploy to partner nations to monitor adversary activity in foreign cyberspace. These operations are meant to both strengthen the defenses of shared networks around the globe and provide greater insight into adversary activity to improve the Defense Department’s cyber posture.
“We had our first … hunt-forward mission in SOUTHCOM just recently, which is amazing,” Brig. Gen. Reid Novotny, special assistant to the director Air National Guard for U.S. Cyber Command, J5, said at the Potomac Officers Club Cyber Summit this month. “The whole point of the defense-forward mission is to learn something on someone else’s network, a partner network, another nation’s networks, so we can bring back that information and make sure our networks are more secure.”
Novotny did not say which country the cyber specialists deployed for the hunt forward operation. SOUTHCOM covers 31 countries, 12 dependencies and areas of special sovereignty, specifically the land mass of Latin America south of Mexico, the waters next to Central and South America and the Caribbean Sea.
While abroad, expert teams help partners detect malicious activity on their government and military networks. The information gathered during hunt-forward operations is then shared with the host nation, the broader DOD community, the Department of Homeland Security, the Federal Bureau of Investigation and private industry.
Over the past several years, Cyber Command sent teams to Europe to help identify tools that Russian hackers use to break into partner systems and to Asia and the Middle East to help identify Chinese and Iranian hacking tactics.
Last month, a cyber team returned from a three-month-long hunt-forward operation in Latvia to work with the Canadian Armed Forces and the Information Security Incident Response Institution of the Republic of Latvia on identifying cyber threats posed to the Latvian critical infrastructure. Latvia is one of the most targeted states in the European Union from Russian hacking teams.
“Adversaries often use spaces outside the U.S. as a testbed for cyber tactics, which they may use later to access U.S. networks, but with our hunt-forward missions, we can deploy a team of talented people to work with our partners, find that activity before it harms the U.S. and better posture the partner to harden critical systems against bad actors who threaten us all,” Army Maj. Gen. William J. Hartman, commander of Cyber National Mission Force, said in a statement.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
DOD Dominates CISA’s President’s Cup Cyber Competition
The competition featured real-world scenarios such as the LastPass major attack in 2022 and incorporates emerging technology.
4m read -
68 Software Firms Sign CISA’s Secure-by-Design Pledge
A year since CISA's initiative, tech companies say their products will have built-in security features from the start.
3m read -
Spain’s Cyber Agency is Incubating Businesses to Protect NATO Cyberspace
INCIBE Secretary General Carla Redondo Galbarriatu said the private sector is key to strengthening cybersecurity.
12m listen -
DHS AI Board Sees Civil Rights as ‘Part and Parcel’ of AI Safety
Secretary Alejandro Mayorkas shared details about the new board's first meeting and how he sees it transforming the agency's AI development.
3m read