Defense

Cyber Command awards nearly $60M contract for ‘hunt forward’ operations

Sealing Technologies will provide equipment for cyber teams to deploy to partner nation networks.

April 22, 2022

Inside U.S. Cyber Command at Fort Meade, Maryland. (Josef Cole / DOD / U.S. Cyber Command)

U.S. Cyber Command has awarded a nearly $60 million contract to Sealing Technologies to provide equipment to conduct defensive cyber operations abroad on the networks of partner nations, the company announced Thursday.

Specifically, the award is for so-called hunt-forward operations, which involve physically sending defensively-oriented cyber protection teams from the Cyber National Mission Force to foreign nations to hunt for threats on their networks at the invitation of host nations.

Sealing Technologies’ prototyped solution was awarded funding through an other transaction authority agreement (OTA) through the Defense Innovation Unit, the company said.

The equipment will support automated deployments, configurations and data flows for cyber ops. It is modular in self-contained units that can be carried on commercial aircraft, according to the company.

“SealingTech’s kit is designed to be modular so it can be configured for mission requirements and optimized for enhanced performance characteristics,” said Angie Landress, program manager at Sealing Technologies.

Recently, working with industry and academia, Cyber Command was able to develop new kits for hunt-forward operations that allow them to observe malicious cyber activity on more networks faster, Holly Baroody, deputy to the commander of the Cyber National Mission Force, said during an event hosted by AFCEA’s D.C. chapter Wednesday. It wasn’t immediately clear if she was referring to Sealing Technologies’ capability.

Hunt-forward operations are a key pillar of Cyber Command’s persistent engagement operating concept, which posits constant contact with adversaries to cause them friction in their attempts at malicious behavior aimed at the U.S. homeland and partner nations.

“Through our hunt-forward operations, we’re able to detect and identify adversary malware and techniques, often before it’s used against the United States … We go where the intelligence tells us there’s a shared threat to our homeland,” Baroody said. “We then share that with the partner nation so that they can take the necessary steps to secure their networks. We also share our findings with other government partners like FBI, DHS CISA, as well as private industry, arming them with the information to bolster the defense of our homeland.”

These operations also require important relationship and trust building with partners in order to place sensors on their networks to observe traffic.

Since 2018, Cyber Command has deployed teams more than 28 times to 15 nations on over 50 networks, Baroody said, including to Ukraine and NATO countries to bolster defense against Russian cyberattacks.

As part of its efforts to cause friction for adversaries, the Cyber National Mission Force will release information about malware discovered during these hunt-forward operations to expose enemy tools and warn the broader cybersecurity community.

To date, the force has released over 90 malware samples, Baroody said.

“We leverage the industry standard of VirusTotal to ensure the industry partners can strengthen their networks and that the tools our adversaries employ can be inoculated against — essentially removing it from their arsenal,” she said.