U.S. Cyber Command has been very active in addressing security concerns regarding Russia’s invasion of Ukraine, from assisting the Ukrainians to providing intelligence to hardening networks domestically and globally, its commander said Tuesday.
“U.S. Cyber Command (with NSA) has been integral to the nation’s response to this crisis since Russian forces began deploying on Ukraine’s borders last fall,” Gen. Paul Nakasone, who also directs the National Security Agency, said in written testimony to the Senate Armed Services Committee. “We have provided intelligence on the building threat, helped to warn U.S. government and industry to tighten security within critical infrastructure sectors, enhanced resilience on the DODIN (especially in Europe), accelerated efforts against criminal cyber enterprises and, together with interagency members, Allies, and partners, planned for a range of contingencies.”
Nakasone also provided greater details from congressional testimony a month ago regarding the extent to which his cyber teams have assisted the Ukrainians to bolster their digital defenses.
So-called hunt forward teams sat side-by-side with partners to gain insights into threats, he said. These defensively oriented teams physically deploy to foreign nations to search for threats on their networks at the invitation of host nations. Officials say these activities are mutually beneficial because they help bolster the security of partner nations and provide Cyber Command and the United States advanced notice of adversary tactics, allowing the U.S. to harden systems at home against these observed threats.
Since Russia’s invasion in February, Cyber Command has conducted additional hunt forward operations bolstering the resilience of Ukraine and other NATO allies, Nakasone testified. This includes providing remote and analytic support to Ukraine and conducting network defense activities aligned to critical networks outside Ukraine.
Cyber Command is also ensuring the security and availability of command and control systems across the Department of Defense while creating options for national leadership and conducting operations as directed.
Along with interagency partners in the U.S. government, the command is working to mitigate threats to domestic and overseas systems.
This also translates to the ransomware fight. Nakasone said that elite cyber teams have taken numerous actions over the past year to combat ransomware, in partnership with other federal entities in the law enforcement realm and industry. These actions have sought to disrupt and degrade the operations of ransomware groups.