US deploys more cyber forces abroad – Security




CNMF commander William Hartman

US Army, CNMF

The United States is sending more of its cyber forces abroad to help foreign governments fight hackers, a top US military official said at the RSA cyber security conference in San Francisco.

In the last three years, the US military’s Cyber National Mission Force (CNMF) has conducted 47 such “hunt forward” defensive operations across 20 countries at the invitation of those nations, CNMF commander major general William Hartman said.

“The demand for that only increases, and they are not all the same,” Hartman said of the missions, speaking on the sidelines of the conference. 

The initiative reflects a broader push by the US government to improve collaboration with foreign allies on combating cyber crimes, which often cross borders.

Some of the largest known ransomware criminal gangs, for instance, have targeted multiple countries.

Hartman said CNMF had dispatched 43 specialists to Ukraine, which has been battling Russian cyber onslaughts amid the war there, which Russia calls a “special operation”.

“Those are defence teams we send, and (they) hunt for shared adversaries, find tools and capabilities,” Hartman said.

He said the CNMF was working closely with the top US cyber body, the Cybersecurity and Infrastructure Security Agency (CISA).

Both agencies had collaborated on thwarting potential attacks against three US federal agencies by foreign adversaries, said Eric Goldstein, CISA’s executive assistant director. 

“We notified the agencies, gave them guidance, and kicked off incident response. Simultaneously, we gathered all the information on the adversary infrastructure and shared it with CNMF,” he said.

Goldstein and Hartman declined to offer further details on the incident. 

A separate incident they disclosed during a joint presentation at the conference involved an Iranian hacking group that had breached voting systems in a US city that were used to report the 2020 election results.

The CNMF feared the hackers could make the system’s website “look like the vote had been tampered with,” but the agency revoked access, Hartman said.

“There was no impact to any election infrastructure,” Goldstein added.

“We want to make this a model – find the technical evidence to hand over to CNMF,” he said, adding that securing the 2024 US presidential election is a “top priority”.



Source link