Written by Suzanne Smalley
U.S. Cyber Command wants more tech companies and others on the front lines of the global fight to secure the internet to share more cybersecurity intelligence so the organization can improve its defensive capabilities, the director said Monday. Cyber Command executive Dave Frederick in an interview.
Frederick said Cyber Command routinely shares intel it gleans from so-called “forward hunt” operations, defensive cyber missions conducted alongside partners, but needs more private companies to fully report. cyber incidents so that Cyber Command can learn from them.
Frederick, who was at an industry webinar hosted by Billington CyberSecuritysaid Cyber Command’s 27 hunting operations over the past two years allowed partner nations to “immediately bolster their network defenses” and gave Cyber Command “unique software intelligence.” malicious opponents that we then bring home”.
This information not only informs the Department of Defense’s cyber defense strategy, but is also shared with the private sector, he said.
“We are able to share indicators of compromise, new malware samples that we discover from hunting, with the wider cybersecurity community, and they are then able to create signatures to detect these malware and essentially disrupt adversary operations targeting the U.S. civilian sector,” Frederick said. “It’s almost like giving an antidote to a virus, so that really turned out to be a great model. “
Forward hunting missions began in 2018 as part of Cyber Command’s work to improve election security and have grown since then, Frederick said. So far, Cyber Command has partnered with 16 countries, covering 50 different networks, including Estonia, Montenegro, and Ukraine.
Last month, the head of Cyber Command, General Paul Nakasone, said an advance fighter team had traveled to Ukraine in December to help strengthen defenses against cyberattacks.
Frederick said Cyber Command needs help from private industry, especially to improve the technology used for mission capabilities and collective defense. Cyber Command secures, operates and defends DOD computer systems, whose 4 million endpoints by 2022 make it one of the largest in the world, he said.
“Our joint cyber warfare architectures are quite a complex set of systems,” Frederick said. “It’s a group of programs that provide us with our big data platform capability, our offensive weapons and tools, our defensive tools and defensive sensors, and command and control.”
Frederick said industry support and collaboration was also needed to sustain what he called the “world-class” training environment that Cyber Command provides.
Cyber Command has good relationships with defense and telecommunications companies, but Frederick pointed out that more companies in all sectors need to report cyber incidents.
“Nearly all of America’s critical networks are privately owned and operated, and something we need to do our job better is early warning,” he said. “If we have businesses that see they’re being exploited by a malicious cyber actor, if we can get guidance on that, it helps us prepare and understand what we might need to do to respond from the perspective of the DOD.”
Frederick said the command is now focused on how it should apply artificial intelligence and machine learning to its mission capability. “This is an area that you will see more emphasis on in the future from the command.”