U.S. Cybercom Targets China In its Global 'Hunt-Forward' Campaign
US Cyber Command’s deputy chief has confirmed that the command’s “hunt-forward” operations have been “very effective” in blending offensive and defensive cyber operations, adding that operations were conducted in more than a dozen countries over the last few years, Brad D. Williams reported for Breaking Defense.
Photo Insert: Marine Corps Gunnery Sgt. Nathaneal Register, with Marine Corps Cyberspace Warfare Group, Cyber Protection Team 651, uses his computer to test the vulnerability of opposing teams in the Marine Corps 2021 Cyber Games at Fort Meade, Md.
Air Force Lt. Gen. Charles “Tuna” Moore said that since 2018, the command has conducted “well over” 24 hunt-forward operations in 14 countries, during which it has discovered 30 new pieces of malware. Moore said the new, aggressive stance has prompted increased demand for partnerships from foreign nations.
Cybercom Commander Gen. Paul Nakasone had previously characterized hunt forward as deploying US teams to allied nations to identify adversary operations and cyber vulnerabilities on their networks.
The information derived is then shared with partners and used to bolster US defenses. Hunt forward can also entail elements of offensive and information operations.
Hunt forward is one of two “constructs” of persistent engagement, Nakasone has said. Persistent engagement is the Cybercom doctrine that total cyber deterrence is futile, and the best defense is, in part, a good offense. Or, as Moore said today, the US has to be in “constant contact” with adversaries in cyberspace.
Cybercom is closely tracking China, which continues its operations focused on stealing intellectual property, including data from the US defense industrial base.
“China is the number one priority. Therefore, it’s Gen. Nakasone’s number one priority,” Moore said. “We’re working with Indo-Pacific Command to see what types of cyber effects are needed.”
But, he noted, it’s not just within Indo-Pacific region. “China has aspirations from a global perspective,” Moore said, adding, “they also have vulnerabilities from a global perspective.”