Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

US, Estonia Partnered to Search Out Cyber Threat From Russia

In the modern twist on old-fashioned war games, the U.S. military dispatched cyber fighters to Estonia this fall to help the small Baltic nation search out and block potential cyber threats from Russia. The goal was not only to help a NATO partner long targeted by its powerful neighbor but also to gain insight on Russian tactics that could be used against the U.S. and its elections.

In the modern twist on old-fashioned war games, the U.S. military dispatched cyber fighters to Estonia this fall to help the small Baltic nation search out and block potential cyber threats from Russia. The goal was not only to help a NATO partner long targeted by its powerful neighbor but also to gain insight on Russian tactics that could be used against the U.S. and its elections.

The U.S. Cyber Command operation occurred in Estonia from late September to early November, officials from both countries disclosed this week, just as the U.S. was working to safeguard its election systems from foreign interference and to keep coronavirus research from the prying reach of hackers in countries including Russia and China.

Estonian officials say they found nothing malicious during the operation.

The mission, an effort analogous to two nations working jointly in a military operation on land or sea, represents an evolution in cyber tactics by U.S. forces who had long been more accustomed to reacting to threats but are now doing more — including in foreign countries — to glean advance insight into malicious activity and to stop attacks before they reach their targets.

The Defense Department has worked to highlight that more aggressive “hunt forward” strategy in recent years, particularly after Russia interfered through hacking and covert social media campaigns in the run-up to the 2016 presidential election. American officials were on high alert for similar interference in 2020 but described no major problems on Nov. 3.

“When we look at the threats that we face, from Russia or other adversaries, it really is all about the partnerships and our ability to expand really the scope, scale and pace of operations in order to make it more difficult for adversaries to execute operations either in the United States, Estonia or other places,” Brig. Gen. William Hartman, commander of the Cyber National Mission Force, said in a conference call with a small group of reporters this week.

Estonia, a former Soviet republic, was in some ways a natural fit for a partnership with Cyber Command because in years past it has been a cyber target of nearby Russia, including crippling attacks on government networks in 2007.

Estonian officials say they have since strengthened their cyber defenses, created a cybersecurity strategy and developed their own cyber command, which like the U.S. version is part of the country’s military.

Advertisement. Scroll to continue reading.

While nothing malicious was found on the networks during the exercise, “what we did learn is how the U.S. conducts these kinds of operations, which is definitely useful for us because there are a lot of kind of capability developments that we are doing right now,” said Mihkel Tikk, deputy commander of Estonia’s Cyber Command.

Tikk added: “In some areas, it is wise to learn from others than having to reinvent the wheel.”

Hartman declined to discuss specifics of the operation but said the networks in Estonia were “very well defended.”

“I don’t want anyone to leave here with the impression that Estonian networks were full of adversary activity from a broad range of nation states” because that is not the case, he added.

Gen. Paul Nakasone, the commander of Cyber Command and the director of the National Security Agency, has hinted at a more aggressive, proactive federal government approach to cyber threats.

In an August piece for Foreign Affairs magazine, for instance, Nakasone wrote that U.S cyber fighters have moved away from a “reactive, defensive posture” and are increasingly engaging in combat with foreign adversaries online.

Cyber Command has worked in past years with countries including Montenegro and North Macedonia on similar missions. Estonian officials say they believe the partnership could be a deterrent to countries such as Russia.

“These kinds of operations, I think, they will continue,” said Undersecretary of Defense Margus Matt. But, he added, “I don’t know how much we will speak of them publicly.”

U.S. officials say they think the risks of a proactive approach — a country could regard such an operation as a provocation toward a broader international cyber conflict — are outweighed by the benefits.

“We believe that inaction in cyberspace contributes to escalation more than reasonable action in cyberspace,” said Thomas Wingfield, deputy assistant secretary of defense for cyber policy.

RelatedUS, UK and Estonia Accuse Russia of Cyber Attack on Georgia

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...