The U.S. Cyber Command has sent teams to Europe, the Middle East, and Asia as part of increased U.S. efforts to track down Russian, Iranian, Chinese, and North Korean hacking groups ahead of election day.
Military officials told the New York Times that Cyber Command, which runs the military’s offensive and defensive cyber operations, has expanded on efforts it began in 2018 to track foreign hacking operations and identify the methods they were using to break into computer networks.
2018 efforts primarily focused on counteracting Russian cybersecurity threats, but have expanded with cyber teams being sent to the Middle East and Asia. A U.S. intelligence report in August warned of Russian efforts to denigrate Democratic presidential candidate Joe Biden, and Chinese and Iranian efforts to undermine President Donald Trump.
“Since 2018, we have expanded our hunt forward operations to all major adversaries,” Lt. Gen. Charles L. Moore Jr., the deputy head of Cyber Command, told the New York Times in an interview at Fort Meade, Maryland.
Cyber Command refers to its efforts to proactively find hacker groups as “Hunt forward operations.” Cyber Command efforts are reportedly aimed at getting close to foreign hacker groups to identify and potentially stop cyberattacks against the U.S.
Moore described the Cyber Command actions as a proactive effort to defend against hackers. He told the New York Times, “We want to take down the archer rather than dodge the arrows.”
Cyber Command continued to assist in operations against potential cyber-attacks following the 2018 election and Moore said the anti-hacking past Election Day in 2020.
“We are not stopping or thinking about our operations slacking off on Nov. 3,” Moore told the New York Times. “Defending the election is now a persistent and ongoing campaign for Cyber Command.”
In 2018 Cyber Command reportedly sent teams to North Macedonia, Montenegro and other countries to learn more about Russian operations. Cyber Command also sent warnings to potential Russian trolls and reportedly worked to keep at least one Russian troll-farm offline on election day during the 2018 U.S. midterm elections.
Cyber Command also reportedly identified malware being used by hacking groups and other government agencies used that information to help state and local officials protect their election systems.
The FBI and the Cybersecurity & Infrastructure Security Agency (CISA) warned on Friday that Iranian hackers had obtained voter registration information from at least one U.S. state and were using it to send intimidating emails to voters.
“The attacks are always ongoing; that is why Cyber Command’s ongoing work with other countries’ military cyberoperations is our best way to be on offense to protect American interests,” Theresa Payton, a cybersecurity expert and a former official under the George W. Bush administration, told the New York Times.
