U.S. launched "more than 2 dozen" cyber operations to protect election, top official says
Washington — U.S. Cyber Command conducted "more than two dozen" operations to counter foreign attempts to interfere with or influence the 2020 elections, General Paul Nakasone, who leads both the military's cyber arm and the National Security Agency (NSA), told a Senate panel on Thursday.
The disclosure was a rare, if still opaque, look into Cyber Command's involvement in government-wide efforts to protect the 2020 presidential election, which the U.S. intelligence community has said was targeted by multiple foreign actors, including Russia, Iran, China and others.
An assessment issued earlier this month by the Office of the Director of National Intelligence said there were "no indications" that any U.S. voting processes were altered in 2020 by any foreign nation, though several adversaries engaged in influence campaigns in apparent attempts to sway the election outcome.
In testimony before the Senate Armed Service Committee, Nakasone said that Cyber Command teams had conducted 11 "hunt forward" operations in nine different countries to protect the election. "Hunt forward" refers to the force's efforts to partner with allies to proactively counter or halt malicious cyber activity, including using offensive measures.
Teams from the NSA and Cyber Command are also known to have taken steps to defend the 2018 midterm elections, in part with an offensive cyber operation that took the Internet Research Agency, a Kremlin-linked troll farm known to wage influence campaigns, temporarily offline.
It was unclear whether the operations Nakasone cited on Thursday were defensive or offensive measures, or what or whom they targeted. He received praise from multiple senators for the work — much of it, they noted, done in secret — that NSA and Cyber Command had done to protect the country from foreign and cyber threats.
Nakasone, who assumed his dual posts in May of 2018, told the panel that 2020 presented "unique challenges" that would inform Cyber Command's activities over the next year.
Among those is continued fallout from the SolarWinds and Microsoft Exchange intrusions, both hacks with massive reach and implications for U.S. government and private computer networks. Nakasone said both demonstrated "a scope, a scale, a level of sophistication that we hadn't seen previously."
He told the committee that the NSA and Cyber Command, which are authorized to operate outside of the U.S. to track and counter foreign threats, were limited by U.S. laws and policies in what they could see domestically.
"It's not the fact that we can't connect the dots. We can't see all of the dots," Nakasone said. Adversaries "understand that they can come into the United States, use our infrastructure, and there's a blind spot for us not being able to see them."
"Being able to identify and being able to fix those areas are part of the resiliency of the nation that has to be addressed," he said.