WASHINGTON — In the run up to the 2020 presidential election, U.S. Cyber Command conducted over two dozen missions to block foreign adversaries’ efforts to undermine voting integrity, the commander told senators Thursday.
“Over the past year, I emphasized the importance of defending the election against foreign interference,” Gen. Paul Nakasone said before the Senate Armed Services Committee. “U.S. Cyber Command conducted more than two dozen operations to get ahead of foreign threats before they interfered or influenced our elections in 2020.” He did not name the adversaries.
Defending elections has become an enduring mission for the Department of Defense, falling mostly on Cyber Command — a significant expansion from its creation — given adversaries find the digital domain fruitful to exploit.
Details regarding these operations are scarce given their sensitivity. However, Cyber Command has been public about using its unique authorities to operate outside the U.S. to act against malicious activity.
Previously, President Donald Trump confirmed media reports that Cyber Command shut out a Russian troll farm of cyber actors who sow false or inflammatory information on the internet. Cyber Command also sent targeted messages to certain Russian cyber operatives and Russian elites believed to be gearing up to conduct operations against the elections.
According to a declassified assessment of the 2020 election released this month by the Office of the Director of National Intelligence, Russia, Iran, Cuba, Venezuela and the armed Hezbollah party in Lebanon sought to conduct influence operations against the American populace. China did not engage in any activity associated with the election, the intelligence community assessed.
Nakasone said the command built upon lessons learned from earlier operations and strengthened partnerships with other federal entities, such as the Department of Homeland Security and the FBI, to ensure a secure election.
He lauded a new tool created in partnership with the National Guard Bureau across the states to allow them to share threats. The Cyber 9-Line, as it’s called, is a portal that allows states’ Guard units to pass potential threats to Cyber Command to defeat in foreign cyberspace and conversely provides Cyber Command a way to alert states of potential threats discovered during operations. Every state joined the effort prior to the election, Nakasone said in written testimony provided to the committee.
He also shared three lessons learned from the operations to protect the 2020 elections.
First, Cyber Command has to be prepared to act, if necessary.
“Threats can arise rapidly, and opportunities can be fleeting. Our ability to operate successfully in cyberspace is a function of streamlined processes, mission readiness, and the trust of our various mission partners,” his written statement to the committee read.
Second, Cyber Command’s partnership with the National Security Agency is the foundation to success. Since its creation Cyber Command has been located with NSA, sharing a “dual-hatted” leader, which allowed the organization to piggyback on NSA’s infrastructure, tools and highly knowledgeable cyber workforce while it was building out.
Cyber Command now also benefits from the rich intelligence NSA gains in its foreign signals intelligence mission. Nakasone created the Election Security Group, a combined Cyber Command-NSA team focused on election threats.
Despite the controversy surrounding whether it is time to split these two organizations, Nakasone said the dual-hat arrangement provides “speed, agility and flexible responses” for the nation.
“We operate in a domain that changes rapidly, and this change is measured in weeks, perhaps months. Being able to rapidly react to that as we’ve been able to prove in such things as securities of the elections in 2018 and 2020 is empowered by that relationship,” Nakasone told senators.
Third, Nakasone highlighted the benefit of working with foreign and domestic partners to share relevant and timely information.
“We enable our domestic industry, allies and partners by providing critical threat information and insights, which improves their ability to act under their unique authorities,” he said.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.