Estonian and U.S. cyber commands jointly conducted a defensive cyber-operation on Estonian Defence Forces’ networks from September 23 to November 6. The operation, designed to counter malicious cyber actors, strengthened the cyber defense capability of both nation’s critical assets.
“Combined operations with our closest allies like U.S. are vital for ensuring security of our services. These kind of operations provide our operators an opportunity to exchange best practices as well as give us objective feedback on our current defense posture in cyber domain. This operation is another successful milestone in our cooperation with U.S. partners,” said Mihkel Tikk, Deputy Commander of Estonian Defense Forces Cyber Command.
Working together, cyber specialists from the U.S., referred to as “Hunt Forward” teams, and Estonian cyber personnel from Defense Forces Cyber Command, hunted for malicious cyber actors on critical networks and platforms. The U.S. had previously partnered with various countries throughout Europe, however, this defensive cyber operation marked the first of its kind between the U.S. and Estonia.
“Despite the challenges of a global pandemic, we safely deployed to Estonia, and other European countries, for several weeks to gain unique insight into our adversaries’ activities that may impact the U.S.,” said U.S. Army Brig. Gen. Joe Hartman, Commander, Cyber National Mission Force. “Our teams proactively hunt, identify and mitigate adversary malware and indicators. We then share that malware broadly, not just with the U.S. government but with private cybersecurity industry and allies, which directly increases the overall security of U.S. critical infrastructure and related networks.”
For the U.S., Hunt Forward teams play a crucial role in U.S. Cyber Command’s “persistent engagement”, an effort aimed at countering malicious cyber activity below the level of warfare. USCYBERCOM personnel are specially trained to secure and defend government networks and platforms against adversaries. The U.S. military’s Defend Forward strategy leverages key partnerships to address malicious cyber activity that could be used against U.S. critical infrastructure.
“Estonia is a digital society and we depend on cyber everywhere, as well as in defense. For us it´s really important to be one of the first Allies with whom the US has initiated this kind of joint operation, which enabled us to obtain an independent assessment on our networks. As a leader in cyber, it also provided Estonia an opportunity to share best practices to better protect our networks,” said Margus Matt, Undersecretary responsible for cyber defense at the Ministry of Defense of Estonia.
Both nations benefit from such partnerships as it provides an opportunity to improve cyber defense by assessing potential threats, while also contributing to global cybersecurity. Disclosing malware enables greater protections for users both in public and private sectors around the world.
“Cyber is a team sport – when it comes to halting threats from cyberspace, no one can go it alone,” said Thomas Wingfield, Deputy Assistant Secretary of Defense for Cyber Policy. “Our strategy hinges on collaborating with our allies and partners, with the private sector and academia, and with state and local governments to ensure cyberspace remains a safe, secure, and open engine of innovation and prosperity.” U.S. Cyber Command, in cooperation with U.S. European Command and NATO allies, continuously work to deter malicious cyber activity in the region.
The two countries have ongoing cooperation at various levels within USCYBERCOM, U.S. European Command, Maryland National Guard, and Sixteenth Air Force (U.S. Air Forces Cyber).
“U.S European Command’s robust Cyber Security Cooperation program is focused on building Allied and partner cyberspace operational capabilities, which strengthens trust and cultivates strong ties with our cyber partners throughout Europe. Through bilateral and regional security cooperation efforts and information sharing initiatives, we are able to further enhance our collective cybersecurity posture as well as enable Hunt Forward operations in our area of responsibility,” said U.S. Army Brig. Gen. Maria Biank, director of USEUCOM’s C4 and cyberspace directorate.
The main mission of the Estonian Cyber Command is to provide command support to the governance area of the Estonian Ministry of Defense. The establishment of the Command in 2018 has been part of the efforts to strengthen Estonian cyber defense posture and thereby contribute to ensuring the security of Estonia in general.