Cybersecurity

US deployed cyber ‘hunt forward’ team to Croatia

Central Security Service Chief Paul Nakasone is seen during a House Intelligence Committee hearing to discuss diversity in the intelligence community on Wednesday, October 27, 2021.

The U.S. Cyber Command recently deployed its “hunt forward” team for the first time in Croatia to help the Balkan country shore up its cyber defenses and networks against active threats.

The team, which is made up of U.S. military and civilian personnel, worked alongside Croatian intelligence and cybersecurity officials to look for malicious cyber activity and vulnerabilities.

“It was an honor to send some of our best defensive operators to Croatia, to hunt for shared threats alongside our partners — we want to bring both expertise and talent to our partner nations, while seeing cyber adversaries who may be threatening our nation,” said U.S. Army Maj. Gen. William Hartman, commander of the U.S. Cyber Command’s Cyber National Mission Force.

The agency often sends the team overseas to assist allies in strengthening their cybersecurity defenses as well as collect information on adversaries’ cyber activities.

“This kind of partnership in cybersecurity is essential in today’s world as it expands our reach and capabilities,” said Daniel Markić, director of the Croatian Security and Intelligence Agency.

“We face the same adversaries and threat actors in cyberspace, and we both gain and share valuable insights into cyber resilience as it has become the key objective for national security,” Markić added.

The “hunt forward” team has so far conducted 35 operations in 18 countries, including Estonia, Lithuania, Montenegro, North Macedonia and Ukraine.

The U.S. mission to Croatia comes amid a series of cyberattacks that have targeted the Baltic states. 

This week, Estonia said it successfully thwarted a cyberattack that targeted its public and private institutions. The attack follows the removal of a Soviet war monument from an eastern Estonian city bordering Russia.

Killnet, a Russian-backed hacking group, claimed responsibility for the attempted attack against Estonia, Reuters reported.

The group was also reportedly behind a cyberattack that hit Lithuania’s public and private sector websites in June. 

Killnet claimed the attack against Lithuania was in retaliation for the country’s decision to halt the shipment of some goods to Russia’s Kaliningrad exclave, a region situated between Poland and Lithuania. 

In addition to conducting defensive cyber operations, the U.S. has also participated in offensive cyber operations in support of Ukraine. In June, Gen. Paul Nakasone, the head of U.S. Cyber Command, publicly confirmed for the first that the U.S. had helped Ukraine on the offensive side. 

“We’ve conducted a series of operations across the full spectrum: offensive, defensive, [and] information operations,” Nakasone said at the time during an interview with Sky News, a British television news channel. 

Although the general did not provide specifics, he said the operations were lawful and conducted with civilian oversight of the military.