More than a month before Russian troops invaded Ukraine in February, a cyberattack took down several of Ukraine’s government websites. An ominous message greeted visitors: “… be afraid and expect the worst. This is your past, present and future.”
While Europe hasn’t seen this level of kinetic activity since World War II, this hybrid war started in cyberspace. It’s an environment where actors can increase their power, degrade others, and gain a strategic advantage — often at a very low cost.
In the weeks leading up to and following Russia’s invasion in Ukraine, at least seven new families of destructive data wipers were used. One even attacked satellite broadband service to disrupt Ukraine’s military communications on the day of the invasion but spilled beyond the conflict, impacting critical infrastructure remote monitoring of wind turbines in Germany, emergency services in France, and internet access of select users in Europe. Industry observed and reported on many of these destructive wipers, demonstrating their unique insights into the conflict.
The Russian threats did not stop with Ukraine. Hacktivists targeted our Defense Industrial Base and the communications and weapons systems of EUCOM and NATO were in the crosshairs of our adversaries. The keys, codes, and cryptography we provide are vital: Encryption is the last line of defense.
Our focus extends beyond the Russia-Ukraine conflict, but this example demonstrates the complex environment. Our approaches must scale for China, Iran, North Korea, cybercrime, and other threats.
In addition to the insights we receive from industry, we are committed to contributing our unique value to the conversation: foreign intelligence, practical experience with exploitation tradecraft, and deep technical expertise of our adversaries.
Often, what we know is not as sensitive as how we know it. Our insights are useless unless someone can take action with them. We empower our industry partners to act on that information, and benefit from both their action and their insights.
Our Cybersecurity Collaboration Center (CCC) has formed hundreds of industry partnerships with the goal of better protecting our Defense Industrial Base and sensitive government systems. The intelligence picture we build, and security improvements we make together, scale far beyond defense contractors. For
example, we reach a cumulative, estimated 2 billion endpoints through sharing info to technology providers and cybersecurity companies.

We aren’t just throwing our partners an IP address over our barbed-wire fences, either.
In the last year, we’ve performed 10,000 robust bidirectional exchanges through our CCC. We work with industry to investigate the unknown and our partners often take actions that have global implications, such as issuing patches for zero-day vulnerabilities before our adversaries can perform widespread
These efforts are critical because our adversaries are conducting increasingly sophisticated and broad intrusions with consequences that transcend international borders. For our most important secrets, they
will go to significant lengths and we must defend with rigor and depth.
We must form collaborative campaigns to counter nation-state and cybercriminal threats that put our national security at risk.
They have to combat immediate threats like Russia as well as pervasive threats like China.
Our aptly-named Adversary Defeat team is leading the charge in this area by collaborating with our interagency partners to generate outcomes against our highest priority threats.
We work across a wide array of departments and agencies, each with unique, complementary
authorities, capabilities, and cultures.

When we each come to the table with a shared objective, we can disrupt and degrade
malicious cyber activity.
As the scope of malicious cyber incidents and the sophistication of our adversaries grow, it will take a unified public-private sector strategy to gain the competitive advantage in this environment.
Our power is in partnerships. Strategic collaboration across security and intelligence spheres, and across classified and unclassified settings, results in increased speed and agility.
We are preparing for the transition to quantum-resistant cryptography to protect ourselves into the future. That protection not only goes into our networks, but the weapons platforms and other technology we rely on.
We have to recognize networked computers are in every facet of our environment and change culture to secure all of them. Tools like National Security Memorandum 8 that give directive authorities to improve the cybersecurity of National Security Systems are improvements that enable such action.
Cybersecurity is national security and we all have an important role to play. We need leaders who recognize the threat, drive a culture that emphasizes robust security, and lean on partnerships. Leaders must emphasize a culture of cybersecurity and provide their teams with resources to secure their systems.
We need cybersecurity at scale.


Leave a Reply

Your email address will not be published. Required fields are marked *