What Is the US Cyber Command? | #emailsecurity | #phishing | #ransomware

The United States Cyber Command (USCYBERCOM) is headquartered alongside the National Security Agency (NSA) in Maryland. They operate globally against terrorists and countries alike (North Korea, Iran, and Russia).

The organization is not entirely comprised of cyber soldiers; there are also a lot of intelligence, technical, and informatics personnel. These soldiers, sailors, marines, and airmen do not only defend the nation’s networks and infrastructure from cyberattacks, but also actively hack adversaries to gather intelligence, conduct psychological operations, and destroy online infrastructure.


Where Does the US Cyber Command Fall Under?

The United States Cyber Command belongs to one of the Department of Defense’s (DoD) eleven unified functional combatant commands. There are four unified commands: Cyber Command, Special Operations Command, Strategic Command, and Transportation Command. The rest are the Africa Command, Central Command, European Command, Indo-Pacific Command, Northern Command, Southern Command, and Space Command.

A Brief History of the US Cyber Command

The US Cyber Command was initially established as a sub-unified command of the US Strategic Command until its official creation in 2009. Still, its predecessor dates back to the Cold War when the US military recognized the importance of protecting military and civilian computers and networks. According to the USCYBERCOM official history, the US military was already experiencing hacking attacks as soon as the 1980s, primarily related to cyberespionage.

It wasn’t’ until 1995 that the DoD acknowledged that military and government networks were highly vulnerable to foreign cyberattacks and thus needed a specific task force to fight this new threat. And so, in 1998, the Joint Task Force-Computer Network Defense (JTF-CND) was created. This TF was then renamed the Joint Task Force – Computer Network Operations (JTF–CNO) and was assigned under the US Space Command (USSPACECOM) until 2002 when it was later re-assigned to the USSTRATCOM.

Then, in 2004, the Joint Chiefs of Staff declared cyberspace as a conflict domain (alongside the air, land, sea, and space domains) where cyber warfare could be waged. Until then, the JTF-CNO mission had been to defend networks, while now it was divided into offensive and defensive operations. The division created the Joint Task Force – Global Network Operations (JTF–GNO) and the Joint Functional Component Command – Network Warfare (JFCC–NW). Eventually, these two task forces merged in 2010 to form the USCYBERCOM.

And the United States is not the only one deeply concerned about cyber warfare and cyber defenses, NATO is also improving its cyber capabilities as countries like Russia’s FSB and GRU cyber divisions, North Korea’s Bureau 121, and China’s PLA Strategic Support Force cyber wing actively compete for the domain of the cyberspace.

How Many People Work at the US Cyber Command?

The US Cyber Command is divided into 133 Combat Mission Force (CMF) teams specializing in several missions. According to the USCYBERCOM website, teams specialize in seeing adversary activity, blocking attacks, supporting combatant commands, defending the DoD information network, and preparing cyber forces for combat.

All in total, around 5,000 military and civilian personnel are working in these 133 teams. Most are full-time cyber soldiers, but approximately 15% are estimated to be civilian or reserve cyber operators. The advantage of having civilian cyber workers is that they come with expertise and training from some of the country’s most prominent universities and companies. Sometimes, the experience received there is far superior to those offered at the military’s academies and schools.

What Are the Sub-Commands of the US Cyber Command?

The United States Cyber Command has different sub commands, which are:

  • ARCYBER: US Army Cyber Command, which supports the US Central Command (USCENTCOM), US Africa Command (USAFRICOM), and US Northern Command (USNORTHCOM)
  • AFCYBER: Sixteenth Air Force (Air Forces Cyber), which supports the US European Command (USEUCOM), US Strategic Command (USSTRATCOM), and the US Transportation Command (USTRANSCOM)
  • FLTCYBER: US Tenth Fleet/Fleet Cyber Command, which supports the US Indo–Pacific Command (USINDOPACOM), US Southern Command (USSOUTHCOM), and US Space Command (USSPACECOM)
  • MARFORCYBER: US Marine Corps Forces Cyberspace Command, which supports the US Special Operations Command

The United States Cyber Command has carried out several operations over the past decade, many of which we probably don’t even know of, but here are the most prominent ones.

Natanz Nuclear Facility

One key aspect of cyber warfare is that it is deniable, and nations love that, just like with the Colonial Pipeline attack. Another good example is when Iran suffered a massive hack in their Natanz nuclear facility in 2010, which erased over 1,000 nuclear centrifuges and sent Iran’s atomic program back by two years. It is not confirmed but based on the geopolitical climate at the time, most specialists believe it was the US. If that were true, the NSA and possibly the US Cyber Command could have been involved.

Midterm Elections

One operation where the United States Cyber Command was involved was with the Election Security Group (ESG), which was put in place in 2020 to defend the midterm elections. This was done over previous concerns over foreign interference in the 2018 US elections.

War in Ukraine

USCYBERCOM has also been deeply involved in the current war in Ukraine. As the Russian military cyber teams try to hack Ukraine’s critical infrastructure (power plants and telecommunications) to cause service disruptions among the military and civilians, US cyber soldiers have been hard at work providing remote analytical support and conducting defensive operations to shield Ukraine’s vulnerable networks. Hacking critical infrastructure has always been a favorite target for cybercriminals and cyber military units.


One of USCYBERCOM’s most successful operations was that against ISIS. During the ISIS insurgency, a special joined task force named was created to conduct offensive cyber operations and gather intelligence. Believe it or not, JTF-Ares greatly supported the defeat of ISIS by degrading their accounts, disrupting their cyber operations, and denying them access to the internet.

The task force started by mapping out all ISIS accounts, IP addresses, and individuals uploading propaganda online to create a target list. Mapping ISIS eventually gave USCYBERCOM a list of every financial account, IP address, domain, and email account. This was done by analyzing all ISIS media, reviewing their financial transactions, and accessing their file-sharing drives.

Then, Operation Glowing Symphony followed. This operation consisted of cracking and crashing all ISIS’s networks at once, and it all started with a phishing email an ISIS member clicked. Once inside the network, cyber soldiers commenced opening back doors and installing malware on different servers while stealing passwords, encryption keys, and all other valuable information. They gathered intelligence from all the hacked data, took screenshots, and destroyed them; ISIS websites, magazines, online groups, and mobile apps were all taken down at once.

Cyber soldiers also created confusion among ISIS fighters as they slowed downloads, locked users off their social media accounts, and drained cellphone batteries, among many other things. This was part of what the military calls PSYOPS (psychological operations), and it was all done in a way that seemed like an IT problem rather than an army cyberattack.

The US Cyber Command May Be Helpful to You

Since the 1980s, cybercriminals and foreign countries have been trying to hack the US government and military networks for commercial and political goals. These included critical infrastructure and confidential networks. As a result, a special task force was formed to counteract these online criminal and espionage activities, which eventually evolved into the US Cyber Command, with a defensive mission that would shield critical networks to civilians and military organizations from hackers.

Today, the US Cyber Command has also become an offensive force that fights terrorism and other countries’ cyber forces attempting to disrupt elections, healthcare services, infrastructure, etc., in what has become today’s cyberwarfare. Therefore, you may indirectly benefit from the US Cyber Command’s operations in one way or another.

Original Source link

Leave a Reply

Your email address will not be published.

sixty nine − 60 =