US Cyber Command’s No. 1 Priority: November 2024 Election

SAN FRANCISCO – If bad cybersecurity actors are ever going to be kept from causing mayhem in our businesses, personal lives and elections, there’s a formidable list of federal government security agencies that all have to work nicely together to accomplish this. They are:

• Department of Defense;
• National Security Agency;
• Department of Homeland Defense;
• Cybersecurity and Infrastructure Security Agency (CISA); and
• U.S. Cyber Command’s (USCYBERCOM) Cyber National Mission Force (CNMF)

Of course, the FBI, Secret Service, CIA and state and local law enforcement also play their roles, but when it comes to cybersecurity, the perpetrators are nearly always international, thus requiring a federal response. Making sure all these entities are on the same page when a crisis occurs is no easy chore, but U.S. Army Maj. Gen. William J. Hartman, Commander for Cyber National Mission Force, and Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, told a gathering of reporters and conference-goers here at RSA Conference 2023 on April 24 that never before have they seen such smooth cooperation across jurisdictions at the national level.

No Issues

Item No. 1 upon which they all agree is this: They want absolutely no issues to come up during the 2024 presidential and statewide elections. A year and a half ahead of the Nov. 5, 2024, event, a cross-agency task force from each of the above agencies is already meeting and creating agendas and spreadsheets and hiring help in order to keep interlopers and intruders away from election data during the weeks and months leading up to that date.

Let’s face it: These powerful folks are required to join hands and work together if there is any progress on stopping cartels, powerful enterprises and rogue nation-states from defrauding governments, businesses, non-profits and individuals all over the world. The bad guys are simply too advanced, too sophisticated for anything less than top-notch teamwork.

“Both unity and authentication in all our messaging is absolutely essential,” Goldstein said. “This is a reason why virtually all of our joint advisories are joint sealed. This is why we think it’s so important to have dialogues like this one. We understand that when the government speaks with one voice — that speaks with unity — it is more effective, clear and causes less confusion going forward.”

Goldstein said that the task force is meeting daily with secretaries of state and state and local election officials “to make sure they are getting the right assessments and information services to meet their needs. Within CISA, we’re focusing on developing the right information and guidance for local officials to help them harden (their own security) well ahead of the election.”

On the international front, Hartman said, “Nation-states don’t create new malicious cyber actors in order to influence elections. They have existing malicious cyber actors; they re-prioritize what they’re doing based on our election cycles. So for us, we never stop developing our understanding of what the adversaries are doing, and our intent in 2024 — just like in 2022, 2020 and 2018 — is to make sure we’re positioned to protect our democratic processes from the lost likely malicious cyber actors we think will be poised as threats.”

Diverse Attacks

The Cyber Command has seen a real diversity in the types of ransomware attacks in the 160-plus events that have been reported thus far this year, Goldstein said.

“It’s gone across sectors, from health care to education, to manufacturing and so on. Our aim is to get this information quickly, so we can get it (the malware) out, and so they (the victims) can mediate before harm occurs,” he said.

Goldstein said the federal government has made “a lot of progress, even over the last year,” in getting these far-reaching and highly populated agencies together to get their work done efficiently and without egos getting in the way.

“A lot of this work is fairly new and novel and has been maturing,” Goldstein said. “We like this RSA event to talk about these trends and the good work of collaboration of our partners abroad.”