Why the USA is deploying its cyber forces abroad


The USA is deploying its cyber forces abroad to strengthen networks and expose hackers’ tools, as part of a global security effort.

Deployment of US cyber forces

Over the past year, US cybersecurity experts have been working in various countries, with the aim of improving the protection of computer networks and revealing the methods and tools used by malicious actors. These interventions, orchestrated by CYBERCOM’s Cyber National Mission Force (CNMF), included 22 international deployments, some taking place concurrently around the globe. According to statements made by General Timothy Haugh, head of CYBERCOM and the NSA since February, securing the IT systems of government, private sector and major infrastructures has become a top priority. Indeed, hostile agents are constantly adjusting their attack strategies, frequently targeting networks and devices under US jurisdiction.

These so-called “hunt-forward” missions are initiated at the request of partner governments, and aim to identify and neutralize threats before they reach national networks. This proactive approach not only counters potential attacks, but also improves understanding of the tactics, techniques and procedures (TTPs) employed by cybercriminals. The aim is to fortify defensive measures by anticipating adversaries’ movements, and adapting cybersecurity strategies accordingly.

CNMF uses advanced cybersecurity tools to analyze host countries’ digital infrastructures, detect vulnerabilities, and propose solutions to overcome these weaknesses. At the same time, identifying the tools and attack methods used by hackers enables specialists to develop effective countermeasures and share this knowledge with international partners, thus reinforcing the global security of cyberspace.

The commitment of the United States to these missions underlines the importance of close international collaboration in the fight against cybercrime, reflecting a common desire to defend critical infrastructures against digital threats. By sharing expertise and strategic information, the United States and its allies seek to establish a safer digital environment for all.


CYBERCOM’s persistent engagement strategy

So-called proactive research missions are carried out at the invitation of a foreign government, and are not always disclosed. They are part of CYBERCOM’s persistent engagement strategy, aimed at maintaining constant contact with adversaries and adopting a proactive rather than reactive approach. Haugh’s disclosure offers a rare glimpse into the CNMF’s often nebulous workload, with some countries preferring to keep such digital cooperation secret. In the past, the mission force has worked with Ukraine, prior to the Russian invasion; Albania, following Iranian cyber attacks; and Latvia, where malware was discovered. Other deployments have taken place in Estonia, Croatia, Lithuania, Montenegro and Northern Macedonia.

Cyber budget increase

The Department of Defense has requested $14.5 billion for cyber activities for fiscal year 2025, around $1 billion more than the Biden administration’s previous request. This figure is also up from FY 2023, which saw a request of $11.2 billion. Haugh emphasizes the importance of operational experience, which reinforces the need for global campaigns in and through cyberspace, under conditions of competition, crisis and armed conflict.

By extending its cyber footprint beyond its borders, the United States is striving not only to protect its own infrastructure, but also to contribute to the global security of cyberspace. This initiative highlights the growing importance of cyberspace in national and international security strategy, underlining the need for nations to work closely together to counter emerging cyber threats.

War Wings Daily is an independant magazine.