The Cyber National Mission Force officially became the Department of Defense’s newest subordinate unified command during a ceremony at U.S. Cyber Command Headquarters here, Dec. 19, 2022, highlighting the evolution of a persistent, professional cyber force today and into the future.
CNMF is the U.S. military’s joint cyber force charged with Defending the Nation in cyberspace through full-spectrum operations, including offensive, defensive, and information operations.
U.S. Army Gen. Paul M. Nakasone, commander of U.S. Cyber Command, was the establishing officer and officiated the elevation ceremony.
“This [CNMF] command is so special because they’ve always been on the cutting-edge in terms of the operations we’ve conducted,” said Nakasone, who previously served as one of its commanders. “This is the command within U.S. Cyber Command that has always taken that first step forward. The future holds a lot for the Cyber National Mission Force.”
CNMF supports U.S. Cyber Command and national priorities such as election security, ransomware, cyber espionage, and other crisis and contingency operations.
According to Maj. Gen. William J. Hartman, the commander of CNMF, the sub-unified command designation reflects the success of CNMF in election defense, the Russia-Ukraine crisis, counter-ransomware operations, global hunt operations and support to thousands of operations of national significance.
“What this designation is really about is the maturity of the Cyber National Mission Force as a forward-looking organization to defend the Nation,” Hartman added. “It’s about building a sustained readiness model that enables us to stay in a fight. It’s about our people: how we develop a dynamic model to recruit, assess, train and retain the world’s most talented cyber force.”
CNMF in the past and present:
Since its inception in 2014, U.S. Cyber Command’s Cyber National Mission Force has rapidly evolved to meet the needs of the Nation, and has participated in, or responded to almost every national crisis the U.S. has faced.
Officially activated Jan. 17, 2014, CNMF was created to fill U.S. Cyber Command’s need for an agile joint force that would engage adversaries in cyberspace. Initially, CNMF was compromised of 21 teams, 13 Cyber National Mission Teams and eight Direct Support Teams.
Today, CNMF is composed of 39 joint cyber teams organized in six task forces with 2,000-plus Soldiers, Sailors, Marines, Airmen, Coast Guardsmen, Guardians, and NSA and DIA civilians.
CNMF’s mission is to plan, direct and synchronize full-spectrum cyberspace operations to deter, disrupt and if necessary, defeat adversary cyber and malign influence actors.
CNMF is one part of the Dept. of Defense’s effort to defend cybersecurity as national security, and it partners closely with DHS, FBI, and other agencies, as well as industry, academic, and international partners.
“This has been a command that has understood from Day One, that our strength comes from a series of partnerships,” Nakasone said. “We begin the with National Security agency, a partnership that exists between our command and our agency.”
NSA intelligence is foundational to CNMF operations, driving to mission outcomes, according to Hartman. “It’s also thanks to the FBI, DHS, and other agencies across the government that are absolutely partnered to do the Nation’s work,” he added.
The evolution of CNMF to sub-unified command is a recognition of its current operations and contributions to nationally significant challenges.
“Today, we are a joint force focused on national priorities,” Hartman added. “We’re mature, we’re agile. We’re relentless. We are constantly adapting based on the needs of the Nation.”
What is a subordinate unified command?
A combatant commander establishes a subordinate unified command after authorization from the Secretary of Defense or the President, and are established to conduct a portion of the mission or tasking of their parent command.
The CNMF mission is broad, continuous, joint, and enduring in nature, consistent with the attributes of subordinate unified commands.
The establishment of CNMF as a sub-unified command is recognition of its enduring mission to combat foreign malicious cyber actors, reflecting its on-going success in support of national priorities and formalizing its organizational structure.
The elevation to sub-unified command will drive how forces are presented to CNMF, how these forces will be trained and what authorities the command will have. These key factors will enable a more ready force to execute U.S. Cyber Command and Department of Defense operations.
“The elevation to sub-unified command is really about how we will work with the services to ensure we have the right talent in the right places,” said Hartman. “It’s about building a force that can move faster than our adversaries, because we have the right set of equipment, the right authorities, and the right procedures that move with agility and speed.”
CNMF’s Evolution in the Cyber Domain
CNMF’s establishment as a sub-unified command is also a measure of how quickly cyber evolves and how the Department of Defense is evolving with it.
In 2010, Cyber Command was the military’s youngest sub-unified command. Now, Cyber Command has been elevated to the level of combatant command, and CNMF is the military’s newest sub-unified command.
Challenges in the cyber domain are constantly increasing, in both number and complexity. Since officially reaching fully-operational capability in 2018, CNMF has executed nearly 40 hunt forward operations, thousands of remote cyber operations and participated in, or responded to, almost every national security crisis the U.S. has faced.
“The CNMF executes full-spectrum operations against adversaries who threaten the U.S. and our allies and partners,” said Hartman. “We stand alert 24/7/365 to defend the nation, in close collaboration with our U.S. and allied partners.”
Beginning with the U.S. midterm elections in 2018, election security has become a top priority for both CNMF and the National Security Agency. This on-going focus ultimately resulted in the creation of the Russia Small Group, which later transitioned to the Election Security Group.
“Russia Small Group was a model for future success, but it was also a catalyst,” Hartman said, who took command less than a year after the 2018 midterms. “It was a catalyst that propelled the operations that we have conducted over the last number of years.”
Since 2020, the Department of Defense has considered election security an enduring mission, led by the ESG.
In addition to defending U.S. elections with the ESG, CNMF has disrupted activity related to the Microsoft Exchange hack, worked closely with interagency partners to impose costs on actors responsible for the Colonial Pipeline ransomware incident, and shared insights from those and other compromises to allow partners to better identify and defend against cyber threats.
“At the end of the day, it’s all about the people,” Nakasone said.
“The elevation of CNMF to a sub-unified command reflects the incredible dedication, professionalism and commitment of unit members, past and present,” expounded Hartman. “We are immensely proud of the contributions of all who made this happen.”