Cyber Command deployed personnel to Estonia to protect elections against Russian threat

It was part of a broad effort to secure the 2020 vote from foreign interference.
army cyber command
(U.S. Army photo by Staff Sgt. Kelvin Green)

Personnel from the U.S. Department of Defense’s Cyber Command deployed to Estonia in recent months as part of a broader effort to protect U.S. elections against foreign hacking, American and Estonian officials announced Thursday.

The mission allowed personnel from U.S. Cyber Command and Estonia’s Defense Forces Cyber Command to collaborate on hunting for malicious hacking efforts on critical networks from adversaries, officials said. Estonia in particular could help the U.S. glean intelligence about Russian cyber-operations, as it has borne the brunt of Russian hacking in the past.

Montenegro, a perennial target of Russian hacking, has also worked with Cyber Command on similar missions, known as “Hunt Forward” missions, to protect the 2020 presidential elections against foreign hacking.

As the thinking goes, Cyber Command can run these kinds of operations to help protect a foreign ally against intrusions conducted by shared adversaries, while also obtaining information that could help protect U.S. assets.


The operation in Estonia lasted from Sept. 23 to Nov. 6, according to a press release.

It’s the kind of mission Cyber Command has said is crucial to protecting U.S. elections against foreign meddling. Following the presidential election, election officials throughout the country signed a statement saying the election was the most secure in U.S. history. There is no evidence that voting machines have been manipulated by a foreign power, according to Chris Krebs, who President Donald Trump fired from his role as director of the Cybersecurity and Infrastructure Security Agency for saying the election was secure.

It was unclear what impact the deployment to Estonia had on protecting the 2020 presidential elections against foreign hacking. No malicious activity was detected during the mission, according to the Associated Press.

In the past, such missions have helped the Department of Defense obtain information about adversaries that has spurred on the inoculation of “millions of systems,” Gen. Paul Nakasone, the Commander of Cyber Command, said in August.

The deputy commander of Estonia’s Cyber Command, Mihkel Tikk, said Estonia learned about how to better hunt for and protect against adversarial malware as a result of the mission.


“What we did learn is how the U.S. conducts these kinds of operations, which is definitely useful for us because there are a lot of kind of capability developments that we are doing right now,” Tikk told reporters.

The Hunt Forward missions, which were first launched in partnership with Ukraine, Montenegro and North Macedonia to protect the 2018 midterm elections against potential foreign meddling in the U.S., go beyond just concerns about Russian interference.

Cyber Command and the National Security Agency, which Nakasone also leads, jointly ran a task force focused on Russian interference efforts following the 2016 elections and Russia’s meddling attempts. It expanded last year to include threats from China, Iran, and North Korea. The group, called the Election Security Group, has also incorporated protecting against ransomware threats into its agenda.

Shannon Vavra

Written by Shannon Vavra

Shannon Vavra covers the NSA, Cyber Command, espionage, and cyber-operations for CyberScoop. She previously worked at Axios as a news reporter, covering breaking political news, foreign policy, and cybersecurity. She has appeared on live national television and radio to discuss her reporting, including on MSNBC, Fox News, Fox Business, CBS, Al Jazeera, NPR, WTOP, as well as on podcasts including Motherboard’s CYBER and The CyberWire’s Caveat. Shannon hails from Chicago and received her bachelor’s degree from Tufts University.

Latest Podcasts