The so-called hunt forward missions involve cyber teams going to nations where they’ve been invited by partner countries, where they scan networks with the goal of building the host countries’ resilience and share any new information about threats with government and private industry circles back in the US.

Hartman said the Lithuanian operation, which the US and Lithuania revealed in an unusual disclosure earlier this week, was “moved up in the queue” because of the threat posed by Russia to Baltic states and other organisations in the region.

Margiris Abukevicius, Lithuania’s vice minister of national defense, said on Tuesday that the three-month operation had “offered a wealth of intelligence and skills” to participants.

The US initiated the hunt forward missions in 2018 and has now carried out 28 in 16 countries, on more than 50 networks, Hartman said. Estonia, Montenegro, North Macedonia and Ukraine have been among the nations publicly identified as having participated.

A mission to Ukraine in December was extended amid growing fears that war could soon break out. The team withdrew in February when the Defense Department pulled back personnel as Russia’s invasion plans became clearer. But Hartman said members of his command still talk to Ukrainian officials on a “daily” basis.

Read More: Nobody Knows Where the Red Line Is for Cyberwarfare

He insisted that the US operations in Ukraine and Lithuania were limited to friendly networks and should not trigger an escalatory response from Russia. “We’re not attacking Russia,” he said.

General Paul Nakasone, who leads U.S. Cyber Command, told Congress last month that US support to Ukraine and NATO allies and partners since Moscow began the invasion on February 24 had helped bolster efforts to repel Russian cyberattacks.

Some experts have been surprised that cyber weapons are playing a relatively limited role in Russia’s war on Ukraine, but Nakasone has urged caution.

“This idea that nothing has happened is not right,” Nakasone told a Vanderbilt University summit on modern conflict on Wednesday. “We don’t necessarily believe that by any means this is done.”

Nakasone said there had been a series of destructive attacks targeting Ukraine, including satellite communications. He added the Ukrainians have done “a tremendous job” defending their networks.

Ukrainian authorities have reported a more than threefold increase in cyberattacks since the war started compared with the same period last year. Microsoft. Corp. issued a report late last month saying Russian cyberattacks against Ukraine have been “relentless and destructive.”

But Hartman said that while the Russians had undertaken “a fairly competent operation,” citing an attack that took down part of Viasat’s satellite network at the onset of the invasion, Russian cyber operations against Ukraine since then have not been “well synchronized.” Viasat Inc. said on March 1 that it suffered a cyberattack, after the invasion, that affected thousands of residential and business internet customers in Ukraine.

“There doesn’t appear to me that there was a coordinated plan, which surprised us,” he said.

The Biden administration has warned Russia may carry out cyberattacks against US critical infrastructure in retaliation for punitive financial sanctions.

American officials have said that a cyberattack against a Nato country could trigger Article 5, the transatlantic alliance’s mutual defense clause. Lithuania is a Nato member. BM