The National Security Agency is on guard for foreign threats to the November elections and told The Washington Times it is banding together with private companies to thwart digital disruptions before they occur.

Details of the agency’s work to fight off foreign adversaries are shrouded in secrecy as warnings from security professionals have multiplied in recent weeks about attempted Iranian and Russian hacking.

America’s top cyber spy agency gave The Times a rare glimpse into its work with the private sector to ensure that cyberattackers targeting elections are stopped.

---

---

The NSA and U.S. Cyber Command mobilized their Election Security Group last year to begin identifying attackers, their aims and then fight back. The NSA relies on a separate team at its Cybersecurity Collaboration Center to make sure its private sector partners are kept informed of foreign threats that apply to the partner companies’ work, according to NSA’s Kristina Walter.

Ms. Walter, who took over the Collaboration Center in June, told The Times her team works “very closely” with the Election Security Group.

“If there’s an attempt for a malicious actor to abuse a U.S. platform to target elections, we can share that information through the Collaboration Center from the Election Security Group with that partner so that they can disrupt the activity,” Ms. Walter said in an interview at the Billington CyberSecurity Summit in Washington earlier this month.

The center has enlisted more than 1,000 cybersecurity companies to help foil hackers’ plans since the center launched approximately four years ago. Ms. Walter would not identify which specific companies the agency has engaged to support election security.

“It’s generally the big [internet service providers], the cloud providers, the managed service providers, the cybersecurity companies, those are the portfolios that we partner with to defend the defense industrial base as well and they are also capable of generally defending our elections as well,” Ms. Walter said. “We will work with them kind of at scale to do that.”

While the NSA is cautious about revealing too much information about its work with the private sector, cybersecurity professionals are often far less reserved.

Seated on a stage alongside Ms. Walter’s predecessor in charge of the Collaboration Center in March, CrowdStrike Senior Vice President Adam Meyers touted his company’s teamwork with NSA on matters involving election security and threats to the financial sector.

Mr. Meyers said then at the CrowdStrike Gov Threat Summit in Washington that the NSA had “sent us a lot of stuff” as part of its work with the spy agency.

Microsoft has similarly teamed with the NSA, particularly in defense of Ukraine against Russian cyberattackers.

The Election Security Group, which is separated from the team collaborating with the private sector, includes information specialists, planners, and operations specialists who leave domestic-focused work to the FBI and the Department of Homeland Security.

Cyber officials at NSA, FBI, and DHS’ Cybersecurity and Infrastructure Security Agency are busy pushing out information on foreign cyberattackers they observe targeting American infrastructure.

In August, the U.S. Intelligence community formally attributed hacking efforts targeting former President Donald Trump’s team to Iran.

“We have observed increasingly aggressive Iranian activity during this election cycle, specifically involving influence operations targeting the American public and cyber operations targeting presidential campaigns,” U.S. federal agencies said in a joint statement at the time. “This includes the recently reported activities to compromise former President Trump’s campaign, which the IC attributes to Iran.”

Last week, the NSA, FBI, and DHS partnered with several foreign governments to expose Russian military cyberattackers, referred to as Unit 29155, targeting U.S. infrastructure, among other things.

“FBI, NSA, and CISA assess Unit 29155 is responsible for attempted coups, sabotage and influence operations, and assassination attempts throughout Europe,” the agencies said. “Unit 29155 expanded their tradecraft to include offensive cyber operations since at least 2020. Unit 29155 cyber actors’ objectives appear to include the collection of information for espionage purposes, reputational harm caused by the theft and leakage of sensitive information, and systematic sabotage caused by the destruction of data.”