Cyber surge: How CAF and allies supercharged Latvia’s defence

July 29, 2025 – Defence Stories

Estimated read time – 2:15

By: Major Christopher Daniel, CAFCYBERCOM Senior Public Affairs Officer

Under Operation REASSURANCE, the Canadian Armed Forces (CAF) Cyber Task Force 2 (CyTF2) deployed in Latvia plays a key role in NATO’s cyber defence, safeguarding critical civilian digital infrastructure and deterring cyber threats. Composed of deployed cyber operators from the Canadian Armed Forces Cyber Command (CAFCYBERCOM), CyTF2 brings specialized expertise to the frontline of NATO’s cyber defence efforts.

A highlight of this mission was a recent month-long multinational cyber surge conducted in summer 2025 an intensive threat hunting operation led by Maj Kiernan Broda-Milian, Commander of CAF CyTF2, alongside the Cyber Incident Response Institution of the Republic of Latvia., CERT.LV. This surge dramatically increased Latvia’s cyber defence capacity, achieving in one month what would normally take CyTF2 personnel several months to accomplish.

CAFCYBERCOM is a close partner with the Canadian Centre for Cyber Security (CCCS) in defending Canada’s networks and in defending Latvia’s networks. CCCS provided three cyber analysts for this surge, adding additional expertise in the complex and evolving cyber realm. CCCS has been present on every surge with CyTF2 to demonstrate Canada’s combined commitment in partnering with CERT.LV to ensure their networks remain secure.

“Surge number 7 tripled the combined LVCAN threat hunting capacity in Latvia, and in that month, we accomplished the same amount of analysis as CyTF2’s six personnel would in five months. Canada’s joint leadership of this operation and contribution of an additional nine personnel demonstrates Canada’s commitment to Latvia and its international allies,” said Maj Broda-Milian.

The operation exposed critical supply chain weaknesses in companies supporting Latvia’s essential infrastructure and strengthened collaboration among partners from Poland, CERT-EU, and beyond. Maj Broda-Milian noted that the insights and tools developed during the surge have already been woven into ongoing cyber defence efforts.

Mr. Varis Teivans, CERT.LV Technical Director and Deputy Manager, said of the surge: “This joint initiative, supported by the CAF Task Force’s valuable insight and experience, facilitated effective threat-hunting operations across allied networks. Through mutual collaboration and shared threat intelligence, it enhanced detection capabilities, deepened insight into adversary behavior, and strengthened the cyber defenses of Latvian networks. The operation's preventive nature reduced the risk of future incidents and strengthened the partnership between our nations.”

This operation exemplifies the power of multinational collaboration and reflects a broader national commitment. CAFCYBERCOM enables Canada to fulfill NATO obligations such as the Virtual Cyber Incident Support Capability and the Sovereign Cyber Effects Provided Voluntarily by Allies. The establishment of CAFCYBERCOM aligns with similar investments by Canada’s key partners in NORAD, the “Five Eyes” alliance, and NATO.

By enhancing its cyber capabilities, the CAF improves interoperability with allies, better counters the full spectrum of cyber threats, and advances NATO’s mission goals.

Maj Broda-Milian underscored that the CAF views cyber operations as integral to all missions and that cyberspace is a domain Canada must defend. Through operations like this cyber surge, Maj Broda-Milian emphasized that CyTF2 continues to demonstrate that strong, collaborative cyber defence is essential to protecting shared digital frontlines.