The following article was published Aug. 16, 2022 on Breaking Defense.
As the United States and its allies move from almost a quarter century of focus on the Global War on Terrorism, and shift to the new realities as specified in the current National Defense Authorization Act (NDAA) — which authorizes funding levels and provides authorities for the U.S. military and other critical defense priorities — so too must technology and capability adapt and align to the new operational environment. Cyber and information warfare will take greater precedence than ever before as the NDAA outlines the threat environment.
How then can cyberspace operation (CO) and information warfare (IW) capabilities best align to support and enable multi-domain operations across a wide spectrum of threats, while at the same time ensuring safety and security of critical infrastructure and assets? On one hand, CO and IW must operate in a Phase 0, or “left of boom” non-kinetic environment to help shape, deter, defend, and inform, while at the same time posturing to ensure combatant commander and National Command Authority (NCA) freedom of maneuver in cyberspace while denying adversaries the same, should hostilities begin.
Full spectrum CO and IW contain numerous supporting efforts, to include cyber or computer network operations (CNO), signals intelligence (SIGINT), information operations (IO), electronic warfare (EW), as well as other various supporting disciplines such as machine learning and artificial intelligence, big data and data science, and the use of publicly available information (PAI). All combine to ensure information advantage and decision dominance for the commander within the Joint Information Environment (JIE) and across the traditional operational maneuver domains of air, land, sea, space, and cyber. The really interesting challenge, then, is to fuse all of this immense stand-alone capability in time to be relevant and deliver effects as needed.
To ensure commander freedom of maneuver in the JIE and drive information advantage and decision dominance, Army Cyber Command has created new capability and capacity in the form of unique new units and commands; this is in addition to the already established Cyber Mission Force. A recent example is the 915th Cyberwarfare Battalion — the first organic, scalable expeditionary Cyber Electromagnetic Activities (CEMA) capability — which is providing commanders a new tactical tool with the ability to deny, degrade, disrupt, destroy, deceive, influence, shape, and manipulate the capabilities and decisions of adversaries.
“Whether it be deterrence in the early competition phase or dominance throughout conflict, the invisible, complex, and congested electromagnetic spectrum will be where future battles are won or lost,” states the Cybersecurity and Information Systems Information Analysis Center (CSIAC), a component of the Defense Department’s Information Analysis Center enterprise.
Our adversaries are no longer “just” terrorist cells in the desert operating off of a pay phone or an Internet cafe. Rather, U.S. forces need to be prepared for much higher sophistication and maturity of cyber and EW capabilities.
“I wasn’t worried about ISIL breaking into this conversation and listening to us talking, but I do have to worry about peer and near-peer adversaries having the capability to do just that,” said Jack Koons, senior principal solutions architect for Cyberwarfare and Information Warfare within HII (better known until recently as Huntington Ingalls Industries, the largest shipbuilder in the U.S. and the builder of the under-construction Ford-class aircraft carriers that are the first to be fully digitally designed.).
“You now have to operate with an ‘assume breach’ mentality, that any platform that you’re using for communications or for network access is potentially compromised at the very least, exploited at the worst. I may have to work in degraded operations or constrained environments, or lose primary access. So you need to have B, C, and D fallback plans to cover gaps, extend operational reach and access, and ensure freedom of maneuver for the combatant commander in the information environment.” In a word, cyber must provide options.
The challenge faced by U.S. and allied forces has been on full display in Ukraine. Prior to Russian forces mounting their kinetic attack, they unleashed a slew of cyberattacks to weaken Ukraine’s posture and take its focus off of the mounting physical forces that were about to cross the border.
“In the case of Ukraine, General Paul Nakasone (U.S. Cyber Command commander and NSA director) has said that we have deployed expeditionary cyber warfare elements into theater to support them,” observed Ron Fodor, operations manager for HII’s Cyber, EW & Space business. “What’s interesting is that we’re seeing the convergence of the cognitive, the physical, and the virtual space.”