The Use Of Cyber Capabilities in War

The TAG Infosphere ?Special Issue ?recently explored the subject of cyber war.??It is a subject that warrants continuous study, just as other forms of warfare.??The U.S. military services dedicate university-level study to the profession of arms (their War Colleges) along with doctrine centers and other functions of experimentation.??However, they have only started seriously paying attention to cyber capabilities as a domain within the last ten years.???They are woefully behind our peer competitors.

FOCUS ON OUTCOMES AND LESS ON DEFINITIONS

Carl von Clausewitz tells us, “War is politics by another means…”.??In the traditional sense, this means getting other nations to concede to your will either by occupying their land or taking away their will to resist (i.e., destroying their ability to defend themselves).??Cyber cannot do either of these things, just as a tank, plane, or ship on its own can accomplish them.??However, cyber can play an influential part in operational and strategic operations, but not as an instrument on its own.??Many military planners would say, “It’s not the weapon you sling that makes you lethal, but how you sling it.”??

Cyber capabilities are asymmetric as they transcend traditional warfighting domains such as air, land, sea, and space.??Cyber weapons and tactics can bring kinetic and non-kinetic effects that achieve operational and strategic outcomes.??For example, those who have studied large-scale conflicts would tell you it’s all about the?beans, bullets, and gas.??In other words, logistics, as the Russians have discovered in their war with Ukraine.??How fast and effectively a force can deploy capabilities (and sustain them) to a place and time of their choosing is often a decisive factor in warfare.??The last time the U.S. experienced contested logistics was during World War II.??In the next large-scale war, the U.S. is likely to experience contested logistics from the cyber domain in addition to other disruptions that could potentially influence our will, as a nation, to fight.

USEFUL FICTION TO PREDICT SCENARIOS

Peter W. Singer and August Cole are the co-founders of?Useful Fiction .??It is a network of creators, thinkers, and artists who cross the realms of forecasting and communication.??They use the power of stories to carry across real-world lessons.??This method can often gain insights into the effects we wouldn’t usually anticipate.??In 2009, I used a similar technique as part of an advocacy paper while a student at the Naval War College.??In those days, we called it an operational vignette.??I used it to reinforce the rationale for my thesis.??

In the following hypothetical scenario, strategic and operational objectives must be considered.??To that end, the following assumptions and general descriptions of objectives and the environment must be established.??As with many large-scale military conflicts, contested territory and sovereignty are usually at the source of tensions and serve as the basis for this example.??The adversary’s strategic objective is to invade and hold a neighboring disputed territory.??The adversary has a large military, albeit inferior to the U.S., and knows they can defeat indigenous forces easily but cannot defeat the U.S. in a conventional conflict.??It is not their intent to defeat the U.S. outright but to disrupt their ability to deploy forces to the theater of operations long enough to establish a significant and robust military presence in the disputed territory, thus making a recapture of the territory too costly for the U.S.

The adversary has watched the U.S. since the beginning of military Operations, Enduring and Iraqi Freedom, and recognizes that the U.S. is still heavily committed in two theaters of war and has been primarily focused on counter-insurgency and antiterrorism operations for nearly a decade.??During the same period, the adversary has undertaken a massive military modernization to include the development of cyber tactics and weapons in an unrestricted warfare doctrine.??For the last five years, they conducted extensive cyber reconnaissance identifying vulnerabilities in critical U.S. infrastructures near key military installations that would be involved in action against them.??In addition, they have exploited commercial software used by data systems essential to force deployment to alter critical information such as logistics plans and the readiness of forces.??????

The campaign started a year before with the public announcement of military exercises that explain the movement of forces into the immediate area of operations.??Other information operations elements plant seeds to indicate terrorist groups are planning or considering cyber-attacks on the U.S.??Closer to the start of their invasion, the adversary executes cyber operations against critical infrastructure and key resources. Specifically, they disrupt or disable food distribution systems throughout the U.S. – those information systems that automate inventory and movement of food to large supermarket franchises.??The Supervisor Control and Data Acquisition (SCADA) system at the Roosevelt Dam in Arizona is compromised and used to unleash 300 billion gallons of water into the Salt River with minimal loss of life but massive interruption of power and water supplies for Arizona and neighboring states.??Simultaneously, the information systems of several large financial institutions are breached, and large banking databases are encrypted, rendering them inaccessible for ordinary banking transactions.??Their public websites are defaced, announcing that the banks have been compromised and bank customers’ money is not safe.??Mainstream media carries the stories creating widespread panic and resulting in a run on banks and food stores throughout the country.?The political leadership struggles to determine what or who is responsible for these events.??The lack of definitive roles and responsibilities governing these critical infrastructures inhibits cohesive assessment and response.??Since 85% of critical infrastructure is privately owned and operated, the government has little control or visibility into the full extent of what is happening.??In the meantime, world financial markets react to the possibility that U.S. economic power may be under assault.?

The adversary presses with its mobilization of forces under the auspices of planned exercises.??Additionally, they make public statements expressing sympathy for events in the U.S. and pledging their support, further convoluting the situation.??In conjunction with the operations above, they infiltrate the automated supply systems in the Department of Defense (DoD), changing inventory levels of fuel, munitions, and critical parts.??The intrusion will not be detected for 48 hours and result in the degradation of logistics operations as military leaders lose confidence in the data available to make time-sensitive decisions.??Similar operations are carried out against personnel systems, the Defense Finance and Accounting System, and the Tanker Airlift and Control Center at Scott AFB in Illinois degrading worldwide airlift and air refueling operations supporting all combatant commanders.????????????

Immediately preceding the start of the invasion, instrument landing systems at Los Angeles, JFK, and Chicago O’Hare airports are compromised, causing the crash of four commercial airliners.??With no understanding of the extent of the attack, the government responded by shutting down all air transportation across the country as they did on 9-11.??Communications and utilities are attacked and shut down in large metropolitan areas close to military installations that would be involved in operations against the adversary.??In accordance with computer network defense and force protection procedures, the DoD declares its highest state of force protection and information condition.??The result brings movement on and off bases to a crawl.??In an ironic twist, the command-directed information condition procedures result in a self-imposed denial of service as networks and critical information systems are disconnected from the global information grid.??What was a preplanned and announced exercise turned into a planned invasion by our adversary.??The U.S. does not have the forces in the area of operations to deter, much less stop, the hostilities.

The crisis created by cyber-attacks on critical infrastructure in the U.S. demands focused national leadership attention at home.??Simultaneously, cyber-attacks on critical military and civilian systems seriously disrupt and delay the deployment of forces to and within the geographic command where hostilities have begun.??The adversary establishes unchallenged robust forces in the disputed territory, thus achieving their first major operational objective.

LESSONS LEARNED

Warfare is as old as humanity itself.??New capabilities emerged during that period, such as the bow and arrow, automatic weapons, tanks, planes, and submarines, to name a few.??And now cyber.??Those militaries that have fared best have used these capabilities in an integrated way and, in many cases, asymmetrically.??This scenario leads us to several lessons learned.

Expect the unexpected by thinking asymmetrically, not doctrinally.??Doctrine comes after the study and learning from engagements.??When capabilities like cyber are introduced to the battlespace heavily influenced, but not governed, by doctrine, they are highly effective.??Ironically, the Navy told me this scenario was unrealistic and that cyber was a fad that would likely be gone in a few years.??It was 2009.?What capabilities should we be considering for 2035?

Fight as smart as you do hard.??Mature military planners think in terms of operational effects, not just what weapons they need.??Cyber practitioners typically think about platforms and tasks versus what they must achieve.??This lesson extends to practitioners in civilian organizations who struggle to align to business outcomes.??Cyber practitioners must think about how they sling their weapon, not the weapon itself.

The economy of scale matters.??Economic factors have always been a part of military operations.??Never use a million-dollar bomb on something a grenade can do.??The cost of entry into the air domain is 117 million dollars.??That’s the cost of a single fifth-generation fighter (F-35 Joint Strike Fighter) - no fuel, munitions, or pilot.??This cost of admission does not equal air dominance.??The cost of admission into the cyber domain is a laptop computer and a talented programmer.??How many of those can you acquire for 117 million dollars???What effects could you deliver for that price??

War gaming is cheap and effective.??War gaming is a staple of military planning.??It is a low-cost and highly effective way to identify gaps in defenses, offensive plans, and countermeasures.??Next-generation war games should include professionals besides military members, such as in the useful fiction model.

A FINAL THOUGHT

There are many distinguishing characteristics of the cyber domain from more traditional domains.??The most compelling one is that cyber is intertwined with every facet of global society.??You could argue that bombing a critical bridge or power plant is highly destructive, but wiping out the financial data about millions of people or turning off the electricity in major cities indefinitely is more akin to ending entire societies.

These implications must be considered when governments and private institutions allocate resources to the military, infrastructure, education, and innovation programs that sustain our way of life.??

#cyberwarfare #strategy #asymmetricthinkers #activelyfulfilled #threatintelligence #cybersecurity #war #geopolitics #resiliency