Cyber operations come out of the shadows

As the U.S. embarks on its first openly declared “cyber war,” how will offensive capabilities be applied in future conflicts against an array of enemies?

Cyber operations, which have long been conducted in the background, have been gaining more prominence. With high-profile intrusions into U.S. systems – the Office of Personnel Management and the email system for the Joint Chiefs of Staff, to name a couple – cyber conflict, capability and awareness has been brought to the attention of the public. Director of National Intelligence James Clapper even acknowledged the practicality of the OPM breach, saying that the United States would do the same thing. Despite these apparent setbacks, the United States is also publicly stepping up its cyber game.

Defense Secretary Ashton Carter has tasked Cyber Command to “take on the war against ISIL as essentially the first major combat operation of Cybercom,” he said in front of Congress last week, using another acronym for ISIS. “The objectives there are to interrupt ISIL command and control, interrupt its ability to move money around, interrupt its ability to tyrannize and control population, interrupt its ability to recruit externally – all of that it does in a cyber-enabled way,” he continued.  “We’re talking about cyber operations in Syria and Iraq and my feeling about that was and is very direct, which is we’re bombing them and we’re going to take out their Internet and so forth as well…This is the first big test of Cybercom. I have very high expectations that they can be successful.”

“The overall effect we’re trying to achieve is virtual isolation and this compliments very much our physical actions on the ground. And the particular focus is external operations that might be conducted by ISIL,” Chairman of the Joint Chiefs of Staff Gen. Joseph Dunford told the Senate Armed Services Committee last week.   

Cyber operations, many military experts and scholars have said, will likely be used as a tool in conjunction with larger, more conventional military efforts in future conflicts. Russia has used this to great effect, first in Georgia in 2008 and recently in Ukraine, where Russian sympathizers shut down part of the electrical grid. “The 2008 war between Russia and Georgia may represent the first time in history of ‘a coordinated cyberspace…attack synchronized with major combat actions in the other warfighting domains’,” Antonia Chayes, professor at Tufts University, wrote last year in the Harvard National Security Journal. “The cyber attacks on Georgia’s military and government networks, including [distributed denial of service attacks] and website defacements, began three weeks before the physical hostilities and continued throughout the war. Linked to Russia’s ‘patriotic hackers/cyber militias,’ the attacks were timed with the Russian military’s ground, air, and naval combat operations and closely coordinated with the ‘overall strategic objectives of the Russian government’.”

President Barack Obama has even acknowledged that cyber operations against ISIS are taking place, which is a rare occurrence.

“The operations against ISIS in the cyber domain are notable in that they are the first time that the U.S. is openly declaring that it is engaging in this space,” Peter Singer, strategist and senior fellow at the New America Foundation, told Defense Systems via email. “We've been active in the past, but in covert espionage operations, ala Stuxnet. So it’s a big step in the ‘normalization’ of cyber operations, not just to do it, but to openly admit to doing it.”

These tactics line up neatly with the so-called “light footprint” the Obama administration has tried to apply to counterterrorism. Such a policy aims to avoid large-scale deployments of conventional combat troops and/or overthrowing heads of state. “The first thing I'd say about the use of drones is that it is a far more targeted way of taking out terrorist leaders and terrorist networks than invading and occupying a country like Iraq. So there is far less civilian casualties, far less suffering than large-scale military operations like we saw in Iraq,” Deputy National Security Adviser Ben Rhodes said on the Al Jazeera program “Up Front” in September, regarding how the use of drones fits this light footprint model.

“Within just eight years from 2002 to 2010, the Department of Defense’s inventory of UAVs increased 40-fold. Since then, drones have become the weapon of choice in hostile, remote areas throughout the world,” wrote naval officer Andrew Poulin, highlighting how such as capability can go from emergent to pivotal. For example, drone strikes now outnumber strikes from manned aircraft in Afghanistan. 

For Cyber Command, which was established in 2009 and will not reach its full operational capability for another 19 months, the assignment from Carter will be a chance to demonstrate its capabilities as part of a larger conflict. In a nod to how important cyber operations could become, members of the House Armed Service Committee passed a draft National Defense Authorization Act for 2017 last week that would elevate Cyber Command to a unified command, something Cyber Command commander Adm. Michael Rogers has told Congress he agrees with.

“In 2016, as I tell our team, you can tell we’re at the tipping point now. The capacity and capability is starting to come online,” Rogers said at the Atlantic Council in January. “We have now been in existence as an organization for a little over five years. The first part of that life was largely spent on starting to generate capacity and capability in the form of the cyber mission force…using that cyber mission force of 6,200 people to generate the spectrum of capabilities from the defensive to the offensive to ensure that our operational commanders and our policy makers and our nation have a wide range of options to apply.”

Despite the acknowledgement of Cyber Command’s first assignment, the U.S. intelligence community – through the nation’s premier signals intelligence agency, the National Security Agency, which Cyber Command is co-located with at Fort Meade and even shares a director – as well as the most elite special operations forces have deployed cyber capabilities in past conflicts, most recently in Iraq. 

Iraqi sources “would enter [an] Internet café without arousing suspicion and upload software onto the computers. Sometimes the software was of the keystroke recognition type, at other times it would covertly activate a webcam if the computer had one, allowing the task force to positively identify a target,” Sean Naylor wrote in his book “Relentless Strike: The Secret History of Joint Special Operations Command,” recounting the efforts of U.S. special operators during the Iraq war to combat insurgents.  Naylor also documented how special operations forces pioneered operationalizing what became to be known as cyber operations during conflict in Iraq. “In the first years after the September 11 attacks, the ‘program’ became a stand-alone unit. It started as a small yet effective troop, but by 2007 had grown into the Computer Network Operations Squadron—headquartered in Arlington, Virginia, with a troop at Fort Meade and another at the CIA’s Langley headquarters—and reporting straight to the JSOC commander. The military kept CNOS in JSOC ‘because we want it to operating in areas that are not necessarily…where we’re currently at war,’ said a military intelligence officer. ‘We want it to operate around the globe [pursuing] national objectives’.”  

Looking ahead, most DOD officials aren’t necessarily viewing the operations against ISIS as a test case in cyber operations or cyber war going forward. Cyber is one of many capabilities in a larger bag to choose from that did not exist years ago, a DOD spokesperson told Defense Systems. As a planning organization, DOD is always looking to make improvements and apply lessons learned, whether saving money or in an operational context, the spokesman said, adding that DOD is using these operations to make improvements to its current capabilities.

“Really, like any operations that we do in the military we’re constantly looking – from a lessons learned, after action reports – so that we learn both the operational lessons and then the tactical lessons,” Maj Gen Burke “Ed” Wilson, commander of the 24th Air Force, told Defense Systems in an interview regarding lessons being learned in the cyber operations against ISIS that could be applied against similar or more advanced adversaries going forward.  “So we’re constantly looking at how those lessons can be applied across the board no matter what the adversary or what the threat would be.  Unfortunately most of those details in terms of specifics, I’m not at liberty really to get into.” 

“I don’t think I would respond to lessons being learned specifically what the Secretary has directed us to do in an operational contingency. I would just say I think it’s significant that all the elements, the power that we have in the military are being asked to respond to a major crisis like we have there. Cyber Command is no different,” Lt. Gen. James McLaughlin, Deputy Commander of Cyber Command, told Defense Systems. “I think there will be – we always learn lessons – so I think there will be some once we’re at the end of an operation. But right now I don’t think I would even say that we’re at the lessons learned phase, we’re at the what’s our role in this and are we doing what we’re supposed to support the commander.” 

Depending on the desired effects the military is seeking to exert on ISIS, “It could be some time before anyone can see a measurable effect,” Isaac Porche, senior engineer at the Rand Corp. said.  “Cyber operations have a potentially broad set of effects. If the desire is to have an immediate impact on an adversary’s ability to perform tactical [command and control], that is very measurable. I don’t know if that is what [the U.S. military] are trying to do.” 

Non-state groups, to this point, have not demonstrated any destructive capabilities in cyberspace, such as Russia or China. Rogers has told lawmakers that Russia – and to some measure China – has the capability to inflict serious harm on U.S. infrastructure. Furthermore, non-state groups such as ISIS do not operate advanced infrastructure systems, meaning the current military cyber efforts against the group might not exactly parallel those of a more traditional and capable adversary.   

The United States’ anti-ISIS cyber operations are “still not the kind of activity that you would see in an all our war or against a more advanced adversary. There's no ISIS integrated air defense to target via cyber means or physical damage to cause via targeting ISIS-owned SCADA systems inside their base facilities or warship engine rooms,” Singer, of New America, said. “So think of this as the opening, but not the final view of where this is all headed. It’s akin to the early uses of airplanes in colonial operations just before World War I. And just like with that, the users won't just be the great powers, but the some 100 nations that have already created some kind of cybersecurity organizations.” 

The combination of both cyber capabilities and a formalized force will doubtless provide commanders and future leaders more options to exercise desired goals. “You should feel assured that we are, in each phase of consideration, learning a lot and progressing down the road,” commander of the 10th Fleet and Fleet Cyber Command Vice Adm. Jan Tighe told Defense Systems regarding the ISIS cyber operations. 

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.