All posts by Guest Author

Asia-Pacific, Cyber War

Beijing’s Views on Norms in Cyberspace and Cyber Warfare Strategy Pt. 1

Leave a comment

By LCDR Jake Bebber USN

The following is a two-part series looking at PRC use of cyberspace operations in pursuit of its national strategies and the establishment of the Strategic Support Force. Part 1 considers the centrality of information operations and information war to the PRC’s approach toward its current struggle against the U.S. Part 2 looks at the PRC’s use of international norms and institutions in cyberspace, and possible U.S. responses.

Introduction

A recent article noted a marked shift in Chinese strategy a few short years ago which is only now being noticed. Newsweek author Jeff Stein wrote a passing reference to a CCP Politburo debate under the presidency of Hu Jintao in 2012 in which “Beijing’s leading economics and financial officials argued that China should avoid further antagonizing the United States, its top trading partner. But Beijing’s intelligence and military officials won the debate with arguments that China had arrived as a superpower and should pursue a more muscular campaign against the U.S.”1

The nature of this competition is slowly taking shape, and it is a much different struggle than the Cold War against the Soviet Union – however, with stakes no less important. This is a geoeconomic and geoinformational struggle. Both U.S. and PRC views on cyber warfare strategy, military cyber doctrine, and relevant norms and capabilities remain in the formative, conceptual, and empirical stages of understanding. There is an ongoing formulation of attempting to understand what cyberspace operations really are. While using similar language, each has different orientations and perspectives on cyberspace and information warfare, including limiting structures, which has led to different behaviors. However, the nature of cyberspace, from technological advancement and change, market shifts, evolving consumer preferences to inevitable compromises, means that while windows of opportunity will emerge, no one side should expect to enjoy permanent advantage. Thus, the term ‘struggle’ to capture the evolving U.S.-PRC competition.

The PRC recognized in the 1990s the centrality of information warfare and network operations to modern conflict. However, it has always understood the information space as blended and interrelated. Information is a strategic resource to be harvested and accumulated, while denied to the adversary. Information warfare supports all elements of comprehensive national power to include political warfare, legal warfare, diplomatic warfare, media warfare, economic warfare, and military warfare. It is critical to recognize that the PRC leverages the American system and its values legally (probably more so than illegally), to constrain the U.S. response, cloud American understanding, and co-opt key American institutions, allies, and assets. In many ways, the PRC approach being waged today is being hidden by their ability to work within and through our open liberal economic and political system, while supplemented with cyber-enabled covert action (such as the OPM hack).

To support their comprehensive campaign, the PRC is reforming and reorganizing the military wing of the Communist Party, the People’s Liberation Army (PLA), posturing it to fight and win in the information space. Most notably, it recently established the Strategic Support Force (SSF) as an umbrella entity for electronic, information, and cyber warfare. Critical for U.S. policymakers to understand is how the SSF will be integrated into the larger PLA force, how it will be employed in support of national and military objectives, and how it will be commanded and controlled. While much of this remains unanswered, some general observations can be made.

This reform postures the PLA to conduct “local wars under informationized conditions” in support of its historic mission to “secure dominance” in outer space and the electromagnetic domain. Network (or cyberspace) forces are now alongside electromagnetic, space, and psychological operations forces and better organized to conduct integrated operations jointly with air, land, and sea forces.2

This change presents an enormous challenge to the PLA. The establishment of the SSF disrupts traditional roles, relationships, and processes. It also disrupts power relationships within the PLA and between the PLA and the CCP. It challenges long-held organizational concepts, and is occurring in the midst of other landmark reforms, to include the establishment of new joint theater commands.3 However, if successful, it would improve information flows in support of joint operations and create a command and control organization that can develop standard operating procedures, tactics, techniques, procedures, advanced doctrine, associated training, along with driving research and development toward advanced capabilities.

While questions remain as to the exact composition of the Strategic Support Force, there seems to be some consensus that space, cyber, electronic warfare, and perhaps psychological operations forces will be centralized into a single “information warfare service.” Recent PLA writings indicate that network warfare forces will be charged with network attack and defense, space forces will focus on ISR and navigation, and electronic warfare forces will engage in jamming and disruption of adversary C4ISR. It seems likely that the PRC’s strategic information and intelligence support forces may fall under the new SSF. The PLA’s information warfare strategy calls for its information warfare forces to form into ad hoc “information operations groups” at the strategic, operational, and tactical levels, and the establishment of the SSF will save time and enable better coordination and integration into joint forces. The SSF will be better postured to conduct intelligence preparation of the battlespace, war readiness and comprehensive planning for “information dominance.”4

The establishment of the SSF creates a form of information “defense in depth,” both for the PLA and Chinese society as a whole. The SSF enables the PLA to provide the CCP with “overlapping measures of electronic, psychological, and political deterrents.” It is reasonable to expect that there will be extensive coordination and cooperation among the PRC’s military, internal security, network security, “commercial” enterprises such as Huawei and ZTE, political party organizations, state controlled media both inside and outside China, and perhaps even mobilization of Chinese populations.

Chinese Information Warfare Concepts and Applications

Recent Chinese military writings have stressed the centrality of information to modern war and modern military operations. Paying close attention to the way the West – principally the U.S. – conducted the First Gulf War and operations in Kosovo and the Balkans in the 1990s, the PRC has been aggressively pursuing a modernization and reform program that has culminated in where they are today. Indeed, there is close resemblance to PLA and PRC aspirational writing from the 1990s to today’s force structure.

In many ways, the PLA understanding of modern war reflects the American understanding in so much as both refer to the centrality of information and the need to control the “network domain.” “Informatized War” and “Informatized Operations” occur within a multi-dimensional space – land, sea, air, space and the “network electromagnetic” or what Americans generally understand as “cyberspace.” The U.S. has long held that the control of the network domain provides a significant “first mover advantage,” and the PRC is well on the way toward building the capability for contesting control of the network domain. Its writings consistently hold that the PLA must degrade and destroy the adversary’s information support infrastructure to lessen its ability to respond or retaliate. This is especially necessary for “the weak to defeat the strong,” because most current writing still suggests that the PLA believes itself still inferior to American forces, though this perception is rapidly changing. Regardless, the PRC understanding of modern war supposes a strong incentive for aggressive action in the network domain immediately prior to the onset of hostilities.6 These operations are not restricted geographically, and we should expect to see full-scope network operations worldwide in pursuit of their interests, including in the American homeland.7

There are three components to a strategic first strike in the cyber domain. The first component is network reconnaissance to gain an understanding of critical adversary networks, identifying vulnerabilities, and manipulating adversary perception to obtain strategic advantage. Network forces are then postured to be able to conduct “system sabotage” at a time and place of the PRC’s choosing. When the time is right, such as a prelude to a Taiwan invasion or perhaps the establishment of an air defense identification zone over the South China Sea, the PRC will use system sabotage to render adversary information systems impotent, or to illuminate the adversary’s “strategic cyber geography” in order to establish a form of “offensive cyber deterrence.” The PRC could take action to expose its presence in critical government, military, or civilian networks and perhaps conduct some forms of attack in order to send a “warning shot across the bow” and give national decision-makers reason to pause and incentive to not intervene.8

Indeed, unlike the American perspective, which seeks to use cyberspace operations as a non-kinetic means to dissuade or deter potential adversaries in what Americans like to think of as “Phase 0,” the PLA has increasingly moved toward an operational construct that blends cyberspace operations with kinetic operations, creating a form of “cyber-kinetic strategic interaction.” The goal would be to blind, disrupt, or deceive adversary command and control and intelligence, surveillance, and reconnaissance (C4ISR) systems while almost simultaneously deploying its formidable conventional strike, ballistic missile, and maritime power projection forces. The PLA envisions this operational concept as “integrated network electronic warfare,” described by Michael Raska as the “coordinated use of cyber operations, electronic warfare, space control, and kinetic strikes designed to create ‘blind spots’ in an adversary’s C4ISR systems.”9 

The PLA has recently described this as a form of “network swarming attacks” and “multi-directional maneuvering attacks” conducted in all domains – space, cyberspace, ground, air, and sea. The Strategic Support Force has been designed to provide these integrated operations, employing electronic warfare, cyberspace operations, space and counter-space operations, military deception and psychological operations working jointly with long-range precision strike, ballistic missile forces and traditional conventional forces.

Essential to these concepts are China’s ability to achieve dominance over space-based information assets. PRC authors acknowledge this as critical to conducting joint operations and sustaining battlefield initiative. This includes not only the orbiting systems, but ground stations, tracking and telemetry control, and associated data systems. We can expect full-scope operations targeting all elements of America’s space-based information system enterprise.

Important to all of this is the necessity of preparatory operations that take place during “peacetime.” China understands that many of its cyberspace, network, electronic and space warfare capabilities will not be available unless it has gained access to and conducted extensive reconnaissance of key systems and pre-placed capabilities to achieve desired effects. We should expect that the PRC is actively attempting to penetrate and exploit key systems now in order to be able to deliver effects at a later date.

Chinese Understandings of Deterrence and International Law in Cyber Warfare

China recently released the “International Strategy of Cooperation on Cyberspace.”10 Graham Webster at the Yale Law School made some recent observations. First, it emphasizes “internet sovereignty,” which is unsurprising, since the CCP has a vested interest in strictly controlling the information space within China, and between China and the rest of the world.  This concept of “internet sovereignty” should best be understood as the primacy of Chinese interests. China would consider threatening information sources outside of the political borders of China as legitimate targets for cyber exploitation and attack. In the minds of the CCP, the governance of cyberspace should recognize the sovereignty of states, so long as the Chinese state’s sovereignty is paramount over the rest of the world’s.

Second, the strategy suggests that “[t]he tendency of militarization and deterrence buildup in cyberspace is not conducive to international security and strategic mutual trust.” This appears to be aimed squarely at the U.S., most likely the result of Edward Snowden’s actions. The U.S. seems to also be the target when the strategy refers to “interference in other countries’ internal affairs by abusing ICT and massive cyber surveillance activities,” and that “no country should pursue cyber hegemony.” Of course, the PRC has been shown to be one of the biggest sources of cyber-enabled intellectual property theft and exploitation, and China’s cyber surveillance and control regimes are legendary in scope. Immediately after decrying the “militarization” of cyberspace, the strategy calls for China to “expedite the development of a cyber force and enhance capabilities … to prevent major crisis, safeguard cyberspace security, and maintain national security and social stability.” These broad, sweeping terms would permit China to later claim that much of its activities that appear to violate its own stated principles in the strategy are indeed legitimate.

The strategy seeks to encourage a move away from multi-stakeholder governance of the Internet to multilateral decision-making among governments, preferably under the United Nations. This would certainly be in China’s interests, as China continues to hold great sway in the U.N., especially among the developing world. After all, China is rapidly expanding its geoeconomic and geoinformational programs, leveraging its state-owned enterprises to provide funding, resources, and informational infrastructure throughout Africa, Asia, Europe, and the Americas. As more countries become dependent on Chinese financing, development, and infrastructure, they will find it harder to oppose or object to governance regimes that favor Chinese interests.

Naturally, the strategy emphasizes domestic initiatives and a commitment to a strong, domestic high-tech industry. This would include the “Made in China 2025” plan, which has received a great deal of attention. The plan seeks to comprehensively upgrade and reform Chinese industry, with an emphasis on information technology.11

When considering deterrence in the Chinese understanding, it is important to remember that China approaches it from a different context than the United States. Jacqueline Deal noted that China’s basic outlook proceeds from the premise that the “natural state of world is one of conflict and competition, and the goal of strategy is to impose order through hierarchy.”12 While Americans understand deterrence as a rational calculation, the Chinese approach emphasizes the conscious manipulation of perceptions.

Indeed, the Chinese term weishe, which translates as “deterrence,” also embodies the idea of “coercion.” We might see examples of this understanding by China’s historic use of “teaching a lesson” to lesser powers. In the 20th Century, Chinese offensives against India and Vietnam – thought by many in the West to be an example of tragic misunderstanding and failed signaling of core interests – might be better thought of as attempts by China to secure its “rightful” place atop the regional hierarchy. It is a form of “lesson teaching” that has long-term deterrent effects down the road.

We can expect therefore that cyberspace would become one means among many that China will use in support of its “Three Warfares” (public opinion, media, legal) concept in support of its larger deterrent or compellence strategies. It will likely be much broader than the use of PLA SSF forces, and could include cyber-enabled economic strategies, financial leverage, and resource withholding.

LCDR Jake Bebber is a cryptologic warfare officer assigned to the staff of Carrier Strike Group 12. He previously served on the staff of U.S. Cyber Command from 2013 – 2017. LCDR Bebber holds a Ph.D. in public policy. He welcomes your comments at: [email protected]. These views are his alone and do not necessarily represent any U.S. government department or agency.

1. Available at: http://www.newsweek.com/cia-chinese-moles-beijing-spies-577442

2. Dean Cheng (2017). Cyber Dragon: Inside China’s Information Warfare and Cyber Operations. Praeger Security International.

3. Cheng 2017.

4. John Costello and Peter Mattis (2016). “Electronic Warfare and the Renaissance of Chinese Information Operations.” in China’s Evolving Military Strategy (Joe McReynolds, editor). The Jamestown Foundation.

6. Joe McReynolds, et. Al. (2015) “TERMINE ELECTRON: Chinese Military Computer Network Warfare Theory and Practice.” Center for Intelligence Research and Analysis

7.  Barry D. Watts (2014) “Countering Enemy Informationized Operations in Peace and War.” Center for Strategic and Budgetary Assessments

8. Timothy L. Thomas (2013) “China’s Cyber Incursions.” Foreign Military Studies Office

9. See: http://www.atimes.com/article/chinas-evolving-cyber-warfare-strategies/

10. See: http://news.xinhuanet.com/english/china/2017-03/01/c_136094371.htm

11. See: https://www.csis.org/analysis/made-china-2025

12. Jacqueline N. Deal (2014). “Chinese Concepts of Deterrence and their Practical Implications for the United States.” Long Term Strategy Group.

Featured Image: The Center for Nanoscale Materials at the Advanced Photon Source. (Photo: Argonne National Laboratory)

Book Review

Hunters and Killers

1 Comment

Norman Polmar and Edward Whitman, Hunters and Killers: Volume 1 and Volume 2. Annapolis, Naval Institute Press, 2015/2016, $44.95.

By Joe Petrucelli

In their two-volume work, Norman Polmar and Edward Whitman have written the first comprehensive history of Anti-Submarine Warfare. As the authors note in their preface, there are histories of ASW campaigns as well as  both adversary and U.S. submarine operations, but no one has examined the discipline of ASW from its humble beginnings. Polmar and Whitman do just that in these two volumes, starting with the rudimentary ASW operations of the American revolution through the massive campaigns of the First and Second World War and finishing with the nuclear revolution and post-Cold War implications. Through their analysis, one can discern four factors that make ASW campaigns effective throughout history: numbers, technology, intelligence coordination, and organizational integration and concepts.

The most important conclusion that can be drawn from Polmar and Whitman’s analysis is that in ASW, numbers matter. While acknowledged as important, most navies do not appear to consider ASW as one of their most important capabilities and invest in it accordingly. Thus, during the interwar period, Polar and Whitman observe that the U.S. and Royal Navies drastically cut their ASW platforms both in absolute and relative terms, preferring to expend limited resources on larger, more prominent line combatants. Unfortunately, all the successful ASW campaigns they examined required presence over a large open-ocean area and a small number of highly capable combatants were not necessarily helpful, leaving the Allies to suffer severe losses until embarking on emergency building programs. To emphasize this point, in 1940 none other than Winston Churchill observed that large surface combatants (even if equipped with ASW weapons and sensors) were not effective escorts because they were valuable enough to become targets themselves. The most effective force structure during the ASW campaigns they examined consisted of long-range patrol aircraft and a large number of small, relatively expendable escorts.

The history of ASW is one of technological innovation by both submarines themselves and ASW forces. Polmar and Whitman do an excellent job explaining these complex technical developments in ASW (i.e. sound wave attenuation, convergence zones, etc) and translating them into layman-ese. However, it is important to note that they do not present technology as the solution for ASW dominance, but rather as a never-ending balance between offensive and defensive technologies. As ASW forces developed new technical capabilities such as depth charges, radar, and sonar, submarines countered with technologies such as snorkels, longer-range torpedoes and air-independent and nuclear propulsion. In the end, technology provided necessary tactical capabilities for an effective ASW campaign, but by itself was not sufficient to practice effective ASW.

Additionally, the authors explores the role of intelligence and cryptology in ASW, a vital factor in historical ASW campaigns. Allied cryptology efforts, known as ULTRA during WWII, were vital to cueing ASW forces and helping convoys avoid known U-boat patrol areas, while HF/DF capabilities deployed on escort ships gave ASW forces more tactical-level cueing. Polmar and Whitman describe a similar cueing role for U.S. undersea surveillance assets during the Cuban Missile Crisis. However, it was not just intelligence and cryptology capabilities by themselves that gave ASW forces an advantage, but the fusion of intelligence capabilities into operational forces. By devising employment schemes to utilize intelligence and cryptology windfalls in the short time window that they were relevant, the Allies gained critical advantages in the ASW fight.

Underlying all of these factors and capabilities is the awareness that ASW is a team sport. Integrating ASW platforms from multiple services, intelligence/cryptology sources, and new technical capabilities into an effective campaign required new organizations and employment concepts. The most well known ASW concept, one that was initially resisted during both World Wars, was the convoy system. While convoys probably had the biggest impact in reducing the effectiveness of enemy submarines, German submarines were able to at least partially adapt to it with their own “wolfpack” concept.  Other operational concepts that proved crucial to effective ASW included the development of hunter-killer groups (including escort carriers) to reinforce the convoys and the creation of dedicated ASW organizations (such as the WWII U.S. Tenth Fleet).

USS Providence (SSN-719) snorkeling at her berth in Groton, CT before having honors rendered by the Sloop Providence. (Source)

Although these volumes are a history of ASW and do not explicitly present policy recommendations, there are some lessons from Polmar and Whitman’s work that seem increasingly relevant today. First, reliance on a breakthrough technology to turn the oceans “transparent” is a risky proposition, as the Royal Navy discovered during World War II when their planned reliance on ASDIC (or active SONAR) for ASW proved not nearly as effective as hoped. Additionally, numbers matter, and effective ASW requires a force structure we lack today – namely small surface combatants and escorts (admittedly the LCS is small, but in this reviewer’s opinion it lacks range, combat capability, and is not designed as an escort). Lastly, ASW requires organizational integration in a way that has not been stressed in recent years. While the U.S. Navy (and close allies) have maintained ASW organizations and periodically exercised those capabilities since the end of the Cold War, convoys were last utilized during Operation EARNEST WILL in the Persian Gulf while the last ASW convoys appear to have been during World War II. It is not clear if we have truly exercised convoy tactics (much less having the merchant shipping in the current era to string together a convoy system) or have war-gamed a theater level war against dozens of commerce raiding submarines.

Overall, Polmar and Whitman’s two volumes are an amazingly comprehensive history of Anti-Submarine Warfare. This reviewer’s only complaint is that the analysis largely ends with the end of the Cold War. While the intensity of ASW operations declined at this time and more recent issues are admittedly difficult to research due to classification issues, there are a number of public ASW incidents that would have been worthy of including, from the 2007 incident where a Chinese submarine surfaced inside a U.S. carrier battle group to the 2009 deployment of a Russian Akula SSN in the Western Atlantic. These recent incidents, as well as changes in technology and command structures, would better complete their description of ASW. Despite that one critique, this is a very readable and informative set of books and one that should be required reading for every naval officer serving with surface combatants, submarines, maritime patrol aircraft, and undersea surveillance organizations.

Joe Petrucelli is a former submarine officer and current Naval Reserve officer. He is a PhD student at George Mason University and a Student Fellow at the school’s Center for Security Policy Studies. His opinions are his own and do not reflect the positions of the Department of Defense or his employer.

Featured Image: An allied ship is seen sinking through the periscope of a German U-Boat in WWII. 

Cyber War

Standing Up the NIWDC with CAPT John Watkins

1 Comment

By Sally Deboer

CIMSEC was recently joined by Captain John Watkins, the first commanding officer of  the Naval Information Warfighting Development Center (NIWDC). Read on to learn about this new command’s role in shaping the U.S. Navy’s information warfighting skills and capabilities.

SD: We are joined by CAPT John Watkins, the first commanding officer of the newly opened Naval Information Warfighting Development Center. It is truly an honor to have you here. Before we begin, can you share a bit about yourself and your background?

JW: Thanks first and foremost for having me, it’s an honor for me as well. I came into the Navy in 1992 as a Surface Warfare Officer and completed various tours in engineering. I did that for roughly five years and really enjoyed it, but subsequent to those tours I attended the Naval Postgraduate School in Monterey, California where I achieved a Master’s degree in IT Management during which time I laterally transferred into the space and electronic warfare community. A few years transpired and that community was subsumed into the information professional community that we know of today, which comes with the 1820 designator.

Since being an IP, I’ve had multiple operational and staff tours, to include XO of USS Coronado, serving as N6 and Information Warfare Command on Expeditionary and Carrier Strike Group Staffs, and as the N6 on a Numbered Fleet staff. Staff tours have included time on the OPNAV and SURFACE FORCES staffs. I’ve been very fortunate and blessed to have had multiple command tours including NAVCOMTELSTA San Diego, Navy Information Operations Command Texas, and now just recently, my assignment here at the Naval Information Warfighting Development Center.  

SD: Let’s kick off by introducing our readers to your new command. Initial operating capability for the NIWDC was declared on 27 March 2017. Could you please explain the role of this warfighting development center, and specifically the mission of the NIWDC within the information domain?

JW: Like the other warfighting development centers (WDC), we are all focused on four primary lines of operation. First, we’re concerned with enhancing advanced level training. As you can imagine, in terms of NIWDC, that entails all of our information-related capabilities. The advanced level training for our units and forces in the fleet occurs at the latter stages of the optimized fleet response plan (OFRP). We’re heavily invested in that along with our fellow WDCs.

The second line of operation is the development of doctrine that allows us to achieve that advanced level of proficiency – doctrine including tactics, techniques, and procedures (TTPs), standard operating procedures (SOPs), higher level Concepts of Operation (CONOPS), or as necessary, revisions to Naval Warfare publications.

The third line of operation is to cultivate and develop a subject matter expertise known throughout all the WDCs as a ‘warfare tactics instructor’ or WTIs. Other WDCs have WTIs in place today, for example, the model that has been around longest is the Naval Aviation WDC, “Top Gun,” associated with advanced tactics for jet fighting, air-to-air combat, etc. What we want to do here at NIWDC is to build out our own WTI pipeline, which I think of as the “Information Warfare Jedi Knights” of the future; we’ll have quite a few WTI pipelines, as we have a broad spectrum of capabilities.

Last but not least, we’ll have an organic assessments capability built into the command which allows us to, in an OODA loop fashion, assess our advanced level training capabilities, our TTPs and SSPs, and our doctrine as we bake it into our training pipeline and processes, ensuring it is delivering optimal IW warfighting effects. Those are the four lines of operation that were promulgated to the WDCs, directed by the Chief of Naval Operations, in 2014.

SD: The traditional warfare Type Commanders (Air, Surface, Undersea) have established their own warfare development centers, as you mentioned. Given that IW is a critical enabler of other warfare areas, how do you envision the NIWDC interacting with the other warfare development centers? What key IW concepts and understandings should be incorporated by other communities?

JW: That’s a fantastic question. NIWDC just achieved IOC designation in late March, and the good news is that while we are the last WDC to be stood up, we already have IW community professionals, both enlisted and officer, arrayed across the other WDCs today, totaling about 150 people, who are working Information Warfare expertise into Naval warfighting. Even as we’re building up to this capability, our folks that have been embedded throughout the other WDCs have done a remarkable job laying the groundwork and foundation for us to come to fruition as the NIWDC. This is significant because the information-related capabilities that we bring to bear are so ingrained in all the other mission warfare areas of the Navy that we have to be interlinked with the other WDCs and visa-versa.

As we build up our capabilities here, we’d like to see the reciprocal detailing back and forth – where ideally we’ll have Surface Warfare Officers, Submariners, Aviators, etc., embedded and billeted to the NIWDC. That’s the future, and it’s absolutely imperative that we get to that point – to have that common back and forth day in and day out as we’re contemplating modern day warfare – it’s essential for us to understand the other warfare areas, their requirements, how our systems are interdependent, and how we have to operate in real time to optimize our overarching warfare capabilities.

SD: You recently stated, “a key objective of the NIWDC is to provide hard-hitting, fleet-relevant information warfighting effects…” Can you outline what some of those effects might be and what specific mission areas within Information Warfare (IW) they support? 

JW: I think the best way I can answer that question is to describe how we’re building out the command here today. We’ve established a headquarters staff that will manage seven core Mission Area Directorates, or what we refer to as “MADs.”

Those Mission Area Directorates include an Assured command-and-control and CyberSpace Operations MAD, a Space Operations MAD, a Meteorology MAD, an Intelligence MAD, a Cryptology MAD, an Electronic Warfare MAD, and an Information Operations MAD. Laying that all out, we can generate information warfare effects from any of those Mission Areas—but when combined, it becomes extremely optimal. It’s the traditional ‘sum of the parts’ principle.

As we develop our organization here, another big effort we’re putting into play in the larger Navy is the Information Warfare Commander construct, which is an organization led by a fully board-screened senior Information Warfare Community Captain (O-6). I’ll describe the construct at the tactical level for now because I think it will be the best way to articulate where we’re headed in employing our model. On a Carrier Strike Group (CSG) staff, for example, we have the Information Warfare Commander (IWC)—again, that board-screened IW Community Captain, who is providing leadership and oversight on core IW mission areas run by the N2 Intelligence Officer, the N39 Cryptologic Officer, the N6 Communications officer, and to the extent where we can get it into play, the Meteorological officer, who at the end of the day, all work for this O-6 IWC. The entire IWC organization works for the Carrier Strike Commander similar to a Destroyer Squadron or Carrier Air Group Commander.  

Where the synergistic effect really comes in is in information operations planning. If you think across typical phased wartime planning scenarios, the folks that are sitting down at the table in the IWC organization bringing their skills and attributes to the team while enabling holistic planning across all phases of warfare, achieve tremendous synergy and total awareness of the  interdependencies and linkages across their mission areas. This powerful effect cannot be overemphasized. Planning in individual stovepipes, i.e. within traditional N Head silos like the N2, the N39, N6 or Meteorology, is counterproductive in today’s modern warfare continuum. It’s essential that planning along these lines factors in and accounts for the coordination and integration of needs and requirements of our fellow Composite Warfare Commanders. When done correctly, we give our collective Navy team every advantage possible to win when we need to. Suffice it to say, I’m very excited about where we’re headed and how we’re going to make our phenomenal Naval warfighting prowess even better!

SD: There seems to be growing agreement that in future conflict, naval forces will not enjoy undisputed access to the electromagnetic spectrum. How will naval information warfare capabilities enable distributed operations when the spectrum required for C4ISR is being, denied, degraded, disrupted and subject to deception operations?

JW: That’s another great question that we are constantly focused on. We all acknowledge the fact that in modern warfare scenarios, the likelihood that we will have denied or degraded communications is a given. Frankly, it’s almost no longer an assumption—it’s reality. Simply put, we need to be able to retain organic capabilities as much as possible wherever we are, so that if we lose the link back to the beach, we can still function and fight.

To that end, we’ve got to be able to train, operate, and be proficient in fighting in those types of scenarios. We’re all about getting at that advanced level of necessary training here at the NIWDC.

SD: How do you propose addressing the acquisition and fielding of new information technology (cyber/EW/IW) and developing TTPs under the current DOD acquisition system?

JW: Acquisition is an evolving process, and I think acquisition reform surfaces quite frequently anytime we talk about the dynamics of advancing IT. The rate of advancement in technology is astounding, and the acquisition process needs to be agile enough to keep pace. To that end, we’ve looked for creative and innovative ways within our acquisition process to accelerate and expedite systems that facilitate IW warfighting effects and we need to continue doing so. NIWDC participates in many experimentation and innovation venues that help facilitate that speed-to-fleet dynamic and we’re excited to be a partner in those efforts.    

To your question about the TTPs and SOPs – when we introduce new tech to the fleet, it is important that we have TTPs and SOPs built into them from day one. We’ve got to be able to deliver a product that comes with robust training behind it so that when it’s delivered to the fleet, our sailors can put it into immediate effect. The TTPs and SOPs that accompany that capability need to be solid enough out of the gate so that we achieve immediate success from day one of fielding.  

On top of that, what I want to achieve at the NIWDC is the ability to refine and tweak TTPs and SOPs at a high rate – what I call the “wash, rinse, repeat” approach. There’s no reason we can’t take those TTPs and SOPs, have sailors put them into effect, provide their feedback to us if they’re not quite right and suggest course corrections, then update those on a continuous, OODA-loop basis until we have delivered optimal doctrine.

SD: Our adversaries approach the information space (IW/EW/cyber) holistically, blending electronic and information warfare with cyberspace operations, psychological operations, deception – and conduct these operations across all elements of national power (diplomatic, economic, legal, military, information). What steps are you taking to ensure the Navy is developing information warfare strategies, operational concepts, and TTPs that cut across all elements of national power?

JW: I’ll give you an example – that’s the best way I can answer this question – it’s a great question, but one you could spend an hour answering. Earlier in our discussion, we talked about the IWC construct. I’m a firm believer that if we get that instituted correctly and make it a robust organization with the goal of delivering those optimal IW effects that it will serve as the bedrock going forward across the Navy enterprise. We’ll look to institute that construct, as applicable, by using that optimized model at the tactical level and building out from there to implement at the operational and strategic levels.

Back to the point about our adversaries – when they’re exploiting all this goodness and delivering their effects, they are planning across the DOTMPLF (doctrine, organization, training, materiel, leadership and education, personnel and facilities) spectrum. We must do the same thing with our IWC Construct. At the NIWDC, in partnership with IFOR, this is one of our tasks – to perform this DOTMPLF analysis that will codify the IWC construct. We’ve been tasked by Fleet Forces Command and PACFLT to do just that – this will be one of our top objectives in the first years here at the NIWDC – to ensure we’re setting ourselves up for success for decades to come.

SD: Last but not least – if our listeners are new to information warfare, can you suggest any resources or reading materials that could help the less tech-inclined among us become more familiar with the domain and more ready to address its unique challenges?

JW: There are so many great reference materials, but perhaps the quickest way to answer that is to recommend your readers and listeners go to our command website and InfoDOMAIN, or our Navy News Web page or Facebook page. We have a lot of good products posted there – that would be a great start. We have some items posted there that are specific to the NIWDC, so if your readers want more information or a summary, they can find it there as well.

SD: Thank you so much for your time today, CAPT Watkins. It’s truly been an honor speaking with you, and we thank you for taking time out of your busy schedule to help educate us on your new command and the role of IW in the Navy and DoD going forward. We hope you’ll join us again sometime. 

Captain John Watkins is a native of California, where he went on to graduate from the NROTC program at the University of San Diego obtaining his commission in 1991. He joined the Naval Information Warfighting Development Center as the commanding officer in March of 2017.

Sally DeBoer is an Associate Editor with CIMSEC, and previously served as CIMSEC’s president from 2016-2017. 

Featured Image: Chief Fire Controlman Daniel Glatz, from Green Bay, Wisconsin, stands watch in the combat information center aboard the Arleigh Burke-class guided-missile destroyer USS John S. McCain (DDG 56). (Alonzo M. Archer/U.S. Navy)

Current Operations

Contested Seas: Maritime Security in Libya

Leave a comment

By James Pothecary

Introduction

On 20 February, the Bahamas-flagged car carrier Morning Compass was seized by militants purporting to represent the Libyan Navy. The ship, which was carrying around 5,000 cars to South Korea, was interdicted by a heavily armed skiff and forced to divert to Misrata port, which is located on the western tip of the Gulf of Sirte. The following day the ship was released and resumed its planned course.

The skiff belonged to fighters loyal to the Tobruk-based administration, an unrecognized government that operates in Libya’s east and which has de facto control over broad swathes of the country. The internationally recognized, United Nations-backed unity government, situated in the capital Tripoli, has its own naval force. Therefore, the Tobruk-based vessel had no authority to detain Morning Compass under international law.

This is the latest in a series of incidents between foreign vessels and armed Libyan craft belonging to both the unity government and non-state armed groups (NSAGs). On 17 August 2016, Libyan naval assets loyal to the unity government attacked the Luxembourg-flagged Bourbon Argos, which had been chartered by the international aid organization, Médecins Sans Frontières (MSF), to assist refugee rescue efforts in the Mediterranean. The incident occurred in international waters, outside Libya’s territorial claims, and involved Libyan naval forces opening fire on the Bourbon Argos. Accounts vary, with the Libyan Navy claiming the shots were fired in warning, while MSF says that naval forces fired at the bridge.

With refugees and economic migrants using Libya as a springboard to cross the Mediterranean to Europe, there are also suspicions that the Tripoli government is implicated in human trafficking. A 13 December 2016 report by the U.N. Support Mission in Libya reported claims that Libyan Coast Guard forces were participating in migrant smuggling networks, rather than attempting to curtail refugee flows to European shores.

While the report did not detail specific incidents, the lack of regulatory oversight, as well as documented examples of sexual abuse, extortion, and similar activities by Libyan coastguard and naval personnel, means Allan & Associates (A2) assesses these claims as credible.

These two incidents are risk-negative indicators of the security environment in the Mediterranean. The Mediterranean links eastern and western markets via the Suez Canal and the Red Sea, North Africa to Europe, and south-western Russia to the rest of the world via the Black Sea. The sea has 22 littoral states, ranging from countries with little to no functional maritime trade, such as Syria, to major trading nations, such as France and Italy. The World Shipping Council’s latest statistics, from 2013, show the Asia-Mediterranean route shipping 6.7 million TEU, and the North Europe-Mediterranean-South America route 1.68 million TEU. Short sea shipping from Spain and Italy alone, according to a 2015 report from the E.U. statistics office, amounted to GWT468.8 million. Therefore, the significance of the Mediterranean to maritime shipping cannot be overstated.

Security Risks

A2 assesses that there is a credible threat of armed vessels, either operating under the auspices of the Libyan military or as NSAGs, interdicting civilian vessels within 50km of the Libyan coastline. This poses a major risk to shipping. Unlike pirate activity elsewhere, such as off the Yemeni coast, it is likely that NSAGs will purport to belong to the Libyan government, either in Tripoli or Tobruk. This complicates any attempt at deploying countermeasures, as it could be unclear whether interdicting vessels are genuine naval or coast guard assets.

In particular, aid organizations using ships to support rescue efforts in the Mediterranean, such as MSF, are at risk of a kinetic incident. This is because such vessels are more likely to be regarded by Libyan armed maritime fighters as interfering in their country’s sovereign affairs. Furthermore, aid ships are constantly present in and around Libyan territorial waters, making it more likely they will be detected by hostile armed maritime forces. Although the 17 August attack against an MSF vessel did not result in casualties, further incidents could have fatal consequences.

The risk is heightened by the lack of professionalism of Libyan maritime forces. Although international actors, including the E.U., are providing some levels of training, this is primarily focused on basic seamanship skills and military capability. Libyan military personnel, therefore, are more likely to overreact when interdicting shipping, and will likely lack the ability to carry out lawful searches without escalation.

Insecure ports

As at sea, so in port. Ports outside of the capital Tripoli have little to no functional governance, and multiple criminal, tribal and political armed groups operate in these areas. Such groups have unilaterally seized several merchant ships. For example, in February 2017, the Turkish-flagged oil tanker Hacı Telli was seized by armed militants in the north-western city of Zuwarah. The militia claimed that the vessel’s owner owed around USD $4,000 to a local company. Eleven crew members are currently being detained on the ship more than a year later.

The Libyan coast and the Gulf of Sirte. (NASA)

Moreover, there is a risk that ships entering ports outside the control of the unity government will be engaged by Libyan military forces. On 5 January 2015, a Libyan fighter aircraft launched an airstrike on the Liberian-flagged oil tanker Araevo, killing two crewmen. The ship, which was carrying crude oil, had been warned by military units not to attempt to enter Derna port, which was under the control of the Tobruk administration. Logistics operators should regularly update bridge officers on which faction controls intended ports of call, and masters should have discretionary authority to alter travel plans, should they believe there is a kinetic risk from Libyan military forces.

These incidents demonstrate that both the Libyan government and NSAGs pose a direct kinetic security risk to shipping calling at Libyan ports, and A2 stresses that maritime operators should carefully consider the feasibility of docking at ports in-country until the security situation markedly improves.

This includes oil terminal installations such as Ras Lanuf and Zuwetina, which are located on the Gulf of Sirte and are beginning to ramp up oil exportation operations. There is ongoing fighting in these areas, and control over the ports is fluid and liable to change with little to no warning.  

Regulatory Attention

Libyan ports are designated by the U.S. Coast Guard as lacking anti-terrorism measures, under the International Port Security Program. Merchant shipping which has previously called at Libyan ports will, therefore, be subjected to increased attention from the U.S. Coast Guard and port authorities.

This will likely include delayed travel times due to additional security checks being conducted on said vessels. A2 notes that merchant vessels can minimize disruption when visiting U.S. ports if masters enact heightened security procedures when in Libyan ports. These measures should include minimizing time spent in port, the deployment of guards at ship entry points, and briefing all hands to observe personal security procedures when ashore.

Ships calling at European ports could also face increased attention from national security forces, due to the poor security environment in Libyan and other North African ports. Masters can minimize the risk of being targeted for inspection by naval or coast guard units by ensuring location transmission devices are kept on at all times, avoiding diverting from pre-established routes and not using flags of convenience.

Supply Chain Integrity

The lawlessness of Libyan ports also poses a secondary risk: illicit cargo will infiltrate legitimate supply routes. Logistics operators should take steps to implement strict chain-of-custody and supply chain integrity rules and procedures for all cargo loaded in Libyan or other North African ports, to mitigate the risk of illicit shipments infiltrating commercial shipping.

Bridge officers should be trained on how to detect suspicious cargo, and all hands should be regularly briefed on their responsibilities under corporate ethics policies and the law. Operators should not rely entirely on customs authorities for supply chain integrity, as it is practically impossible to comprehensively search all ships, and the effectiveness of customs regimes differs markedly between countries.

Search & Rescue

There is an ongoing migrant crisis in the Mediterranean Sea, as refugees from the Middle East and Africa seek to flee by ship to Europe. Libya and other North African countries are a primary staging ground before refugees attempt maritime crossings. The quality of the vessels used is extremely poor, and sinkings are common. Often, this leads to considerable loss of life. Article 98 of the 1982 United Nations Convention on the Law of the Sea obligates masters to render all assistance to individuals ‘in danger of being lost’ at sea. Diversions in the Mediterranean to assist rescue operations could delay scheduled freight shipments. However, A2 reminds maritime operators of their legal obligations in such circumstances.

Forecast

A2 assesses that the security environment around the Libyan coast will continue to decline as multiple NSAGs as well as the Libyan Navy skirmish for maritime supremacy. In particular, as oil exportation resumes in the Gulf of Sirte, maritime forces will attempt to gain control of the surrounding ports and waters, due to their increasing strategic importance.

Further kinetic incidents against civilian shipping are likely within the one-year outlook, and masters should continue to regard Libyan territorial waters as a high-risk environment until the security situation stabilizes. This will be contingent on a political agreement being reached by the various factions, an achievement which currently seems a remote possibility.

James Pothecary is a Political Risk Analyst specializing in the Middle East with Allan & Associates, an international security consultancy which provides a range of protective services including political and security risk assessments, security policy design and crisis management response.

Featured Image: Smoke rises from the oil tanker Anwar Afriqya after a Libyan warplane attacked the tanker in Sirte, Libya, Sunday. (Reuters0