Category Archives: Capability Analysis

Analyzing Specific Naval and Maritime Platforms

Capability Analysis, Cyber War

A Cyber Vulnerability Assessment of the U.S. Navy in the 21st Century

Leave a comment

By Travis Howard and José de Arimatéia da Cruz

Introduction

The United States Navy is a vast, worldwide organization with unique missions and challenges, with information security (and information warfare at large) a key priority within the Chief of Naval Operations’ strategic design. With over 320,000 active duty personnel, 274 ships with over 20 percent of them deployed across the world at any one time, the Navy’s ability to securely communicate across the globe to its forces is crucial to its mission. In this age of rapid technological growth and the ever expanding internet of things, information security is a primary consideration in the minds of senior leadership of every global organization. The Navy is no different, and success or failure impacts far more than a stock price.

Indeed, an entire sub-community of professional officers and enlisted personnel are dedicated to this domain of information warfare. The great warrior-philosopher Sun Tzu said “one who knows the enemy and knows himself will not be endangered in a hundred engagements.” The Navy must understand the enemy, but also understand its own limitations and vulnerabilities, and develop suitable strategies to combat them. Thankfully, strategy and policy are core competencies of military leadership, and although information warfare may be replete with new technology, it conceptually remains warfare and thus can be understood, adapted, and exploited by the military mind.

This paper presents a high-level, unclassified overview of threats and vulnerabilities surrounding the U.S. Navy’s network systems and operations in cyberspace. Several threats are identified to include nation states, non-state actors, and insider threats. Additionally, vulnerabilities are presented such as outdated network infrastructure, unique networking challenges present aboard ships at sea, and inadequate operating practices. Technical security measures that the Navy uses to thwart these threats and mitigate these vulnerabilities are also presented. Current U.S. Navy information security policies are analyzed, and a potential security strategy is presented that better protects the fleet from the before-mentioned cyber threats, mitigates vulnerabilities, and aligns with current federal government mandates.

Navy Network Threats and Vulnerabilities

There are several cyber threats that the Navy continues to face when conducting information operations in cyberspace. Attacks against DoD networks are relentless, with 30 million known malicious intrusions occurring on DoD networks over a ten-month period in 2015. Of principal importance to the U.S. intelligence apparatus are nation states that conduct espionage against U.S. interests. In cyberspace, the Navy contests with rival nations such as Russia, China, Iran, and North Korea, and all are developing their own information warfare capabilities and information dominance strategies. These nations, still in various stages of competency in the information warfare domain, continue to show interest in exploiting the Navy’s networks to conduct espionage operations, either by stealing information and technical data on fleet operations or preventing the Navy from taking advantage of information capabilities.

Non-state actors also threaten naval networks. Organized activist groups known collectively as “hacktivists,” with no centralized command and control structure and dubious, fickle motivations, present a threat to naval cyberspace operations if their goals are properly aligned. In 2012, Navy officials discovered hacktivists from the group “Team Digi7al” had infiltrated the Navy’s Smart Web Move website, extracting personal data from almost 220,000 service members, and has been accused of more than two dozen additional attacks on government systems from 2012 to 2013. The hactivist group boasted of their exploits over social media, citing political reasons but also indicated they did it for recreation as well. Individual hackers, criminal organizations, and terrorist groups are also non-state threat actors, seeking to probe naval networks for vulnerabilities that can be exploited to their own ends. All of these threats, state or non-state actors, follow what the Department of Defense (DoD) calls the “cyber kill chain,” depicted in figure 1. Once objectives are defined, the attacker follows the general framework from discovery to probing, penetrating then escalating user privileges, expanding their attack, persisting through defenses, finally executing their exploit to achieve their objective.

Figure 1. Navy depiction of the “cyber kill chain

One of the Navy’s most closely-watched threat sources is the insider threat. Liang and Biros, researchers at Oklahoma State University, define this threat as “an insider’s action that puts an organization or its resources at risk.” This is a broad definition but adequately captures the scope, as an insider could be either malicious (unlikely but possible, with recent examples) or unintentional (more likely and often overlooked).

The previously-mentioned Team Digi7al hactivist group’s leader was discovered to be a U.S. Navy enlisted Sailor, Petty Officer Nicholas Knight, a system administrator within the reactor department aboard USS HARRY S TRUMAN (CVN 75). Knight used his inside knowledge of Navy and government systems to his group’s benefit, and was apprehended in 2013 by the Navy Criminal Investigative Service and later sentenced to 24 months in prison and a dishonorable discharge from Naval service.

Presidential Executive Order 13587, signed in 2011 to improve federal classified network security, further defines an insider threat as “a person with authorized access who uses that access to harm national security.”  Malevolence aside, the insider threat is particularly perilous because these actors, by virtue of their position within the organization, have already bypassed many of the technical controls and cyber defenses that are designed to defeat external threats. These insiders can cause irreparable harm to national security and the Navy’s interests in cyberspace. This has been demonstrated by the Walker-Whitworth espionage case in the 1980s, Private Manning in the latter 2000s, or the very recent Edward Snowden/NSA disclosure incidents.

The Navy’s vulnerabilities, both inherent to its nature and as a result of its technological advances, are likewise troubling. In his 2016 strategic design, Chief of Naval Operations Admiral John M. Richardson stated that “the forces at play in the maritime system, the force of the information system, and the force of technology entering the environment – and the interplay between them have profound implications for the United States Navy.” Without going into classified details or technical errata, the Navy’s efforts to secure its networks are continuously hampered by a number of factors which allow these threats a broad attack surface from which to choose.

As the previous Chief of Naval Operations (CNO), Admiral Jon Greenert describes in 2012, Navy platforms depend on networked systems for command and control: “Practically all major systems on ships, aircraft, submarines, and unmanned vehicles are ‘networked’ to some degree.” The continual reliance on position, navigation, and timing (PNT) systems, such as the spoofing and jamming-vulnerable Global Positioning System (GPS) satellite constellation for navigation and precision weapons, is likewise a technical vulnerability. An internet search on this subject reveals multiple scholarly and journalist works on these vulnerabilities, and more than a few describe how to exploit them for very little financial investment, making them potentially cheap attack vectors.

Even the Navy’s vast size and scope of its networks present a vulnerability to its interests in cyberspace. As of 2006, the Navy and Marine Corps Intranet (NMCI), a Government Owned-Contractor Operated (GOCO) network that connects Navy and Marine Corps CONUS shore commands under a centralized architecture, is “the world’s largest, most secure private network serving more than 500,000 sailors and marines globally.” That number has likely grown in the 10 years since that statistic was published, and even though the name has been changed to the Navy’s Next Generation Network (NGEN), it is still the same large beast it was before, and remains one of the single largest network architectures operating worldwide. Such a network provides an enticing target.

Technical Security Measures and Controls

The Navy employs the full litany of technical cybersecurity controls across the naval network enterprise, afloat and ashore. Technical controls include host level protection through the use of McAfee’s Host Based Security System (HBSS), designed specifically for the Navy to provide technical controls at the host (workstation and server) level. Network controls include network firewalls, intrusion detection and prevention systems (IDS/IPS), security information and event management, continuous monitoring, boundary protection, and defense-in-depth functional implementation architecture. Anti-virus protection is enabled on all host systems through McAfee Anti-Virus, built into HBSS, and Symantec Anti-Virus for servers. Additionally, the Navy employs a robust vulnerability scanning and remediation program, requiring all Navy units to conduct a “scan-patch-scan” rhythm on a monthly basis, although many units conduct these scans weekly.

The Navy’s engineering organization for developing and implementing cybersecurity technical controls to combat the cyber kill chain in figure 1 is the Space and Naval Warfare Systems Command (SPAWAR), currently led by Rear Admiral David Lewis, and earlier this year SPAWAR released eight technical standards that define how the Navy will implement technical solutions such as firewalls, demilitarized zones (DMZs), and vulnerability scanners. RADM Lewis noted that 38 standards will eventually be developed by 2018, containing almost 1,000 different technical controls that must be implemented across the enterprise.

Of significance in this new technical control scheme is that no single control has priority over the others. All defensive measures work in tandem to defeat the adversary’s cyber kill chain, preventing them from moving “to the right” without the Navy’s ability to detect, localize, contain, and counter-attack. RADM Lewis notes that “the key is defining interfaces between systems and collections of systems called enclaves,” while also using “open architecture” systems moving forward to ensure all components speak the same language and can communicate throughout the enterprise.

The importance of open systems architecture (OSA) as a way to build a defendable network the size of the Navy’s cannot be understated. The DoD and the Navy, in particular, have mandated use of open systems specifications since 1994; systems that “employ modular design, use widely supported and consensus-based standards for their key interfaces, and have been subjected to successful validation and verification tests to ensure the openness of their key interfaces.” By using OSA as a means to build networked systems, the Navy can layer defensive capabilities on top of them and integrate existing cybersecurity controls more seamlessly. Proprietary systems, by comparison, lack such flexibility thereby making integration into existing architecture more difficult.

Technical controls for combating the insider threat become more difficult, often revolving around identity management software and access control measures. Liang and Biros note two organizational factors to influencing insider threats: security policy and organizational culture. Employment of the policy must be clearly and easily understood by the workforce, and the policy must be enforced (more importantly, the workforce must fully understand through example that the policies are enforced). Organizational culture centers around the acceptance of the policy throughout the workforce, management’s support of the policy, and security awareness by all personnel. Liang and Biros also note that access control and monitoring are two must-have technical security controls, and as previously discussed, the Navy clearly has both yet the insider threat remains a primary concern. Clearly, more must be done at the organizational level to combat this threat, rather than just technical implementation of access controls and activity monitoring systems.

Information Security Policy Needed to Address Threats and Vulnerabilities

The U.S. Navy has had an information security policy in place for many years, and the latest revision is outlined in Secretary of the Navy Instruction (SECNAVINST) 5510.36, signed June 2006. This instruction is severely out of date and does not keep pace with current technology or best practices; Apple released the first iPhone in 2007, kicking off the smart phone phenomenon that would reach the hands of 68% of all U.S. adults as of 2015, with 45% also owning tablets. Moreover, the policy has a number of inconsistencies and fallacies that can be avoided, such as a requirement that each individual Navy unit establish its own information security policy, which creates unnecessary administrative burden on commands that may not have the time nor expertise to do so. Additionally, the policy includes a number of outdated security controls under older programs such as the DoD Information Assurance Certification and Accreditation Process (DIACAP), which has since transitioned to the National Institute for Standards and Technology (NIST) Risk Management Framework (RMF).

Beginning in 2012, the DoD began transitioning away from DIACAP towards the NIST RMF, making full use of NIST Special Publications (SPs) for policy development and implementation of security controls. The NIST RMF as it applies to DoD, and thus the Navy, is illustrated in figure 2. The process involves using NIST standards (identified in various SPs) to first categorize systems, select appropriate security controls, implement the controls, assess their effectiveness, authorize systems to operate, then monitor their use for process improvement.

Figure 2. NIST Risk Management Framework

This policy is appropriate for military systems, and the Navy in particular, as it allows for a number of advantages for policymakers, warfighters, system owners, and developers alike. It standardizes cybersecurity language and controls across the federal government for DoD and Navy policymakers, and increases rapid implementation of security solutions to accommodate the fluidity of warfighting needs. Additionally, it drives more consistent standards and optimized workflow for risk management which benefits system developers and those responsible for implementation, such as SPAWAR.

Efforts are already underway to implement these policy measures in the Navy, spearheaded by SPAWAR as the Navy’s information technology engineering authority. The Navy also launched a new policy initiative to ensure its afloat units are being fitted with appropriate security controls, known as “CYBERSAFE.” This program will ensure the implementation of NIST security controls will be safe for use aboard ships, and will overall “focus on ship safety, ship combat systems, networked combat and logistics systems” similar to the Navy’s acclaimed SUBSAFE program for submarine systems but with some notable IT-specific differences. CYBERSAFE will categorize systems into three levels of protection, each requiring a different level of cybersecurity controls commensurate with how critical the system is to the Navy’s combat or maritime safety systems, with Grade A (mission critical) requiring the most tightly-controlled component acquisition plan and continuous evaluation throughout the systems’ service life.

Implementation of the NIST RMF and associated security policies is the right choice for the Navy, but it must accelerate its implementation to combat the ever-evolving threat. While the process is already well underway, at great cost and effort to system commands like SPAWAR, these controls cannot be delayed. Implementing the RMF across the Navy enterprise will reduce risk, increase security controls, and put its implementation in the right technical hands rather than a haphazard implementation of an outdated security policy that has, thus far, proven inadequate to meet the threats and reduce vulnerabilities inherent with operating such a large networked enterprise. With the adoption of these new NIST policies also comes a new strategy for combating foes in cyberspace, and the Navy has answered that in a few key strategy publications outlined in the next section.

Potential Security Strategy for Combating Threats and Minimizing Vulnerabilities

It is important to note that the Navy, like the other armed services of the DoD, was “originally founded to project U.S. interests into non-governed common spaces, and both have established organizations to deal with cybersecurity.” The Navy’s cyber policy and strategy arm is U.S. Fleet Cyber Command (FLTCYBERCOM, or FCC), co-located with the DoD’s unified cyber commander, U.S. Cyber Command (USCYBERCOM, or USCC). Additionally, its operational cyber arm, responsible for offensive and defensive operations in cyberspace, is U.S. 10th Fleet (C10F), which is also co-located with U.S. Fleet Cyber and shares the same commander, currently Vice Admiral Michael Gilday.

Prior to VADM Gilday’s assumption of command as FCC/C10F, a strategy document was published by the Chief of Naval Operations in 2013 known as Navy Cyber Power 2020, which outlines the Navy’s new strategy for cyberspace operations and combating the threats and vulnerabilities it faces in the information age. The strategic overview is illustrated in figure 3, and attempts to align Navy systems and cybersecurity efforts with four main focus areas: integrated operations, optimized cyber workforce, technology innovation, and acquisition reform. In short, the Navy intends to integrate its offensive and defensive operations with other agencies and federal departments to create a unity of effort (evident by its location at Ft. Meade, MD, along with the National Security Agency and USCC), better recruit and train its cyber workforce, rapidly provide new technological solutions to the fleet, and reform the acquisition process to be more streamlined for information technology and allow faster development of security systems.

Figure 3. Threats and Motivations, Strategic Focus of Navy Cybersecurity 

Alexander Vacca, in his recent published research into military culture as it applies to cybersecurity, noted that the Navy is heavily influenced by sea combat strategies theorized by Alfred Thayer Mahan, one of the great naval strategists of the 19th century. Indeed, the Navy continually turns to Mahan throughout an officer’s career from the junior midshipman at the Naval Academy to the senior officer at the Naval War College. Vacca noted that the Navy prefers Mahan’s “decisive battle” strategic approach, preferring to project power and dominance rather than pursue a passive, defensive strategy. This potentially indicates the Navy’s preference to adopt a strategy “designed to defeat enemy cyber operations” and that “the U.S. Navy will pay more attention to the defeat of specified threats” in cyberspace rather than embracing cyber deterrence wholesale. Former Secretary of the Navy Ray Mabus described the offensive preference for the Navy’s cyberspace operations in early 2015, stating that the Navy was increasing its cyber effects elements in war games and exercises, and developing alternative methods of operating during denial-of-service situations. It is clear, then, that the Navy’s strategy for dealing with its own vulnerabilities is to train to operate without its advanced networked capabilities, should the enemy deny its use. Continuity of operations (COOP) is a major component in any cybersecurity strategy, but for a military operation, COOP becomes essential to remaining flexible in the chaos of warfare.

A recent  article describing a recent training conference between top industry cybersecurity experts and DoD officials was critical of the military’s cybersecurity training programs. Chief amongst these criticisms was that the DoD’s training plan and existing policies are too rigid and inflexible to operate in cyberspace, stating that “cyber is all about breaking the rules… if you try to break cyber defense into a series of check-box requirements, you will fail.” The strategic challenge moving forward for the Navy and the DoD as a whole is how to make military cybersecurity policy (historically inflexible and absolute) and training methods more like special forces units: highly trained, specialized, lethal, shadowy, and with greater autonomy within their specialization.

Current training methods within the U.S. Cyber Command’s “Cyber Mission Force” are evolving rapidly, with construction of high-tech cyber warfare training facilities already underway. While not yet nearly as rigorous as special forces-like training (and certainly not focused on the physical fitness aspect of it), the training strategy is clearly moving in a direction that will develop a highly-specialized joint information warfare workforce. Naegele’s article concludes with a resounding thought: “The heart of cyber warfare…is offensive operations. These are essential military skills…which need to be developed and nurtured in order to ensure a sound cyber defense.

Conclusions

This paper outlined several threats against the U.S. Navy’s networked enterprise, to include nation state cyber-rivals like China, Russia, Iran, and North Korea, and non-state actors such as hactivists, individual hackers, terrorists, and criminal organizations. The insider threat is of particular concern due to this threat’s ability to circumvent established security measures, and requires organizational and cultural influences to counter it, as well as technical access controls and monitoring. Additionally, the Navy has inherent vulnerabilities in the PNT technology used in navigation and weapon systems throughout the fleet, as well as the vast scope of the ashore network known as NMCI, or NGEN.

The Navy implements a litany of cybersecurity technical controls to counter these threats, including firewalls, DMZs, and vulnerability scanning. One of the Navy’s primary anti-access and detection controls is host-based security through McAfee’s HBSS suite, anti-virus scanning, and use of open systems architecture to create additions to its network infrastructure. The Navy, and DoD as a whole, is adopting the NIST Risk Management Framework as its information security policy model, implementing almost 1000 controls adopted from NIST Special Publication 800-53, and employing the RMF process across the entire enterprise. The Navy’s four-pronged strategy for combating threats in cyberspace and reducing its vulnerability footprint involves partnering with other agencies and organizations, revamping its training programs, bringing new technological solutions to the fleet, and reforming its acquisition process. However, great challenges remain in evolving its training regimen and military culture to enable an agile and cyber-lethal warfighter to meet the growing threats.

In the end, the Navy and the entire U.S. military apparatus is designed for warfare and offensive operations. In this way, the military has a tactical advantage over many of its adversaries, as the U.S. military is the best trained and resourced force the world has ever known. General Carl von Clausewitz, in his great anthology on warfare, stated as much in chapter 3 of book 5 of On War (1984), describing relative strength through admission that “the principle of bringing the maximum possible strength to the decisive engagement must therefore rank higher than it did in the past.” The Navy must continue to exploit this strength, using its resources smartly by enacting smart risk management policies, a flexible strategy for combating cyber threats while reducing vulnerabilities, and training its workforce to be the best in the world.

Lieutenant Howard is an information warfare officer/information professional assigned to the staff of the Chief of Naval Operations in Washington D.C. He was previously the Director of Information Systems and Chief Information Security Officer on a WASP-class amphibious assault ship in San Diego.

Dr. da Cruz is a Professor of International Relations and Comparative Politics at Armstrong State University, Savannah, Georgia and Adjunct Research Professor at the U.S. Army War College, Carlisle, Pennsylvania.

The views expressed here are solely those of the authors and do not necessarily reflect those of the Department of the Navy, Department of the Army, Department of Defense or the United States Government.

Featured Image: At sea aboard USS San Jacinto (CG 56) Mar. 5, 2003 — Fire Controlman Joshua L. Tillman along with three other Fire Controlmen, man the shipÕs launch control watch station in the Combat Information Center (CIC) aboard the guided missile cruiser during a Tomahawk Land Attack Missile (TLAM) training exercise. (RELEASED)

Capability Analysis

The Final Frontier – The Future of Defending Space as a Global Commons (Pt. 2)

Leave a comment

By Tuan N. Pham

Part 1 of this two-part series outlined a conceptual framework for characterizing the dynamics that contribute to instability and stability in the space domain. It made the case that instability arises when there is a real or perceived lack of order and security with the worst possible outcome being the “Thucydides Trap” – a rising power opposes a dominant power leading to a great power competition for space preeminence. On the flip side, it also made the case that stability arises when there is a real or perceived sense of order and security with the best possible outcome being the universal acceptance that “space is big enough for everyone and it is in everyone’s best interest to keep it free for exploration and use by all.” With this backdrop, Part 2 will focus on the ways and means the United States can employ to reduce instability and reinforce stability in the space domain while maintaining space preeminence into the 21st century.          

U.S. Space Stability Challenges

Preeminence Puzzle. As the guarantor of the global economy and provider of security, stability, and leadership because of its powerful military and vast network of allies and partners, the United States delivers global public goods that others cannot. A case in point is the current volatility of the South China Sea. Without the stabilizing presence of the U.S. Navy operating on the high seas there, Chinese assertiveness and unilateralism could destabilize the region, damaging both regional and global commerce and possibly leading to an unwanted conflict. Thus, there is a strong need going forward for a comparable guarantor of the freedom of space (a net provider of space security) to ensure the free flow of space commerce, a leadership role that calls out to the United States, supported by allies and partners, to fill.

Just as maritime preeminence is necessary to guarantee the freedom of the seas, so too is space preeminence needed to guarantee the freedom of space. By committing to space preeminence, America will better protect its critical strengths in space; enhance its space deterrence posture by being able to impose larger costs, deny greater benefits, and encourage more restraint; prolong its terrestrial preeminence; and reverse the growing perception of American decline.

Decline is a deliberate choice, not an inevitable reality. Having complementary policies and strategies in contested domains fosters unity of effort, optimizes resource allocation, sends a strong deterrent message to potential adversaries, and reassures allies and partners. To do otherwise invites strategic misalignment and miscommunication and encourages potential competitors to further advance their counter-balancing efforts. Put simply, if the United States does not preserve its current strategic advantages in space, a rising power like China may gradually eclipse America as the preeminent power in space which will have cascading strategic ramifications on earth.

This greater role will demand more analysis and planning to address the anticipated challenges of domestic fiscal constraints; emerging and resurgent space powers; potentially destabilizing space competition; escalation control; and establishing and maintaining partnerships for collective space security through risk sharing and burden sharing – similar to the challenges now facing the U.S. rebalance to the Indo-Asia-Pacific. The puzzle for American policymakers is whether it may be more cost-effective to invest now and maintain the current strategic advantage in space or pay more later to make up for diminished space capabilities and capacities while accepting greater strategic risk in the interim.

Workers prepare the TacSat-2 micro satellite for thermal vacuum testing at the Space Vehicles Directorate. (Air Force photo) 

Domain Dilemma. America fundamentally has two space deterrent and response options – (1) threaten to respond in the same domain; (2) threaten cross-domain retaliation to underwrite the deterrence of attacks on U.S. space capabilities. The former represents a vertical escalation if the response is disproportionate to the attack, and possibly “some” horizontal escalation depending on the target sets. This could result in large amounts of space debris and the resetting of international norms of behavior by legitimizing space attacks. The latter option represents a vertical escalation if the response is “perceived” as disproportionate to the attack, and horizontal escalation respective to the other domains. Nonetheless, the scope, nature, and degree of action must ultimately strike the delicate balance between the need to demonstrate the willingness to escalate and the imperative to not provoke further escalation in order to maintain space stability. The dilemma for the United States is where, when, and how best to deter; and if deterrence fails, where, when, and how best to respond.  

Reliance/Resilience Riddle. Enhancing and securing space-enabled information services (SEIS) is now essential to U.S. national security, a daunting task considering that space has become more and more “congested, contested, and competitive” and less permissive for the United States. Therefore, the current strategic guidance – 2010 National Space Policy (NSP), 2011 National Security Space Strategy (NSSS), and 2012 DoD Space Policy (DSP) – directs the U.S. government to reduce the nation’s disproportionate reliance on space capabilities and the vulnerability of its high-value space assets through partnerships and resiliency, respectively. The riddle for America is how best to manage the dichotomy between reliance and vulnerability through resilience.

Offensive Counter-Space (OCS) Conundrum. Space warfare is intrinsically offense-inclined due to the uncertainty, vulnerability, predictability, and fragility of space assets; and ever-increasing OCS capabilities to deceive, disrupt, deny, degrade, or destroy space systems. The latter can be destabilizing (warfighting capability) or stabilizing (deterrence) depending on one’s perspective. Hence, the conundrum for the United States is not whether or not to possess OCS capabilities – but how best to use them to deter and retaliate if deterrence fails; what type, how much, and to what extent should they be publicly disclosed; and how to leverage the existing international legal framework and accepted norms of behavior to manage them without constraining or hindering one’s own freedom of action.

Moreover, OCS capabilities continue to grow in number and sophistication driven by the “offense-offense” and “defense-offense” competition spirals influencing military space policies in Washington, Beijing, Moscow, and elsewhere. OCS developments to defeat defensive counter-space (DCS) measures drive further OCS developments for fear of falling behind in offensive capabilities and encouraging a first strike by an adversary, while DCS developments to mitigate OCS measures further drive OCS developments to remain viable as deterrent and offensive tools.     

Refining Military Space Capability  

Develop Cross-Domain Deterrence Options. Deterrence across the interconnected domains may offer the best opportunity to deter attacks on U.S. space capabilities, and if deterrence fails, retaliate across domains to deter further attacks. Prudence then suggests the need for some level of active planning prior to the onset of increased tensions and hostilities. American policymakers and defense planners should have on hand a broad set of potential cross-domain responses to the threats of space attack or the space attack itself. The responses should be organized by the levels of force application, provocation, and risk; dynamic enough to accommodate the ever-changing strategic, operational, and tactical conditions; and part of a larger menu of policy options to better manage tensions and escalation during pre-hostilities and identify off-ramps during hostilities. On balance, the decision on whether or not, when, and how to implement these responses should be viewed through the lens of cost and risk imposition, proportionality, strategic policy coherence, and desired outcome.        

Continue to Increase Resiliency. Strengthening the resiliency of the U.S. national security space architecture may offset the offensive inclination of space warfare by lessening the vulnerability and fragility of space assets, assuring retaliatory capabilities, and denying benefits of OCS operations.

Building up space protection capabilities will decrease the vulnerability and fragility of high-value space assets by presenting more targets (disaggregated space operations, micro-satellites), hiding targets (signature reduction), maneuvering targets (dynamic orbital profiles for unpredictability and threat avoidance), hardening targets (strengthened space assets and networks against kinetic and non-kinetic attacks), and complicating targets (hosted payloads on commercial, civil, and allied or partnered nations satellites).

Mission assurance can be sustained by responsive launch capabilities (launch-on-demand services for rapid reconstitution of degraded or lost space capabilities), Operationally Responsive Space (ORS) program (mass production of microsatellites in a short period of time), and “sleeper” orbiting satellites (standby spares that will activate when needed).

Launch of Chinese military communications satellite (Xinhua)

Mission continuity in a degraded, disrupted, or denied space environment can be ensured by the following measures: developing standard operating procedures for continuity of operations; hosting some SEIS in commercial, civil, and allied or partnered space systems as part of a surge in space capability and as a measure of redundancy; building and sustaining alternative terrestrial-based systems to reduce SEIS reliance – chip-scale combinatorial atomic navigator for precision, navigation, and timing services; high-altitude long-endurance unmanned aerial systems for persistent ISR; and fiber-optic cabling and terrestrial radio and microwave communications devices for secured C2.  

Continue to Invest in OCS Capabilities. The heart of the matter remains what type of OCS capabilities (reversible, irreversible, or both) and how much. Regarding the latter, some argue none or limited quantities are required while others call for robust OCS capabilities. Whatever the right answer may be, it is difficult to see how one can deter or retaliate if deterrence fails without “some” OCS capabilities, especially considering that potential competitors like China and Russia are actively developing their own OCS capabilities to challenge U.S. space preeminence, and by extension, terrestrial preeminence.

Strengthening Space Governance

Since the elimination of OCS capabilities is unlikely, attention and effort should be placed on managing them instead. The extant international legal framework and accepted norms of behavior offer some ways and means to reduce OCS capabilities to a manageable level, restrict their proliferation, and establish constraints and restraints on their employment. The space powers should review the existing international agreements and legal principles, and determine what additional conventions or provisions are needed. Goals can be to set acceptable limits of OCS capabilities; renounce the first-use of OCS; establish confidence-building measures; and limit the possession of OCS capabilities to select space powers and out of the hands of “pariah” states (North Korea and Iran) and undesirable non-state actors (terrorist, criminal, and business groups).  

Space powers should also review and update current treaties and legal principles to govern the changing strategic, operational, and tactical landscapes, particularly those overseeing activities in space, registration of space objects, and space sovereignty. States should negotiate new treaties to manage emerging space challenges like space debris, RF interference, and other space threats. Finally, parties must develop new capabilities and protocols for verifying treaty compliance and enforcement.               

The international community should seek to empower the United Nations (UN) governance of space and space activities, particularly in the areas of regulation, arbitration, and collaboration. The UN should consider further defining and codifying the rights and responsibilities of nation-states with respect to their activities in space through a UN Convention on the Law of Space (similar to the UN Convention on the Law of the Sea); establishing the International Space Authority (similar to the International Seabed Authority) for the regulation of space-based resources; and forming the International Tribunal for the Law of Space (similar to the International Tribunal for the Law of the Sea) for arbitration of space-related disputes. Transform the UN Office for Outer Space Affairs into an empowered World Space Council to promote international collaboration in space, manage emerging space challenges, and act as a forum for global contingency planning and preparedness for potential space threats.

Expand Partnerships. The 2010 NSP, 2011 NSSS, and 2012 DSP call for building enduring partnerships with other space-faring nations, civil space organizations, and commercial space entities to share benefits, costs, and risks; strengthen extant alliances through increased cooperation across the various space sectors; spread SEIS reliance to others; and provide greater space deterrence and stability through collective defense. That being said, partnerships also carry with them risks and concerns. Risks include the unpredictability of horizontal escalation (attack on U.S. space assets with hosted payloads involves other parties) and greater potential damages and unintended consequences (more interdependent players and things that can go wrong). Concerns center around autonomy (transparency, response, and responsiveness constrained by other parties), operational security (information sharing, technology transfer, and increased risk of insider threat), legality (intellectual property rights, loss compensation, and sovereignty), and the interoperability of disparate space systems (varying levels of sophistication amongst partners). All things considered, the benefits outweigh the risks, and concerns are manageable in varying degrees.

Partners should build on extant bilateral/multilateral partnerships to complement and supplement U.S. space capabilities. They must leverage emerging opportunities like the Memorandum of Understanding between the United States, Canada, United Kingdom, and Australia for joint space operations and Japan’s plans to develop a military space force by 2019. These partnerships may vary in nature, scope, and extent depending on the strategic and operational imperatives, costs, risks, and domestic legal constraints; and could involve capacity building, information sharing, technology transfer, interoperability, integration, and joint operations.   

Partners should promote international collaboration and foster shared reliance on space-enabled capabilities in the fields of scientific exploration (International Space Station, interplanetary probes, and manned space flights), commercial ventures (launch vehicles, micro-satellites, space tourism, and space mining), global positioning system or GPS interoperability (United States, Russia, European Union, and China), shared space situational awareness or SSA (Space Fence and Geosynchronous SSA Program), space-based observations (climate change, weather, and humanitarian assistance/disaster relief), space debris, and asteroid defense.

Conclusion

At the end of the day, space stability occurs when there is universal acceptance that “space is big enough for everyone and it is in everyone’s best interest to keep it free for exploration and use by all.” Moving forward, there is a common interest in safeguarding the collective need for guaranteed freedom of space under the imperative for all space-faring nations to support an international framework that encourages cooperation and manages competition in the space domain.  

Tuan N. Pham is widely published in national security affairs. The views expressed are his own and do not reflect the official policy or position of the U.S. Government

Featured Image: Launch of Russian military satellite (Russian Ministry of Defense)

Capability Analysis

Don’t Give Up on the Littoral Combat Ship

Leave a comment

By LT Kaitlin Smith

The Littoral Combat Ship (LCS) program has been subjected to heavy scrutiny, and much of it is justified. What is getting lost in the discourse is the real capability that LCS provides to the fleet. From my perspective as an active duty service member who may be stationed on an LCS in the future, I’m more interested in exploring how we can employ LCS to utilize its strengths, even as we seek to improve them. Regardless of the program’s setbacks, LCS is in the Fleet today, getting underway, and deploying overseas. Under the operational concept of distributed lethality, LCS both fills a void and serves as an asset to a distributed and lethal surface force in terms of capacity and capability.

Capacity, Flexibility, Lethality

The original Concept of Operations written by Naval Warfare Development Command in February 2003 described LCS as a forward-deployed, theater-based component of a distributed force that can execute missions in anti-submarine warfare, surface warfare, and mine warfare in the littorals. This concept still reflects the Navy’s needs today. We urgently need small surface combatants to replace the aging Avenger-class mine countermeasure ships and Cyclone-class patrol craft, as well as the decommissioned Oliver Hazard Perry-class frigates. Capacity matters, and “sometimes, capacity is a capability” in its own right. We need gray hulls to fulfill the missions of the old frigates, minesweepers and patrol craft, and until a plan is introduced for the next small surface combatant, LCS will fill these widening gaps.

LCS was also envisioned as a platform for “mobility” related missions like support for Special Operations Forces, maritime interception operations, force protection, humanitarian assistance, logistics, medical support, and non-combatant evacuation operations. Assigning these missions to LCS frees up multimission destroyers and cruisers for high-end combat operations. We’ve already seen how LCS can support fleet objectives during the deployments of USS FREEDOM (LCS 1) and USS FORT WORTH (LCS 3). Both ships supported theater security operations and international partnerships with Pacific nations through participation in the Cooperation Afloat Readiness and Training (CARAT) exercise series. USS FREEDOM conducted humanitarian and disaster response operations following the typhoon in the Philippines, and USS FORT WORTH conducted search and rescue operations for AirAsia flight QZ8501. The forward deployment of the ships to Singapore allowed for rapid response to real-world events, while allowing large surface combatants in the region to remain on station for their own tasking. With an 11-meter rigid hull inflatable boat onboard, LCS is well-suited to conduct visit, board, search, and seizure missions in Southeast Asia to combat piracy and protect sea lanes.

The presence of more ships on station doesn’t just allow us to fulfill more mission objectives; capacity also enables us to execute distributed lethality for offensive sea control. One of the goals of distributed lethality is to distribute offensive capability geographically. When there are physically more targets to worry about, that complicates an enemy’s ability to target our force. It also allows us to hold the enemy’s assets at risk from more attack angles.

The other goals of distributed lethality are to increase offensive lethality and enhance defensive capability. The Fleet can make the LCS a greater offensive threat by adding an over-the-horizon missile that can use targeting data transmitted to the ship from other combatants or unmanned systems. In terms of defensive capability, LCS wasn’t designed to stand and fight through a protracted battle. Instead, the Navy can increase the survivability of LCS by reducing its vulnerability through enhancements to its electronic warfare suite and countermeasure systems.

LCS may not be as survivable as a guided missile destroyer in terms of its ability to take a missile hit and keep fighting, but it has more defensive capability than the platforms it is designed to replace. With a maximum speed of over 40 knots, LCS is more maneuverable than the mine countermeasure ships (max speed 14 kts), patrol craft (max speed 35 kts), and the frigates (30 kts) it is replacing in the fleet, as well as more protective firepower with the installation of Rolling Airframe Missile for surface-to-air point defense. Until a plan has been established for future surface combatants, we need to continue building LCS as “the original warfighting role envisioned for the LCS remains both valid and vital.

New Possibilities

LCS already has the capability to serve as a launch platform for MH-60R helicopters and MQ-8B FireScout drones to add air assets to the fight for antisubmarine warfare and surface warfare operations. LCS even exceeds the capability of some DDGs in this regard, since the original LCS design was modified to accommodate a permanent air detachment and Flight I DDGs can only launch and recover air assets.

USS Freedom (Lockheed Martin photo)

We have a few more years to wait before the rest of the undersea warfare capabilities of LCS will be operational, but the potential for surface ship antisubmarine warfare is substantial. A sonar suite comprised of a multifunction towed array and variable depth sonar will greatly expand the ability of the surface force to strategically employ sensors in a way that exploits the acoustic environment of the undersea domain. LCS ships with the surface module installed will soon have the capability to launch Longbow Hellfire surface-to-surface missiles. The mine warfare module, when complete, will provide LCS with full spectrum mine warfare capabilities so that they can replace the Avenger class MCMs, which are approaching the end of their service life. Through LCS, we will be adding a depth to our surface ship antisubmarine warfare capability, adding offensive surface weapons to enable sea control, and enhancing our minehunting and minesweeping suite. In 2019, construction will begin on the modified-LCS frigates, which will have even more robust changes to the original LCS design to make the platform more lethal and survivable.

The light weight and small size of LCS also has tactical application in specific geographic regions that limit the presence of foreign warships by tonnage. Where Arleigh Burke-class destroyers weigh 8,230 to 9,700 tons, the variants of LCS weigh in from 3,200 to 3,450 tons. This gives us a lot more flexibility to project power in areas like the Black Sea, where aggregate tonnage for warships from foreign countries is limited to 30,000 tons. True to its name, LCS can operate much more easily in the littorals with a draft of about 14-15 feet, compared to roughly 31 feet for DDGs. These characteristics will also aid LCS’s performance in the Arabian Gulf and in the Pacific.

Of course, any LCS critic might say that all this capability and potential can only be realized if the ships’ engineering plants are sound. My objective here is not to deny the engineering issues—they get plenty of press attention on their own—but to highlight why we’ll lose more as a Navy in cutting the program than by taking action to resolve program issues. It’s worth mentioning that the spotlight on LCS is particularly bright. LCS is not the only ship class that experiences engineering casualties, but LCS casualties are much more heavily reported in the news than casualties that occur on more established ship classes.

Conclusion

LCS was designed as one part of a dispersed, netted, and operationally agile fleet,” and that’s exactly what we need in the fleet today to build operational distributed lethality to enable sea control. Certainly, we need to address the current engineering concerns with LCS in order to project these capabilities. To fully realize the potential of the LCS program, Congress must continue to fund LCS, and Navy leaders must continue to support the program with appropriate manning, training and equipment.

LT Nicole Uchida contributed to this article. 

LT Kaitlin Smith is a Surface Warfare Officer stationed on the OPNAV Staff. The opinions and views expressed in this post are hers alone and are presented in her personal capacity. They do not necessarily represent the views of the Navy or the Department of Defense.

Featured Image: PEARL HARBOR (July 12, 2016) – The littoral combat ship USS Coronado (LCS 4) transits the waters of Pearl Harbor during RIMPAC 2016. (U.S. Navy photo by MC2 Ryan J. Batchelder/Released)

Asia-Pacific, Capability Analysis

The PRC’s New Garrisons in the South China Sea: A U.S. Perspective

Leave a comment

The following article originally featured on Defense & Foreign Affairs Special Analysis on November 30, 2016 and is republished with permission. 

By Paul S. Giarra

Some international observers minimize the importance of military facilities and operational capabilities on the People’s Republic of China’s various claimed features, rocks, and islands in the South China Sea. They should reconsider.

Each location in isolation is not that potent. However, in the aggregate, this island base network poses a more resilient capability (geographically dispersed cluster bases) which, at the very least, would require a significant effort to neutralize, detracting significantly from other priority missions.

PRC military aircraft and missile batteries spreading throughout the South China Sea serve a number of important functions, all to the disadvantage of the United States and its allies and those who have a stake in freedom of the seas, the rule of law, and their own territorial claims.

First, they fortify the PRC’s maritime approaches.

Second, they militarize the PRC’s political claims, making it much more difficult to challenge them legally.

Third, they make it operationally much more difficult and risky to dislodge the PRC from these positions.

Fourth, these individual military capabilities are part of a larger fixed and mobile PRC military network, not only throughout the South China Sea, but on the Chinese mainland.

Fifth, the PRC now has four large People’s Liberation Army (PLA) airfields in the South China Sea, and these extend dramatically the operational range of PLA land-based aircraft, which can recover on these fields, refuel, and swap crews in shuttle missions which change the military equation considerably.

Sixth, these maritime facilities push out the limits of the PLA’s maritime footprint. This helps the PRC achieve a goal of establishing maritime control throughout the first island chain by magnifying the PLA’s anti-access (A2) and area-denial (AD) capabilities and bringing a considerably larger portion of the PRC’s maritime approaches under PLA firing arcs. Planners will have to take into account future deployments of DF-21D and DF-26 anti-ship ballistic missiles, for instance, and the likelihood of an extension of PRC seabed acoustic sensors like the U.S. SOSUS system, tracing the contours of China’s Nine Dash Line territorial claims.

What happens when advanced systems are deployed to these island outposts?

As one example, it was only a matter of time before Russia announced the transfer of the S-400 Triumf (NATO reporting name: SA-21 Growler) advanced air defense system to the PRC, following on the earlier transfer of the less-capable but still potent S-300. Given its extremely long range and effective electronic warfare capabilities, the S-400 is a game-changing system which challenges current military capabilities at the operational level of war.

Depending upon where in the PRC it is deployed, and which variant is transferred, its very long range would extend over Taiwan and the Senkaku (Daioyutai/Daioyu) islands. If Russia provides the S-400 with the longest range — 250 miles — in essence this would have the effect of turning a defensive system into an offensive system, and extend the PRC’s A2/AD umbrella over the territory of other regional states and the high seas.

Effective air defense systems like the S-400 are consequential because of the cost equation involved. Surface-to-air missile systems are much less expensive than the manned (and unmanned) aircraft they are designed to target or deter. The very long range of the S-400 multiplies the advantage. Without effective countermeasures, aircraft would be held away from China’s coasts, giving teeth, for instance, to the PRC’s assertion that surveillance missions in the PRC’s EEZ are not allowed.

Modern air forces expect to have to fool, suppress, pick their way through, or go around good integrated air defense systems, and countermeasures and tactics for doing so are well developed. In a move-countermove air warfare competition, the Russian transfer of the S-400 to the PRC would make doing so much more difficult (although not impossible).

Of course, one must wonder what the Russians are thinking in their defense technology relationship with PRC as all of this unfolds. Moscow is clearly aware that, while the PRC is expanding to seaward to challenge East Asia’s maritime and littoral states, Beijing’s list of revanchist claims must have motivated PLA leaders to consider plans for northward expansion as well.

Seventh, as Beijing consolidates political, economic, and military control over the South China Sea, one obvious purpose in mind will be to establish secure bastions there for the new Chinese SSBN force. Doing so would be consistent with what we saw the Soviets do when pressed by U.S. and allied ASW forces as envisioned by U.S. Chief of Naval Operations (1978-82) Adm. Thomas Hayward’s Maritime Strategy, subsequently made famous by U.S. Secretary of the Navy (1981-87) John Lehman.

Unfortunately, these aggressive PRC developments illustrate the old maxim that an ounce of prevention is better than a pound of cure. While the PRC’s construction on its collection of artificial islands must consist of dual-use infrastructure at this point, the military purpose behind the PRC’s new South China Sea bases is transparent. It would have been much easier to prevent the building of these facilities than it will be to dislodge them. The U.S. and the Allies learned this lesson, to Japan’s disadvantage, at Guadalcanal during World War II, where Japan and the United States fought desperately for six months to prevent Japan from building an airfield and dominating the lines of communication from the United States to Australia and New Zealand.

The PRC’s island building also reminds how unforeseen developments can have dramatic cascading consequences. At Guadalcanal, before the almost casual Japanese decision to build an airstrip at the location of what became immortalized as Henderson Field, the two sides had no specific intention to fight in the region, or to lose almost 50 ships in the ensuing naval battles. Japan’s Adm. Isoroku Yamamoto focused the Imperial Japanese Navy on Guadalcanal (previously an Imperial Army operation), because that was where the U.S. fleet and Marines were. Building airstrips and importing missile batteries has that sort of galvanizing effect, and in the case of Guadalcanal it preserved the Coral Sea strategy — keeping open the sea lanes between Australia and the United States — which remains a key pillar of U.S. and Australian national security strategy to this day.

What the PRC has been doing on Mischief Reef, Subi Reef, and Fiery Cross Reef, it can do on various other claimed features and rocks in the South China Sea. In fact, Beijing is doing what the United States and its allies — in a strategically logical world — should also be doing: expanding operational perimeters; distributing significant firepower along operational peripheries; and combining the psychological and legal elements of modern warfare in an integrated campaign.

Paul Giarra, a former U.S. naval aviator and strategic planner, is the President of Global Strategies & Transformation, a Washington, DC, area strategic planning consultancy. He has an extensive background as a national security analyst on Japan, China, East Asia, and NATO futures.

Featured Image: Cuarteron Reef, November 15, 2014 (CSIS Asia Maritime Transparency Initiative)