Category Archives: Cyber War

Threats, risks, and players in the cyber realm.

Asia-Pacific, Cyber War

A Cyber-Information Operations Offset Strategy for Countering the Surge of Chinese Power

1 Comment

The following is a two-part series on how the U.S. might better utilize cyberspace and information operations as a Third Offset. Part I will evaluate current offset proposals and explores the strategic context. Part II will provide specific cyber/IO operations and lines of effort.

By Jake Bebber 

“It is better by noble boldness to run the risk of being subject to half of the evils we anticipate than to remain in cowardly listlessness for fear of what might happen.”

-Herodotus, The Histories

Introduction

In 2014, then Secretary of Defense Hagel established the Defense Innovation Initiative, better known as the Third Offset, which is charged with recommending ways to sustain American military superiority in the face of growing capabilities fielded by powers such as Russia and China.[i] The purpose of the Third Offset is to “pursue innovative ways to sustain and advance our military superiority” and to “find new and creative ways to sustain, and in some cases expand, our advantages even as we deal with more limited resources.” He pointed to recent historical challenges posed by the Soviets in the 1970’s which led to the development of “networked precision strike, stealth and surveillance for conventional forces.” Centrally-controlled, inefficient Soviet industries could not match the U.S. technological advantage, and their efforts to do so weakened the Soviet economy, contributing to its collapse.

Today, China represents the most significant long-term threat to America and will be the focus here. A number of leading organizations, both within and outside government, have put forward recommendations for a Third Offset. However, these strategies have sought to maintain or widen perceived U.S. advantages in military capabilities rather than target China’s critical vulnerabilities. More importantly, these strategies are predicated on merely affecting China’s decision calculus on whether to use force to achieve its strategic aims – i.e., centered around avoiding war between the U.S. and China. This misunderstands China’s approach and strategy. China seeks to win without fighting, so the real danger is not that America will find itself in a war with China, but that America will find itself the loser without a shot being fired. This paper proposes a Cyberspace-IO Offset strategy directly attacking China’s critical vulnerability: its domestic information control system. By challenging and ultimately holding at risk China’s information control infrastructure, the U.S. can effectively offset China’s advantages and preserve America’s status as the regional security guarantor in Asia.

All effective strategies target the adversary’s center of gravity (COG), or basis of power. “Offset strategies” are those options that are especially efficient because they target an adversary’s critical vulnerabilities, while building on U.S. strengths, to “offset” the opponent’s advantages. Ideally, such strategies are difficult for an adversary to counter because they are constrained by their political system and economy. Today, China’s COG is the Chinese Communist Party (CCP). The stability of this system depends greatly on the ability of the Chinese regime to control information both within China, and between China and the outside. Without this control, opposition groups, minority groups, and factions within the CCP itself could organize more effectively and would have greater situational awareness for taking action. Thus, information control is potentially a critical Chinese vulnerability. If the United States can target the ability of the Chinese regime to control information, it could gain an efficient means to offset Chinese power. This offset strategy, using cyberspace and other information operations (IO) capabilities, should aim to counter China during the critical window in the next ten to twenty years when Chinese economic and military power will surge, and then subside as demographic, economic and social factors limit its growth.

Targeting the CCP’s ability to control information can be considered a long-term IO campaign with options to operate across the spectrum of conflict: peacetime diplomacy and battlespace preparation; limited conflict; and, if deterrence fails, full-scale military operations. The goal is to ensure that PRC leaders believe that, as conflict escalates, they will increasingly lose their ability to control information within China and from outside, in part because the U.S. would be prepared to use more drastic measures to impede it.

This strategy is most efficient because it serves as an organizing concept for cyber options targeted against China that would otherwise be developed piecemeal. It could serve as a means to prioritize research and development, and better link military planning for cyberspace operations to public diplomacy, strategic communication, and economic policy initiatives. The nature of cyberspace operations makes it difficult to attribute actions back to the United States with certainty, unless we wish it to be known that the U.S. is conducting this activity. Finally, it provides an alternative array of responses that policy makers can use to offset growing Chinese power without immediate direct military confrontation.

Demographic, economic and social factors will combine to create a ceiling on Chinese power, ultimately causing it to enter a period of decline much sooner than it expects.[ii] These factors will stress the Communist Party’s ability to exclude economic, social and political participation of dissenters, and create further reliance by the Party on information control systems.

The Strategic Environment

The United States is a status quo power. It seeks to retain its position of dominance while realizing that relative to other powers, its position may rise or fall given the circumstances. It supports the post-World War II international order – a mix of international legal and liberal economic arrangements that promote free trade and the resolution of disputes through international organizations or diplomatic engagement when possible. The United States recognizes the growth of China, and that it will soon achieve “great power” status, if not already. It is most advantageous to the United States if the “rise” (or more correctly, return to great power status) of China occurs peacefully, and within the already established framework of international rules, norms, and standards.

There are two important considerations. First is the “singularity” of China with respect to its self-understanding and its role in the world. China views the last two centuries – a time when China was weak internally and under influence from foreign powers – as an aberration in the natural world order. Most Chinese consider their several thousand year history as the story of China occupying the center of the world with “a host of lesser states that imbibed Chinese culture and paid tribute to China’s greatness …” This is the natural order of things. In the West, it was common to refer to China as a “rising power,” but again, this misreads China’s history. China was almost always the dominant power in the Asia-Pacific, punctuated by short periods of turmoil. It just so happened that the birth and growth of the United States took place during one of those periods of Chinese weakness.[iii]

The strategic approach of China is markedly different, based on its concept of shi, or the “strategic configuration of power.” The Chinese “way of war” sees little difference in diplomacy, economics and trade, psychological warfare (or in today’s understanding, “information warfare”) and violent military confrontation. To paraphrase the well-known saying, the acme of strategy is to preserve and protect the vital interests of the state without having to resort to direct conflict while still achieving your strategic purpose. The goal is to build up such a dominant political and psychological position that the outcome becomes a foregone conclusion. This is in contrast to Western thought which emphasizes superior power at a decisive point.[iv]

To the American leadership, the “most dangerous” outcome of a competition with China would seem to be one that leads to war; hence the near-desperate desire to not undertake any action which might lead China down that path. Yet a better understanding of China suggests that it believes it can (and is) achieving its strategic purpose without having to resort to force. Its military buildup, use of economic trade agreements, diplomacy, and domestic social stability are creating the very political and psychological conditions where the use of force becomes unnecessary. China is quite content to remain in “Phase 0” with the United States, because it  believes it is winning there. Thus, the question for America is not “How do we maintain the status quo in Phase 0?” but “How do we win in Phase 0?” The most dangerous course of action is not war with China, but losing to China without a shot being fired.

cyber 2
Figure 1. In 2015, China reorganized the PLA and created a new Cyber Warfare branch under its Strategic Support Force.

Current Offset Proposals

In response to the call for proposals, a number of initiatives and programs have been put forward by both the Department of Defense and leading national security think tanks. The underlying assumption of most of these proposals is that the United States has lost or is quickly losing its “first mover” advantage – such as that offered by the shift from unguided to guided munitions delivered from a position of stealth or sanctuary. In this regard, China represents a “pacing threat,” leading the way in developing its own guided weapons regime and the ability to deliver them asymmetrically against the United States.[v] In order to regain America’s military advantage, most recommendations follow along these lines:

  • Development and procurement of new platforms and technologies that leverage current perceived technological advantages over China in such areas as:
    • Unmanned autonomous systems;
    • Undersea warfare;
    • Extended-range and low-observable air operations;
    • Directed energy; and
    • Improved power systems and storage.
  • New approaches to forward basing, including hardening of infrastructure (both physical and communication networks), the use of denial and deception techniques and active defense;
  • Countering China’s threats to U.S. space-based surveillance and command and control systems;
  • Assisting allies and friends in the development of or exporting of new technologies that impose smaller-scale anti-access and area denial (A2/AD) costs on China; and
  • Reconstitute and reinvigorate Department of Defense “iterative, carefully adjudicated tabletop exercises and model-based campaign assessments.”[vi]

These approaches[vii] may have much to offer and are commendable, however they suffer from a glaring weakness: none target China’s center of gravity or critical vulnerabilities. They seek to leverage capabilities where the United States appears to enjoy an advantage, such as undersea warfare. For example, while it may be true that the People’s Liberation Army-Navy (PLAN) is not as proficient as the U.S. Navy (or some allies) in the undersea domain, it is also true that the Chinese regime is investing heavily to “close the gap” in these and other capabilities or is developing asymmetric alternatives. The United States will face a diminishing marginal utility as it attempts to maintain or widen the gap, especially in an era when China’s cyberspace-enabled information exploitation capabilities are extremely robust, and capable of transferring intellectual property back to China on a scale unimaginable in the Cold War.

More fundamentally, the offsets proposed are not guided by an overarching grand strategy that utilizes all elements of national power attacking key weaknesses and critical vulnerabilities in the Chinese regime, much in the same way that the Reagan Administration was able to do against the Soviets. Reagan’s policy and strategy represented a “sharp break from his predecessors,” eschewing containment in favor of attacking “the domestic sources of Soviet foreign behavior.”[viii] By recognizing the inherent weakness of the Soviet economic system, the new policy sought to leverage national military, political and economic tools to press the American advantage home, causing the Soviet system to collapse. This is not to suggest that the Chinese economic system suffers from the same malaise as their Soviet brethren did. Despite growing demographic, social and economic headwinds, it is unlikely that the United States can “bankrupt” the Chinese. However, China does have acute vulnerabilities – vulnerabilities which align with unique American advantages.

China’s Center of Gravity and Critical Vulnerabilities

None of the proposed previously mentioned offset lines of effort attempt to identify or target China’s COG. The center of gravity is defined by Milan Vego is “a source of massed strength – physical or moral – or a source of leverage whose serious degradation, dislocation, neutralization, or destruction would have the most decisive impact on the enemy’s or one’s own ability to accomplish a given political/military objective.”[ix] Joint military doctrine defines it as “The source of power that provides moral or physical strength, freedom of action, or will to act.”[x] The center of gravity concept is important to offset strategies because it enhances “the chance that one’s sources of power are used in the quickest and most effective way for accomplishing a given political/military objective.” It is the essence of “the proper application of the principles of objective, mass and economy of effort.”[xi]

Using an analytic construct designed by Vego, we note that any military situation encompasses a large number of both “physical and so-called abstract military and nonmilitary elements.” These are the “critical factors” that require attention and are deemed essential to the accomplishment of the objective, both of the adversary and ourselves. Not surprisingly, these factors encompass both critical strengths and critical weaknesses – both of which are essential. Critical vulnerabilities are “those elements of one’s military or nonmilitary sources of power open to enemy attack, control, leverage, or exploitation.” By attacking critical vulnerabilities, we ultimately attack the enemy center of gravity.[xii] The figure below shows notionally how China’s information control systems are a critical vulnerability (note that it is not all-encompassing).

Figure 2. Notional Center of Gravity Analysis[xiii].
Figure 2. Notional Center of Gravity Analysis[xiii].
According to Vego, it is generally agreed that for most authoritarian/totalitarian regimes, the dictator, central governing party or leadership committee is the strategic center of gravity. In the case of China, the CCP is the sole governing political party. The top leadership of the CCP is the Politburo Standing Committee (or Central Standing Committee), currently made up of seven members and led by General Secretary Xi Jinping. A number of factors permit the continued rule of the CCP, including a massive domestic security apparatus and the world’s largest military, a growing standard of living and state control over media and information available to its people. In many ways, the Chinese leadership have already conducted their own vulnerability analysis and concluded that the free flow of information represents the biggest threat to their power – we can see this in both their words and deeds. China spends more on domestic security than on its own military. The last officially reported figures from the PRC in 2013 show the military budget was approximately 740.6 billion yuan ($119 billion) while domestic security received 769.1 billion yuan ($121 billion).[xiv] Beginning in 2014, the PRC stopped reporting on domestic security spending.[xv] In 2015, the PRC announced an 11 percent increase in “public security” spending to 154.2 billion yuan, or $24.6 billion. However, the total amount spent on domestic security remains unreported, and is certainly much higher, since regional and provincial figures are not provided. The reported military spending was 886.9 billion yuan, approximately $139 billion.[xvi] Fourteen separate state ministries are charged with domestic censorship responsibilities, everything from traditional press and broadcast media to text messages on cell phones.[xvii] A form of self-censorship has been institutionalized with Chinese internet companies being required to sign a “Public Pledge on Self-Regulation and Professional Ethics for China Internet Industry.”[xviii] In short, China has already shown what it fears most and where it is most vulnerable – it has performed its own “COG analysis” and has identified information control as a critical requirement to maintain CCP dominance.

cyber 3
Figure 3. In 2015, the U.S. and China met to discuss recent cyberspace issues.

A Cyberspace – IO Strategy

China’s regime identifies the free flow of information as an existential threat, and has erected a massive bureaucratic complex to censor and restrict free access to the nearly 618 million (and growing) Chinese internet uses (and 270 million social network users).[xix] However, the very nature of the Internet as a networked system makes censorship and restricted access difficult to maintain. As has been shown, China’s information control systems represent a critical vulnerability to their center of gravity. China’s network security is managed by a fragmented, disjointed system of “frequently overlapping and conflicting administrative bodies and managing organizations.”[xx]

China’s cyberspace operations and strategy are driven primarily by domestic concerns, with its central imperative being the preservation of Communist Party rule. Domestic security, economic growth and modernization, territorial integrity and the potential use of cyberspace for military operations define China’s understanding. Even its diplomatic and international policies are built around giving China maneuvering room to interpret international norms, rules and standards to serve domestic needs, principally through the primacy of state sovereignty. This creates a natural tension, as China must seek to balance economic growth and globalization with maintaining the Party’s firm grip on power. Not only is Internet usage controlled and censored, but it is also a tool for state propaganda.[xxi]

Chinese authorities use a number of techniques to control the flow of information. All internet traffic from the outside world must pass through one of three large computer centers in Beijing, Shanghai and Guangzhou – the so-called “Great Firewall of China.” Inbound traffic can be intercepted and compared to a regularly updated list of forbidden keywords and websites and the data blocked.[xxii] Common censorship tactics[xxiii] include:

  • Blocking access to specific Internet Protocol (IP) addresses;
  • Domain Name System (DNS) filtering and redirection, preventing the DNS from resolving or returning an incorrect IP address;
  • Uniform Resource Locator (URL) filtering, scanning the targeted website for keywords and blocking the site, regardless of the domain name;
  • Packet filtering, which terminates Transmission Control Protocol (TCP) transmission when a certain number of censored keywords are detected. This is especially useful against search engine requests.
  • “Man-in-the-Middle” attack, allowing a censor to monitor, alter or inject data into a communication channel;
  • TCP connection reset, disrupting the communication data link between two points;
  • Blocking of Virtual Private Network (VPN) connections; and
  • Network Enumeration, which initiates an unsolicited connection to computers (usually in the United States) for the purpose of blocking IP addresses. This is usually targeted against secure network systems or anonymity networks like “Tor.”

cyber 4
Figure 4. Simplified Chinese Firewall Topology[xxiv].
China also heavily regulates and monitors Internet service providers, Internet cafes, and university bulletin board systems. It requires registration of websites and blogs, and has conducted a number of high profile arrests and crackdowns on both dissidents and Internet service providers. This “selective targeting” has created an “undercurrent of fear and promoted self-censorship.” The government employs thousands who monitor and censor Internet activity as well as promote CCP propaganda.[xxv]

China’s information control regime is vulnerable on a number of levels to a coordinated strategy that seeks to hold it at risk. From a technical standpoint, the distributed nature of the internet makes it inherently vulnerable, the “Great Firewall” notwithstanding. The techniques used to filter and block content have a number of workarounds available to the average person. For example, IP addresses that have been blocked may be accessed utilizing a proxy server – an intermediary server that allows the user to bypass computer filters. DNS filtering and redirection can be overcome by modifying the Host file or directly typing in the IP address (64.233.160.99) instead of the domain name (www.google.com). These are simple examples that a novice government censor can easily outwit, but the point remains.

China has long been rightfully accused of being a state-sponsor of cybercrime and theft of intellectual property. One negative consequence of this from China’s perspective is the high level of cybercrime within China “due in large part to rampant use and distribution of pirated technology” which creates vulnerabilities. It is estimated that 54.9 percent of computers in China are infected with viruses, and that 1,367 out of 2,714 government portals examined in 2013 “reported security loopholes.”[xxvi] China’s networks themselves, by virtue of their size and scope, represent a gaping vulnerability.

At the same time, China’s information control bureaucracy is especially unwieldy. This is an ideal target to exploit the seams and gaps both horizontally and vertically in their notoriously byzantine structure. The fourteen agencies that conduct internet monitoring and censorship operations must all compete for resources and the attention of policy makers, leading to organizational conflict and competition. Any strategy should exploit these fissures, complicating China’s ability to control information.

Part 2 will outline several lines of effort the U.S. might pursue to attack China’s critical vulnerabilities in its information control system. It will advance the notion that the full range of American power – overt, covert, diplomatic, economic, information and military – must be coordinated and managed at the national level to wage a successful information operations campaign. Based on America’s past success, the future may be brighter than it first appears. Read Part 2 here.

LT Robert “Jake” Bebber USN is a Cryptologic Warfare Officer assigned to United States Cyber Command. His previous assignments have included serving as an Information Operations officer in Afghanistan, Submarine Direct Support Officer and the Fleet Information Warfare Officer for the U.S. Seventh Fleet. He holds a Ph.D. in Public Policy from the University of Central Florida. His writing has appeared in Proceedings, Parameters, Orbis and elsewhere. He lives in Millersville, Maryland and is supported by his wife, Dana and their two sons, Vincent and Zachary. The views expressed here are his own and do not reflect those of the Department of Defense, Department of the Navy or U.S. Cyber Command. He welcomes your comments at jbebber@gmail.com.

[i] Charles Hagel. “The Defense Innovation Initiative .” Memorandum for Deputy Secretary of Defense. Washington, D.C.: Department of Defense, November 15, 2014.

[ii] Robert Bebber. “Countersurge: A Better Understanding of the Rise of China and the Goals of U.S. Policy in East Asia.” Orbis 59 no. 1 (2015): 49-61.

[iii] Kissinger, Henry. On China. (New York, NY: Penguin Books, 2012).

[iv] David Lai. “Learning from the Stones: A Go Approach to Mastering China’s Strategic Concept, Shi.” U.S. Army War College Strategic Studies Institute. May 1, 2004, accessed Decmeber 26, 2014. http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubID=378

[v] Shawn W. Brimley. “The Third Offset Strategy: Security America’s Military-Technical Advantage.” Testimony Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014.

[vi] David.Ochmanek. “The Role of Maritime and Air Power in the DoD’s Third Offset Strategy.” Testimoney Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014.

[vii] This list is certainly not exhaustive. For a more thorough review of the ones mentioned, see:. Brimley, Shawn W. “The Third Offset Strategy: Security America’s Military-Technical Advantage.” Testimony Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014. Martinage, Robert. “Statement Before the House Armed Services Subcommittee on Seapower and Projection Forces on the Role of Maritime and Air Power in DoD’s Third Offset Strategy.” Testimony Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014. Ochmanek, David. “The Role of Maritime and Air Power in the DoD’s Third Offset Strategy.” Testimoney Before the House Armed Services Committee Subcommittee on Seapower and Projection Forces. Washington, D.C., December 2, 2014.

[viii] Thomas G. Mahnken.”The Reagan Administration’s Strategy Toward the Soviet Union.” In Successful Strategies: Triumphing in War and Peace from Antiquity to the Present, by Williamson Murray and Richard Hart Sinnreich. Cambridge: Cambridge University Press, 2014.

[ix] Milan N. Vego. Joint Operational Warfare – Theory and Practice. (Newport, RI: Government Printing Office, 2007) VII-13-29.

[x] Joint Chiefs of Staff. Joint Publication 5-0: Joint Operational Planning. (Washington, D.C.: Department of Defense, 2011).

[xi] Vego, Joint Operational Warfare – Theory and Practice, VII-15

[xii] Ibid, VII-15.

[xiii] Joint Publication 5.0 defines Critical Capability as “A means that is considered a crucial enabler for a center of gravity to function as such and is essential to the accomplishment of the specified or assumed objective(s);” Critical Requirement as “An essential condition, resource, and means for a critical capability to be fully operational;” and Critical Vulnerability as “An aspect of a critical requirement which is deficient or vulnerable to direct or indirect  attack that will create decisive or significant effects.”

[xiv] Ben Blanchard and John Ruwich. “China Hikes Defense Budget, To Spend More on Internal Security.” Reuters, March 5, 2013, accessed December 23, 2014.http://www.reuters.com/article/2013/03/05/us-china-parliament-defence-idUSBRE92403620130305  

[xv] Michael Martina. “China Withholds Full Domestic Security-Spending Figure.” Reuters, March 4, 2014, accessed September 25, 2015.  http://www.reuters.com/article/2014/03/05/us-china-parliament-security-idUSBREA240B720140305

[xvi] Ting Shi and Keith Zhai. “China To Boost Security Spending as Xi Fights Dissent, Terrorism.” Bloomberg News, March 5, 2015 accessed September 25, 2015. http://www.bloomberg.com/news/articles/2015-03-05/china-to-boost-security-spending-as-xi-fights-dissent-terrorism

[xvii] Michael Wines, Sharon LaFraniere, and Jonathan Ansfield. “China’s Censors Tackle and Trip Over the Internet.” The New York Times, April 7, 2010, accessed December 23, 2014.http://www.nytimes.com/2010/04/08/world/asia/08censor.html

[xviii] Biena Xu. Media Censorship in China. February 2014, accessed December 23, 2014. http://www.cfr.org/china/media-censorship-china/p11515

[xix] Ibid..

[xx] Amy Chang. Warring State: China’s Cybersecurity Strategy. (Washginton, D.C.: Center for a New American Security, 2014) 12.

[xxi] Rebecca MacKinnon. “Flatter World and Thicker Walls? Blogs, Censorship and Civic Discourse in China.” Public Choice 134 (2008): 31-46.

[xxii] Michael Wines, Sharon LaFraniere, and Jonathan Ansfield. “China’s Censors Tackle and Trip Over the Internet.”

[xxiii] Jonathan Zittrain, and Benjamin Edelman. “Empirical Analysis of Internet Filtering in China.” Harvard Law School Berkman Center for Internet and Society. March 20, 2003, accessed December 23, 2014. http://cyber.law.harvard.edu/filtering/china/

[xxiv] Available at: https://news.ycombinator.com/item?id=4931595

[xxv] Thomas Lum, Patricia Moloney Figliona, and Matthew C. Weed. China, Internet Freedom, and U.S. Policy. Report for Congress, (Washington, D.C.: Congressional Research Service, 2013).

[xxvi] Amy Chang. Warring State: China’s Cybersecurity Strategy. 15. 

Cyber War, Future War

21st Century Maritime Operations Under Cyber-Electromagnetic Opposition The Finale

1 Comment

The following article is part of our cross-posting partnership with Information Dissemination’s Jon Solomon.  It is republished here with the author’s permission.  You can read it in its original form here.

Read part one, part two, and part three of the series.

By Jon Solomon

Candidate Principle #6: Technical Degradation is Temporary, Psychological Effects can be Enduring

It must be appreciated that the greatest damage caused by an adversary’s successful cyber-electromagnetic attack may not be in how it degrades a system or network’s performance, opens the door to kinetic attacks against a force, or even tricks commanders into making operationally or tactically-sub-optimal decisions. All of these are generally temporary effects and can be recoverable with flexible plans, resiliency-embracing doctrine, and crafty tactics. Rather, as renowned naval analyst Norman Friedman has hypothesized, it could very well be the shattering of commanders’ and operators’ trust in their systems and networks that is most destructive. If personnel are not conditioned to anticipate their systems’ and networks’ disruption in combat, an attack’s lasting effect may be a morale-corroding fatalism. Likewise, if they are deceived just once by a manipulated situational picture, and even then not necessarily in a majorly harmful way, they may still hesitate to take needed actions in subsequent engagements out of fear of deception even when none is present. Either of these consequences could result in ceding the tactical if not operational initiative. In a short conflict, this might be catastrophic. Doctrinal collapse might also result, which would be especially debilitating if force structure is designed so tightly around a given doctrine that it severely limits options for creating or adapting operating concepts on the fly.[i]

Interestingly, similar effects might conceivably occur even when a system’s or network’s electronic protection and information assurance measures cause a cyber-electromagnetic attack to only achieve a relatively minor degree of immediate ‘damage.’ In fact, near-continuous cyber-electromagnetic harassment in the form of noise jamming, incessant yet readily parried cyber penetration attempts, situational picture-manipulation attacks that the target’s operators can quickly discover and reverse, intermittent system crashes or network connectivity interruptions that are quickly recovered from, or even severe disruptions of non-critical systems and network services may wear a force’s commanders and crews down mentally even if their critical systems and networks remain fully capable. A clever adversary might actually find this psychological degradation more exploitable (and more likely to be available for use at any given time) than technical degradation. Indeed, cyber-electromagnetic warfare’s psychological applications may well be where it finds its greatest utility.

Assessing the Implications

As the Chief of Naval Operations and others have asserted, the cyber and electromagnetic domains have become equally important to the physical domains in waging modern war.[ii] The cyber-electromagnetic fight will extend throughout all phases of major future conflicts, may begin well before open hostilities break out as an adversary attempts to ‘prepare’ the battle space, and accordingly may be particularly pivotal during a war’s opening phase. Indeed, high-impact anti-network operations with major maritime strategic implications date back as far as the opening moments of the First World War. Just as a belligerent might not be able to win a war with naval dominance alone but could easily lose without it, so it will be for cyber-electromagnetic dominance. It follows that a naval force’s ability to operate within a contested maritime zone will be highly questionable if it cannot effectively suppress or exploit the adversary’s force-level networks while simultaneously parrying the adversary’s own cyber-electromagnetic attacks. This will even extend to operations featuring stealth platforms, as such assets have long needed direct EW support to achieve maximal effectiveness.[iv] Should the U.S. Navy under-appreciate a potential adversary’s integration of cyber-electromagnetic warfare within combined arms doctrine, in a future conflict it would risk facing attrition rates on par with what it endured in the Solomon Islands from summer 1942 through summer 1943—something that its contemporary force structure simply could not endure.[v]

Assuming the candidate principles we have outlined are validated, they will influence future maritime warfare in at least five general ways. First, they will confirm leading tactical theorist Wayne Hughes’s hypothesis from over a decade ago that the next major maritime fight will be defined by the belligerents’ struggle for scouting superiority.[vi] This will represent a drastic change from the U.S. Navy’s post-Second World War combat experiences, in which the absence of threats to its sea control allowed it to focus on maximizing the efficiency and persistence of power projection ashore. Regardless of whether a tactical action pits two naval battleforces against each other, or one against a land-based force, the victor will likely be the side that is able to achieve high-confidence classification, identification, and targeting against his opponent’s forces first, thereby enabling effective attack.[vii] Cyber-electromagnetic discipline and capabilities will clearly be central to the success of the scouting/anti-scouting phases of any future operation.

Second, the above signifies that a force will need to extend its effective scouting and anti-scouting reach beyond that of its opponent. This is not achieved solely by covering a given area with more sensors than the opponent, or deploying scouts at greater ranges than the opponent. Rather, as suggested earlier, a sensor network’s effectiveness is equally a function of its architecture. This means the availability of difficult-to-intercept communications pathways and backup communications infrastructure will be just as important as raw coverage volume, lest key sensors be cut off from the network or the situational picture they feed be decisively manipulated. This also means the network must employ multiple sensor types. For surveillance, this translates into multi-phenomenology sensors positioned (or covering areas) as far as possible forward within the battle space, with some using sensing methodologies and platform characteristics that allow them to avoid (or at least delay) counter-detection. For reconnaissance, this requires sensors capable of penetrating the opponent’s force to support the confident confirmation of a given contact’s classification and identity. The U.S. Navy simply cannot afford to waste precious inventories of advanced weapons by falling for deception in a future battle. In this light, the Navy’s proposed Unmanned Carrier Launched Airborne Surveillance and Strike (UCLASS) system could be a critical enabler for effectively employing the proposed Long Range Anti-Ship Missile (LRASM), beyond visual range anti-air missiles, and similar network-enhanced standoff-range maritime weapons. It should not be overlooked that UCLASS, a scouting and attack asset that will be organic to the battleforce, can be designed to support expanded operations on interior lines of networking.

Third, if there is to be a reasonable chance that any degradation will be graceful, cyber-electromagnetic resilience must become a defining attribute of systems’ and networks’ designs. Strong electronic protection and information assurance features are certainly vital, with the latter applying just as much to ‘engineering plant’ systems as to the warfare systems they support. Nevertheless, as no system or network can ever be unexploitable, those central to a force’s tactical capabilities must contain additional design features that allow for quick restoration, graceful degradation, or capability expansion when subjected to withering cyber-electromagnetic attacks. Systems’ avoidance of network-dependency will also help greatly to this end.

Fourth, operations within opposed cyber-electromagnetic environments will demand C2 decentralization, as a higher echelon’s ability to assert direct, secure control over subordinate units under such circumstances will be dubious. Even if possible, this kind of close control will almost certainly be inadvisable if only for force concealment and counter-exploitation considerations. Instead, maritime forces will need to re-embrace ‘command-by-negation’ doctrine, or rather the broad empowerment of lower-level commanders to exercise initiative in accordance with their higher commander’s pre-disseminated intentions, if they are to fight effectively. Relatedly, aggressive experimentation will be needed to find the proper balance between operating on interior and exterior lines of networking when inside a contested zone—and will probably reveal that the bias should be towards the former.

Lastly, forces capable of operating under command-by-negation and in opposed cyber-electromagnetic environments are not developed overnight. Frequent and intensive training under realistic combat conditions will be needed if the requisite force-wide skills are to be developed.[viii] In particular, much as we have traditionally done to cultivate physical damage control readiness, commanders and crews on the deck plates must be regularly conditioned to expect, recognize, and fight-through cyber-electromagnetic attacks. A force’s cyber-electromagnetic resilience will depend in no small way upon its personnel’s technical, tactical, and psychological preparation for operating with critical systems and networks degraded if not compromised, and with situational pictures that have been manipulated. Likewise, a force’s ability to successfully deceive the adversary—not to mention successfully employ countermeasures against the adversary’s weapons—will depend upon the cyber-electromagnetic tactical skills the force’s personnel cultivate through routinized peacetime training. Emission control discipline, decoy placement relative to defended assets, precision evasive maneuvers, precision timing and sequencing of tactics, and the like require frequent practice if commanders and crews are to gain and then maintain just the minimum proficiencies needed to survive in modern maritime battle. The Navy’s next Strategy for Achieving Information Dominance needs to make it clear that cyber-electromagnetic competence must not be isolated to its Information Dominance Corps, and instead must be ingrained within the total force.

While cyber-electromagnetic risks hardly invalidate the use of advanced sensor and networking technologies, they do caution us not to take for granted that our systems and networks will be secure, functional, and reliable when needed. Our doctrine, contingency operational plans, and tactics must be structured around the assumption each of our warfare systems contain exploitable cyber-electromagnetic vulnerabilities that may prevent us from using them to their fullest—or at all—when most needed. We must not allow ourselves to build and field a force that can only fight effectively when its systems and networks are unhindered and uncompromised.

Jon Solomon is a Senior Systems and Technology Analyst at Systems Planning and Analysis, Inc. in Alexandria, VA. He can be reached at jfsolo107@gmail.com. The views expressed herein are solely those of the author and are presented in his personal capacity on his own initiative. They do not reflect the official positions of Systems Planning and Analysis, Inc. and to the author’s knowledge do not reflect the policies or positions of the U.S. Department of Defense, any U.S. armed service, or any other U.S. Government agency. These views have not been coordinated with, and are not offered in the interest of, Systems Planning and Analysis, Inc. or any of its customers.

[i] Norman Friedman. “Trust but Verify.” Naval Institute Proceedings 134, No. 11 (November 2008), 90-91.

[ii] ADM Jonathan Greenert, USN. “Imminent Domain.” Naval Institute Proceedings 138, No. 12 (December 2012), 17.

[iii] LCDR James T. Westwood, USN. “Electronic Warfare and Signals Intelligence at the Outset of World War I.” U.S. National Security Agency, undated, accessed 1/31/14, http://www.nsa.gov/public_info/_files/cryptologic_spectrum/electronic_warfare.pdf

[iv] See 1. ADM Jonathan Greenert, USN. “Payloads Over Platforms: Charting a New Course.” Naval Institute Proceedings 138, No. 7 (July 2012), 18-19; 2. Gordon and Trainor, 213-215, 217; 3. Arend G. Westra. “Radar Versus Stealth: Passive Radar and the Future of U.S. Military Power.” Joint Forces Quarterly 55 (October 2009), 136-143.

[v] Thomas G. Mahnken. “China’s Anti-Access Strategy in Historical and Theoretical Perspective.” Journal of Strategic Studies 34, No. 3 (June 2011), 310.

[vi] CAPT Wayne Hughes, Jr, USN (Ret). Fleet Tactics and Coastal Combat, 2nd Ed. (Annapolis, MD: Naval Institute Press, 2000), 201-202, 210-212.

[vii] Ibid, 40-44.

[viii] Solomon, “Maritime Deception and Concealment,” 104-106.

Cyber War, Future Tech, Future War

21st Century Maritime Operations Under Cyber-Electromagnetic Opposition Part Three

1 Comment

The following article is part of our cross-posting series with Information Dissemination’s Jon Solomon.  It is republished here with the author’s permission.  You can read it in its original form here.

Read part one and part two of the series.

By Jon Solomon

Candidate Principle #4: A Network’s Operational Geometry Impacts its Defensibility

Networked warfare is popularly viewed as a fight within cyberspace’s ever-shifting topology. Networks, however, often must use transmission mechanisms beyond physical cables. For field-deployed military forces in particular, data packets must be broadcast as electromagnetic signals through the atmosphere and outer space, or as acoustic signals underwater, in order to connect with a network’s infrastructure. Whereas a belligerent might not be able to directly access or strike this infrastructure for a variety of reasons, intercepting and exploiting a signal as it traverses above or below water is an entirely different matter. The geometry of a transmitted signal’s propagation paths therefore is a critical factor in assessing a network’s defensibility.

The Jominian terms interior and exterior lines of operations respectively refer to whether a force occupies positions within a ‘circle’ such that its combat actions radiate outwards towards the adversary’s forces, or whether it is positioned outside the ‘circle’ such that its actions converge inwards towards the adversary.[i] Although these terms have traditionally applied solely within the physical domains of war, with some license they are also applicable to cyber-electromagnetic warfare. A force might be said to be operating on interior lines of networking if the platforms, remote sensors, data processing services, launched weapons, and communications relay assets comprising its battle networks are positioned solely within the force’s immediate operating area.
Interior+Lines+of+networking

While this area may extend from the seabed to earth orbit, and could easily have a surface footprint measuring in the hundreds of thousands of square miles, it would nonetheless be relatively localized within the scheme of the overall combat zone. If the force employs robustly-layered physical defenses, and especially if its networking lines through the air or water feature highly-directional line-of-sight communications systems where possible or LPI transmission techniques where appropriate, the adversary’s task of positioning assets such that they can reliably discover let alone exploit the force’s electromagnetic or acoustic communications pathways becomes quite difficult. The ideal force operating on interior lines of networking avoids use of space-based data relay assets with predictable orbits and instead relies primarily upon agile, unpredictably-located airborne relays.[ii] CEC and tactical C2 systems whose participants exclusively lie within a maneuvering force’s immediate operating area are examples of tools that enable interior lines of networking.

Conversely, a force might be said to be operating on exterior lines of networking if key resources comprising its battle networks are positioned well beyond its immediate operating area.

Ext+Lines+of+Networking-1

This can vastly simplify an adversary’s task of positioning cyber-electromagnetic exploitation assets. For example, the lines of communication linking a field-deployed force with distant entities often rely upon fixed or predictably-positioned relay assets with extremely wide surface footprints. Similarly, those that connect the force with rear-echelon entities generally require connections to fixed-location networking infrastructure on land or under the sea. Theater-level C2 systems, national or theater-level sensor systems, intelligence ‘reachback’ support systems, remotely-located data fusion systems, and rear echelon logistical services that directly tap into field-deployed assets’ systems in order to provide remote-monitoring/troubleshooting support are examples of resources available to a force operating on exterior lines of networking.

Clearly, no force can fully foreswear operating on exterior lines of networking in favor of operating solely on interior lines.[iii] A force’s tasks combined with its minimum needs for external support preclude this; some tactical-level tasks such as theater ballistic missile defense depend upon direct inputs from national/theater-level sensors and C2 systems. A force operating on interior lines of networking may also have less ‘battle information’ available to it, not to mention fewer processing resources available for digesting this information, than a force operating on exterior lines of networking.

Nevertheless, any added capabilities provided by operating on exterior lines of networking must be traded off against the increased cyber-electromagnetic risks inherent in doing so. There consequently must be an extremely compelling justification for each individual connection between a force and external resources, especially if a proposed connection touches critical combat system or ‘engineering plant’ systems. Any connections authorized with external resources must be subjected to a continuous, disciplined cyber-electromagnetic risk management process that dictates the allowable circumstances for the connection’s use and the methods that must be implemented to protect against its exploitation. This is not merely a concern about fending off ‘live penetration’ of a network, as an ill-considered connection might alternatively be used as a channel for routing a ‘kill signal’ to a preinstalled ‘logic bomb’ residing deep within some critical system, or for malware to automatically and covertly exfiltrate data to an adversary’s intelligence collectors. An external connection does not even need to be between a critical and a non-critical system to be dangerous; operational security depends greatly upon preventing sensitive information that contains or implies a unit or force’s geolocation, scheme of maneuver, and combat readiness from leaking out via networked logistical support services. Most notably, it must be understood that exterior lines of networking are more likely than interior lines to be disrupted or compromised when most needed while a force is operating under cyber-electromagnetic opposition. The timing and duration of a force’s use of exterior lines of networking accordingly should be strictly minimized, and it might often be more advantageous to pass up the capabilities provided by external connectivity in favor of increasing a force’s chances at avoiding detection or cyber-electromagnetic exploitation.

Candidate Principle #5: Network Degradation in Combat, While Certain, Can be Managed

The four previous candidate principles’ chief significance is that no network, and few sensor or communications systems, will be able to sustain peak operability within an opposed cyber-electromagnetic environment. Impacts may be lessened by employing network-enhanced vice network-dependent system architectures, carefully weighing a force’s connections with (or dependencies upon) external entities, and implementation of doctrinal, tactical, and technical cyber-electromagnetic counter-countermeasures. Network and system degradation will nonetheless be a reality, and there is no analytical justification for assuming peacetime degrees of situational awareness accuracy or force control surety will last long beyond a war’s outbreak.

There is a big difference, though, between degrading and destroying a network. The beauty of a decently-architected network is that lopping off certain key nodes may severely degrade its capabilities, but as long as some nodes survive—and especially if they can combine their individual capabilities constructively via surviving communications pathways as well as backup or ‘workaround’ processes—the network will retain some non-dismissible degree of functionality. Take Iraq’s nationwide integrated air defense system during the first Gulf War, for example. Although its C2 nodes absorbed devastating attacks, it was able to sustain some localized effectiveness in a few areas of the country up through the war’s end. What’s more, U.S. forces could never completely sever this network’s communications pathways; in some cases the Iraqis succeeded in reconstituting damaged nodes.[iv] Similarly, U.S. Department of Defense force interoperability assessments overseen by the Director of Operational Test and Evaluation during Fiscal Year 2013 indicated that operators were frequently able to develop ‘workarounds’ when their information systems and networks experienced disruptions, and that mission accomplishment ultimately did not suffer as a result. A price was paid, though, in “increased operator workloads, increased errors, and slowed mission performance.”[v]

This illustrates the idea that a system or network can degrade gracefully; that is, retain residual capabilities ‘good enough,’ if only under narrow conditions, to significantly affect an opponent’s operations and tactics. Certain hardware and software design attributes including architectural redundancy, physical and virtual partitioning of critical from non-critical functions (with far stricter scrutiny over supply chains and components performed for the former), and implementation of hardened and aggressively tested ‘safe modes’ systems can fail into to restore a minimum set of critical functions support graceful degradation. The same is true with inclusion of ‘war reserve’ functionality in systems, use of a constantly-shifting network topology, availability of ‘out-of-band’ pathways for communicating mission-critical data, and incorporation of robust jamming identification and suppression/cancellation capabilities. All of these system and network design features can help a force can fight-through cyber-electromagnetic attack. Personnel training (and standards enforcement) with respect to basic cyber-electromagnetic hygiene will also figure immensely in this regard. Rigorous training aimed at developing crews’ abilities to quickly recognize, evaluate, and then recover from attacks (including suspected network-exploitations by adversary intelligence collectors) will accordingly be vital. All the same, graceful degradation is not an absolute good, as an opponent will assuredly exploit the resultant ‘spottier’ situational awareness or C2 regardless of whether it is protracted or brief.

In the series finale, we assess the psychological effects of cyber-electromagnetic attacks and then conclude with a look at the candidate principles’ implications for maritime warfare.

Jon Solomon is a Senior Systems and Technology Analyst at Systems Planning and Analysis, Inc. in Alexandria, VA. He can be reached at jfsolo107@gmail.com. The views expressed herein are solely those of the author and are presented in his personal capacity on his own initiative. They do not reflect the official positions of Systems Planning and Analysis, Inc. and to the author’s knowledge do not reflect the policies or positions of the U.S. Department of Defense, any U.S. armed service, or any other U.S. Government agency. These views have not been coordinated with, and are not offered in the interest of, Systems Planning and Analysis, Inc. or any of its customers.

[i] “Joint Publication 5-0: Joint Operational Planning.” (Washington, D.C.: Joint Chiefs of Staff, 2011), III-27.

[ii] For an excellent technical discussion on the trade-offs between electronic protection/communications security on one side and data throughput/system expense on the other, see Cote, 31, 58-59. For a good technical summary of highly-directional line-of sight radio frequency communications systems, see Tom Schlosser. “Technical Report 1719: Potential for Navy Use of Microwave and Millimeter Line-of-Sight Communications.” (San Diego: Naval Command, Control and Ocean Surveillance Center, RDT&E Division, September 1996), accessed 10/15/14, www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA318338

[iii] Note the discussion on this issue in “Joint Operational Access Concept, Version 1.0.” (Washington, D.C.: Joint Chiefs of Staff, 17 January 2012), 36-37.

[iv] Michael R. Gordon and LGEN Bernard E. Trainor, USMC (Ret). The Generals’ War: The Inside Story of the Conflict in the Gulf. (Boston: Back Bay Books, 1995), 256–57.

[v] “FY13 Annual Report: Information Assurance (IA) and Interoperability (IOP),” 330, 332-333.

[vi] See 1. Jonathan F. Solomon. “Cyberdeterrence between Nation-States: Plausible Strategy or a Pipe Dream?” Strategic Studies Quarterly 5, No. 1 (Spring 2011), Part II (online version): 21-22, accessed 12/13/13, http://www.au.af.mil/au/ssq/2011/spring/solomon.pdf; 2. “FY12 Annual Report: Information Assurance (IA) and Interoperability (IOP),” 307-311; 3. “FY13 Annual Report: Information Assurance (IA) and Interoperability (IOP),” 330, 332-334.

Cyber War, Future War, History

Enabling Distributed Lethality: The Role of Naval Cryptology

4 Comments

Distributed Lethality Topic Week

By LCDR Chuck Hall and LCDR David T. Spalding

The U.S. Navy’s Surface Force is undergoing a cultural shift.  Known as “Distributed Lethality,” this strategy calls for our naval combatants to seize the initiative, operate in dispersed formations known as “hunter-killer” surface action groups (SAG), and employ naval combat power in a more offensive manner. After years of enjoying maritime dominance and focusing on power projection ashore, the U.S. Navy is now planning to face a peer competitor in an Anti-Access/Area Denial (A2AD) environment. Long overdue, Distributed Lethality shifts the focus to one priority – warfighting.  Far from a surface warfare problem alone, achieving victory against a peer enemy in an A2AD environment will require leveraging all aspects of naval warfare, including naval cryptology.

[otw_shortcode_button href=”https://cimsec.org/buying-cimsec-war-bonds/18115″ size=”medium” icon_position=”right” shape=”round” color_class=”otw-blue”]Donate to CIMSEC![/otw_shortcode_button]

Naval Cryptology has a long, proud history of supporting and enabling the Fleet. From the Battle of Midway in 1942, to leading the Navy’s current efforts in cyberspace, the community’s expertise in SIGINT, Cyber Operations, and Electronic Warfare is increasingly relevant in an A2AD environment. Led by Commander, U.S. Fleet Cyber Command/U.S. TENTH Fleet, the community is comprised of officers and enlisted personnel serving afloat and ashore and who are well integrated with the Fleet, intelligence community, and U.S. Cyber Command. Given its past history and current mission sets, naval cryptology is poised to enable distributed lethality by providing battlespace awareness, targeting support, and effects, in and through the electromagnetic spectrum and cyberspace.   

Battlespace Awareness

Battlespace Awareness, as defined in the Information Dominance Roadmap, 2013-2028, is “the ability to understand the disposition and intentions of potential adversaries as well as the characteristics and conditions of the operational environment.”  It also includes the “capacity, capability, and status” of friendly and neutral forces and is most typically displayed as a Common Operating Picture (COP).  To be effective, however, battlespace awareness must seek to provide much more than just a COP. It must also include a penetrating knowledge and understanding of the enemy and environment — the end-user of which is the operational commander. The operational commander must be able to rely on predictive analysis of enemy action in the operational domain to successfully employ naval combat power in an A2AD environment.  

Naval Cryptology has historically provided battlespace awareness through the execution of Signals Intelligence (SIGINT) operations.  During World War II, Station HYPO, located in Pearl Harbor and headed by Commander Joseph Rochefort, collected and decrypted the Japanese naval code, known as JN-25. Station HYPO’s exploitation of Japanese naval communications was sufficient to provide daily intelligence reports and assessments of Japanese force dispositions and intentions. These reports were provided to naval operational commanders, to include Admiral Chester W. Nimitz, Commander in Chief, U.S. Pacific Fleet and Commander in Chief, Pacific Ocean Areas. On May 13, 1942, navy operators intercepted a Japanese message directing a logistics ship to load cargo and join an operation headed to “Affirm Fox” or “AF.”  Linguists from Station HYPO had equated “AF” to Midway in March after the Japanese seaplane attack on Hawaii (Carlson, 308) and was thus able to confirm Midway as the objective of the upcoming Japanese naval operation.  Station HYPO was also able to give Nimitz the time and location of the Japanese attack point: 315 degrees, 50 nm from Midway, commencing at 7:00AM (Carlson, 352). This allowed Nimitz to position his forces at the right place, designated Point Luck, northeast of Midway, placing the U.S. fleet on the flank of the Japanese (Carlson, 354). Had Station HYPO’s efforts failed to provide this battlespace awareness, Admiral Nimitz would not have had enough time to thwart what might have been a surprise Japanese attack.  

Photo shows work being done on the Japanese Naval code J-25 by Station HYPO in Hawaii. The Japanese order to prepare for war was sent in J-25 prior to the attack on Pearl Harbor, but decoders had been ordered to suspend work on the Naval code and focus efforts on the diplomatic code. Later, enough of J-25 was broken to be used as an advanced warning to the Japanese attack on Midway. NSA photo.
Photo shows work being done on the Japanese Naval code J-25 by Station HYPO in Hawaii. The Japanese order to prepare for war was sent in J-25 prior to the attack on Pearl Harbor, but decoders had been ordered to suspend work on the Naval code and focus efforts on the diplomatic code. Later, enough of J-25 was broken to be used as an advanced warning to the Japanese attack on Midway. NSA photo.

Victory at Midway was founded on the operational commander’s knowledge of the enemy’s force construct and disposition. Currently the product of both active and passive, organic and non-organic sensors, achieving battlespace awareness in an A2AD environment will require more emphasis on passive and non-organic sensors, and increased national-tactical integration in order to prevent detection and maintain the initiative.  The “hunter-killer” SAGs will be entirely dependent upon an accurate and timely COP – not just of enemy forces, but of dispersed friendly forces as well.  Just as battlespace awareness enabled triumph against the Imperial Japanese Navy, so too will it be the very foundation upon which the success of distributed lethality rests. Without it, the operational commander cannot effectively, and lethally, disperse his forces over time and space.    

Targeting Support

Another key enabler of the Surface Navy’s shift to the offensive will be accurate and timely targeting support.  Though support to targeting can come in many forms, as used here it refers to the triangulation and precision geolocation of adversary targets via communications intelligence and radio direction finding (RDF).  In an environment in which options to “fix” the enemy via radar or other active means introduces more risk than gain, RDF presents itself as a more viable option.  Indeed, the passive nature of direction finding/precision geolocation makes it particularly well suited for stealthy, offensive operations in an A2AD environment.  Leveraging both organic and non-organic sensors in a fully integrated manner — RDF will provide “hunter-killer” SAG commanders with passive, real-time, targeting data.     

Perhaps one of the best historical examples of Naval Cryptology’s support to targeting can be seen in the Battle of the Atlantic. The Third Reich had threatened the very lifeline of the war in Europe as Admiral Donitz’ U-boats were wreaking havoc on Allied merchant vessels throughout the war. Though America had begun intercepting and mapping German naval communications and networks as early as 1938, it was not as critical then as it was upon entry into the war. By the time America entered the war, the U.S. Navy’s SIGINT and cryptanalysis group, OP-20-G, boasted near 100 percent coverage of German naval circuits. Many of these circuits were used for high frequency (HF), long range shore-ship, ship-shore, and ship-ship communications. The ability to both intercept these communications and to locate their source would be necessary to counter the Axis’ attack. That ability was realized in an ever growing high frequency direction finding (HFDF) network.

The HFDF network originally consisted of only a handful of shore stations along the Atlantic periphery. Throughout the course of the war it grew to a rather robust network comprised of U.S., British, and Canadian shore-based and shipborne systems. The first station to intercept a German naval transmission would alert all other stations simultaneously via an established “tip-off” system.  Each station would then generate a line of bearing, the aggregate of which formed an ellipse around the location of the target.  This rudimentary geolocation of German U-boats helped to vector offensive patrols and enable attack by Allied forces — thus taking the offensive in what had previously been a strictly defensive game.  The hunter had become the hunted.        

German U-boats threatened the very lifeline of the war in Europe by wreaking havoc on Allied merchant vessels throughout the war.
German U-boats threatened the very lifeline of the war in Europe by wreaking havoc on Allied merchant vessels throughout the war.

Enabling the effectiveness of increased offensive firepower will require more than battlespace awareness and indications and warning.  Going forward, Naval cryptologists must be agile in the support they provide — quickly shifting from exploiting and analyzing the enemy, at the operational level, to finding and fixing the enemy at the tactical level. Completing the “find” and “fix” steps in the targeting process will enable the “hunter-killer” SAGs to accomplish the “finish.”

Cyber Effects

Finally, cyber.  Receiving just a single mention, the original distributed lethality article in Proceedings Magazine refers to the cyber realm as, “the newest and, in many ways most dynamic and daunting, levels of the battlespace—one that the Surface Navy, not to mention the U.S. military at large—must get out in front of, as our potential adversaries are most certainly trying to do.” Indeed, the incredible connectivity that ships at sea enjoy today introduces a potentially lucrative vulnerability, for both friendly forces and the adversary. Similar to battlespace awareness and targeting, Naval Cryptology has history, albeit limited, in cyberspace. Cryptologic Technicians have long been involved in Computer Network Exploitation (CNE) and the Navy was the first service to designate an enlisted specialty (CTN) in the cyber field. According to the FCC/C10F strategy, not only do they, “operate and defend the Navy’s networks,” but they also, “plan and direct operations for a subset of USCYBERCOM’s Cyber Mission Forces.”  The combination of history and experience in cyberspace, coupled with the FCC/C10F designation as the Navy’s lead cyber element, clearly places the onus on naval cryptology. As the Navy seeks to protect its own cyber vulnerabilities, and exploit those of the adversary, the execution of effective cyber operations by the cryptologic community will be critical in enabling distributed lethality.

Going Forward

Today, through a wide array of networked, passive, non-organic sensors, and integration with national intelligence agencies and U.S. Cyber Command, naval cryptology is well-positioned to enable distributed lethality by providing battlespace awareness, targeting support, and effects, in and through the electromagnetic spectrum and cyberspace. Yet, similar to the surface force, a cultural shift in the cryptologic community will be required. First, we must optimize national-tactical integration and better leverage and integrate off-board sensors. The uniqueness of the A2AD environment demands the integration and optimization of passive, organic and non-organic sensors in order to prevent counter-targeting. Second, we must prioritize the employment of direction finding and geolocation systems, ensuring they are accurate and sufficiently integrated to provide timely targeting data for weapons systems. This will require a shift in mindset as well, from simple exploitation to a focus on “find, fix.” Third, we must continue to lead in cyberspace, ensuring cyber defense in depth to our ships at sea while developing effects that effectively exploit adversary cyber vulnerabilities. Finally, naval cryptology’s role in distributed lethality cannot occur in a vacuum — increased integration with the Fleet will be an absolute necessity.

Distributed lethality is the future of Naval Surface Warfare — a future in which the cryptologic community has a significant role. In order to ensure the Surface Force can seize the initiative, operate in dispersed formations known as “hunter-killer” SAGs, and employ naval combat power in a more offensive manner in an A2AD environment, Naval Cryptology must stand ready to provide battlespace awareness, targeting support, and effects, in and through the electromagnetic spectrum and cyberspace.

LCDR Chuck Hall is an active duty 1810 with more than 27 years of enlisted and commissioned service.  The opinions expressed here are his own.

LCDR David T. Spalding is a  former Cryptologic Technician Interpretive.  He was commissioned in 2004 as a Special Duty Officer Cryptology (Information Warfare/1810).  The opinions expressed here are his own.

[otw_shortcode_button href=”https://cimsec.org/buying-cimsec-war-bonds/18115″ size=”medium” icon_position=”right” shape=”round” color_class=”otw-blue”]Donate to CIMSEC![/otw_shortcode_button]

Works cited:

Ballard, Robert. Return to Midway. Washington, D.C: National Geographic, 1999.

Parshall, Jonathan. Shattered Sword : The Japanese Story of the Battle of Midway. Dulles, Va. Poole: Potomac Chris Lloyd distributor, 2007.

Carlson, Elliot. Joe Rochefort’s War: the Odyssey of the Codebreaker Who Outwitted Yamamoto at Midway. Annapolis, MD: Naval Institute, 2011. Print.