Army photo

Soldiers of the Army’s newly created I2CEWS (Intelligence, Information, Cyber, Electronic Warfare, & Space) Detachment stand in formation at the activation ceremony Jan. 11.

TECHNET AUGUSTA: The Army wants to expand its fledgling cyber branch into an information warfare force that can do everything from jamming insurgent radio stations to fighting Chinese cyber espionage and protecting US elections from online subversion.

It’s a tremendous task, even within the Army — and the implications of information operations go far beyond the military, touching sensitivities central to a democracy. At a minimum, the service’s new strategy requires:

[Click here to read our in-depth story on this ambitious plan for growth]

The Army also wants the new force to strike fast, unburdened by the bureaucratic reviews that have hobbled past operations. That streamlined process, the three-star chief of Army Cyber Command acknowledged, would both require more reliance on automation to augment slow-thinking humans and raise the risk of collateral damage to neutral networks. But, Lt. Gen. Stephen Fogarty said here, the risk of inaction is far greater.

US Army Cyber Command (ARCYBER) logo.

“We have a desperate need for speed,” Fogarty told AFCEA’s TechNet Augusta conference. In the Middle East, he said, “in many cases the adversary ran circles around us, even though we had technical overmatch, even though we’ve got very talented individuals. We just kind of wrapped ourselves in bureaucracy and that is absolutely crushing us.”

And that has consequences. “We cede the initiative in this critical area,” said Gen. Paul Funk, head of Army Training & Doctrine Command (TRADOC) — and a veteran of six combat deployments. An Iraqi prime minister (Funk didn’t say which one) once told him: “General, you Americans… you say one thing, put it in the information space, and then expect everybody to fall in,” Funk recounted. “The Russians say disinformation a thousand times on every network in every domain every day.”

Army photo

Lt. Gen. Stephen Fogarty, chief of Army Cyber Command, addresses fellow senior officers.

Risk vs. Speed

So, I asked the generals, how much risk is the Army willing to take? And what won’t the Army do? After all, in stark contrast to Russia, China, or the Islamic State, the US is a democracy with legal restrictions on government propaganda and civilian agencies in charge of public diplomacy.

“We don’t target US audiences, we inform US audiences.” Funk replied. And it’s not just a matter for the military. Across the federal government, “we have to get everybody in the room and decide if information is truly part of national power, which [our doctrine] says it is,” he said. “We can’t cede that space. So I believe what we have to do is generate those kinds of things like Voice of America again.

“When we talk to commanders… they want the ability to not have a bunch of stovepipes,” Fogarty said. Instead of strictly separating, say, public affairs and psychological operations, he went on, “they want the PA working with the psyops planner.”

Yes, the two disciplines communicate to different audiences under different rules. But, Fogaty told me, they at least need “the ability to deconflict in real time” so they don’t inadvertently undermine each other’s messages: “That’s critically important.”

The legal limits still apply, Fogarty emphasized: “I want to provide commanders viable, which means legal, options.” For domestic matters like protecting US elections, he said, Army Cyber Command and the military as a whole will remain a subordinate, supporting element to the Department of Homeland Security.

So when Chinese or Russian troll-bots or ISIS propagandists post on social media, for example, the Army isn’t going to hack Facebook or Twitter. “We would not be hacking an American provider,” he told me. Instead, the Army might alert the US firm to accounts that were violating its terms of service by (for example) faking their identity or promoting violence. “Or we might go to law enforcement,” he said. “There are a variety of options that we have.”

Internet providers and users in foreign countries don’t have the same protections, of course, and indeed President Trump loosened Obama-era restrictions on cyber attacks overseas. But even there, Fogarty said, the law of war applies, particularly the time-honored principle of proportionality. That means military operations are permitted to cause collateral damage — whether it’s shutting down a social media service for a day or accidentally killing civilians — but not damage out of “proportion” (loosely defined) to the military value of the objective.

“Sometimes precision may be more important,” he told me, “but I would argue sometimes less precise [but] in a more timely manner might be more effective.”

Islamic State (Daesh) fighters

Hitting the Gas

The need for speed is a lesson learned from special operations raids in Afghanistan and Iraq, Fogarty told me, where taking time to perfect your intelligence might mean you arrived after a top terrorist had fled, but moving fast could still nab a trove of intelligence to guide the next operation, and the next. Likewise, in cyberspace, a slow response might only hit abandoned accounts and burner phones the foe only used once. But a hasty operation, even if it doesn’t shut the enemy down completely, might still provoke them to respond and reorganize in ways we can detect, setting us up for the second strike to be decisive. (Alternatively, cyber attacks can reveal the enemy’s physical location for an airstrike).

The US can’t just go on the defensive, parrying cyber attacks or debunking disinformation as it comes in, Fogarty told the conference. He compared that approach to trying to stop the arrows, not the archer, noting that even the best defense can’t keep out every attacker. Instead, you need to punch out the archer and break his bow.

So, Fogarty argued, the military must embrace US Cyber Command’s philosophy of “engaging forward,” operating not just within the boundaries of its own networks (“blue space”) but inside both neutral networks (“gray space”) and enemy ones (“red”). Operating in those spaces, Fogarty added, will require close coordination with friendly nations and companies to avoid accidentally running afoul of one another’s operations — the cyber equivalent of friendly fire.

The US military has already made progress, Fogarty said. On November 8th, 2016, when he was chief of staff at the Cyber Command, the joint cyber force launched its largest offensive cyber operation to date, against the Islamic State’s online propagandists. But back then, he said, “something that was frankly a fairly simple technical execution took us months and months and months working through the interagency…. Once again we had tied ourselves up in knots.

“Since then, the timeliness has improved,” Fogarty told me afterwards, but it needs to improve further. “We have to go down from days or weeks to in some cases minutes.”

At the same time, the US has to scale up from combatting terrorists and insurgents to countering the kind of state-backed subversion that Russia has launched against both our elections and vulnerable allies like Ukraine or the Baltic States. Fogarty is keenly aware of the irony that, even as he and his Cyber Command colleagues were celebrating their blow against ISIS, the votes were being counted in an election that Russia has systematically attacked.

“We did not realize at the time…. that night was the culmination of a multi-year effort by another nation-state to attack us,” Fogarty told the conference. “When you juxtapose our military might being aimed at a bunch of guys with sandals, meanwhile we were receiving an attack by a state actor. That should trouble you, and it certainly troubled us.”

 

CORRECTION: The original version of this article misidentified Gen. Paul Funk as commander of Forces Command; he is in fact the head of Training & Doctrine Command (TRADOC).

 

[Click below to read Part II of this story]