2 July 2017

Adapt Special Operations Principles to Cyber

Capstone Essay Contest Winner—Information Warfare

In recent years, rapidly evolving hybrid threats have made necessary the growth of unique U.S. special operations and cyber forces. Although distinct, both forces offer the U.S. military an asymmetric advantage in countering regular and irregular threats, and their highly specialized capabilities can give them an outsized impact in their respective battles spaces. Special operations forces (SOF), however, are much more mature and broadly effective than the nation’s nascent cyber capabilities. Cyber forces can learn from the framework that propelled recent special operations successes.

In the mid-1980s, then-Colonel Sid Shachnow, U.S. Army, created the “SOF Truths” to codify the need for quality people within U.S. Special Operations Command (SOCom). His special operations axioms were:

1. Humans are more important than hardware.

2. Quality is better than quantity.

3. Special operation forces cannot be mass produced.

4. Competent special operations forces cannot be created after emergencies occur.

5. Most special operations require non-special operations assistance.

General Wayne Downing, U.S. Army, commander-in-chief of SOCom 1993–96, ingrained these values in the culture of the special operations community. The “SOF Truths” became the guiding principles behind mission preparation and execution. They underpin operational excellence and reassure political and military leaders that special operations forces conduct business professionally and allocate resources efficiently. The cyber forces require a similar set of guiding axioms to help shape their priorities and develop an ethos. Adapting the “SOF Truths” would be a good start.

Humans are more important than hardware. The timeless phrase, “Our people are our greatest asset,” holds true in cyberspace. Just as special operators understand that an agile, innovative, and resilient person will outsmart and outmatch his adversary in the end, cyber forces must realize that effective cyber operations demand technical and inventive professionals. Artificial intelligence (AI) advocates argue that AI eventually will replace people for both offensive and defensive operations, but only people can contemplate and create the counter to an aggressive AI. Hardware and software are only tools. Retaining and developing a talented pool of cyber warriors must be a priority as the civilian sector also seeks well-trained cyber professionals.

Physical assets facilitate cyber operations. Cyberspace is contained and controlled by physical systems. Global physical infrastructure enables worldwide connectivity and the Internet. Their efficiency, routing, and connections determine battlespace maneuverability. Processing and communications platforms are the foundation of the physical layer upon which cyber operations are conducted. Infrastructure comes with a high degree of maintenance and requires long-term planning and care that cannot be overlooked without risking operational effectiveness. Excellence in cyber operations requires the U.S. military to invest much more in physical infrastructure.

Cyber forces cannot be mass produced. To borrow from SOCom’s third “SOF Truth,” it takes years to train operational units to the level of proficiency needed to accomplish difficult and specialized cyber missions. Constant realistic training—in schools and in units—is required to turn competent individuals into fully capable units. This process cannot be hastened without degrading ultimate capability.

Just as a not everyone can qualify as a special operator, not everyone can become a cyber warrior. To establish ourselves as the premier cyber force, our personnel need an entrepreneurial, pioneering, and tenacious mind-set formed from years of experience combined with an incessant drive to learn and grow. Building professionals with the passion and ability to conduct these operations takes years. Technical knowledge is widely obtainable—we can train people to pour over system logs, navigate through files, and do repetitive tasks—but the art of cyber warfare cannot be understood unless determined warriors are fully immersed in the realm of cyber operations. Developing a highly skilled, agile, and specialized cyber force takes intense, in-depth education honed by realistic training and real-world operational experience.

Effective cyber capability cannot be created on a moment’s notice. Prepared access and effects to a system require an investment of resources and time. No worthwhile information system can be accessed immediately with capability waiting on the shelf for use. Access requires upkeep. A diligent team will find any angle to gain access to a denied system given time; however, strategic capability faces investigation by the target, third parties, and system patches. Any specific tactic, technique, and procedure might be countered by a small system update that patches vulnerabilities, thereby denying access. Cyberspace is an offensively persistent environment requiring an offensively persistent force determined to remain in constant contact.

Cyber missions demand a cross-functional team. Cross-functional specialized experts are key to the effectiveness of a cyber team. The technical nature of cyber operations does not permit one person to have all the experience and know all systems. Successful cyber operations demand carefully blended expertise to efficiently master the full range of cyber capabilities. Habitual training among different units and specialties ensures all teams operate under a common framework and build personal bonds. This results in cohesive teams that can work together to drive improvements and operate at the highest level of proficiency. Effective integration is even more important as military cyber forces dive deeper into the joint realm.

Extensive time, effort, and resources enable SOCom units to prepare correctly, and the nation has benefited from their operational success. But their success is a product of learning from previous failures. Operation Eagle Claw—an attempt to end the Iranian hostage crisis of April 1980—was a significant learning point for special operators that catalyzed the creation of SOCom. While the cyber operations community has not experienced similar learning points, it is confronted with similar challenges to those faced by the early special operations community. Learning from and adopting the special operations truths to cyber operations would ease the growing pains and help avoid similar operational tragedies.

As the cyber mission force continues to grow and evolve, investment in people and the creation of an ethos is paramount. With “Cyber Force Truths” to guide it, the fledging U.S. Cyber Command can establish a culture that will support success in a set of future operations.

Ensign Co was commissioned from the U.S. Naval Academy in May 2017 with a degree in cyber operations and was selected for the information warfare community.

No comments: