Understanding Digital and Cyber Topography Is Critical to Successful Military Operations
Nontechnical personnel must be able to conceptualize the digital demons the Signal Corps faces.
Cyberspace is being accepted throughout the U.S. Army as a warfighting domain. However, many soldiers outside of the U.S. Army Signal Corps do not grasp the concept of cyberspace as an operational realm. Empowering them with that understanding is essential to operational success.
One of the primary tasks of Signal Corps members is to provide other leaders and soldiers with a clear understanding of the job of the corps and of cyberspace itself. As a military organization, the clearest means for the Signal Corps to communicate these concepts is through operational language. Many parallels exist between a battlefield’s physical landscape and what is done during offensive, defensive and support operations in cyberspace.
The key to this understanding can be found in the joint military doctrine JP 3-12, Cyberspace Operations. According to the document, “Movement and maneuver involve deploying forces into an operational area and moving within that area to gain operational advantage in support of operational objectives. An essential component of planning is the concept of key terrain, which is any locality or area, the seizure or retention of which affords a marked advantage to either combatant. These might include major lines of communications; key access points for the defense, observation and launch points for the offense; or opportunities to create bottlenecks. In cyberspace, key terrain involves network links and nodes that are essential to a particular friendly or adversary capability. The ubiquitous nature of cyberspace creates another major consideration in [cyberspace operations] because it enables an adversary to establish key points of presence outside the physical operating area.”
Most people outside of technical fields have come to realize the importance of the cyber domain. Even in tactical companies and battalions, where the primary communications are via “simple” radios, the environment of cyberspace still will be relevant. The move to Internet protocol (IP)-based radios and other technology that further integrates communications systems will make this apparent. Meanwhile, the Army cannot continue to wait for these transitions to overtake it and then simply react. This behavior is what led to the sudden creation of the cyber branch as an “airplane in flight.” Persisting in this approach will continue to cede initiative and advantage in the cyber domain to opponents.
However important it is to understand communications, many individuals who try to look into the workings of the Signal and cyber corps generally see only a baffling array of metal and wires controlled by incomprehensible lines of alien text. The corps are responsible for providing this information in terms that nontechnical individuals will understand. This begins with giving them a basic understanding of the landscape of cyberspace.
To start, the cyber domain remains locked perpetually in vicious, if bloodless, conflicts. An honest map of these networks shows a space littered with trenches, redoubts, observation points and individual fighting positions. While these fortifications protect critical information as well as real-world tactical and strategic capabilities, they each have their own lines of supply and communication. Thus, any “normal” conceptualization provides no understanding that every network is its own theater—a front perpetually under siege.
Signal and cyber technicians are locked in a perpetual struggle with both those who would hinder missions as well as the fabric of the domain itself. Simply maintaining the Army’s position in cyberspace requires constant vigilance, guarding against nearly invisible enemies and unpredictable environmental hazards. In effect, cyber experts are cartographers, guides and guardians in an unseen hell.
Sharing this vision requires giving others a map of this hell. It cannot be a technical document or course in technical skills. It must be a translation from jargon to the shared language of the battlefield. Outsiders must be able to understand what they view as technological magic.
More importantly, they must conceptualize the digital demons the Signal Corps faces.
Creating a nontechnical frame of reference is not difficult. For a parallel in the world of maneuver, modern cyber conflict is strikingly similar to the strategic experience of a European country in World War I. The U.S. historical experience as a physically isolated power and the modern technology its armed forces currently wield is fundamentally different from the experience within cyberspace.
It may seem odd that understanding this technologically advanced type of conflict requires a thought process that peels away that very technology. However, it is only by doing so that this experience can be modeled accurately. The modern technological advancements that provide information dominance in the physical domain are the basic terrain of cyberspace. Only by reducing technology to the same level as that used in World War I can the Army match the level of capability and expectation.
A frequent complaint and source of confusion about cyber conflict is that it offers only limited and often very specific knowledge. The expectation of high levels of tactical knowledge is an artifact of U.S. modern technological dominance in the physical domain.
This means, among other things, that understanding the battle for control of this technology requires imagining fighting without the modern luxuries of air and satellite surveillance. Further, direct close observation is the main method of finding and identifying enemy action.
Ironically, communication and coordination are limited as people work within the networks. This is because the medium through which everyone is accustomed to sending messages now is an environmental factor with which everyone must contend. Even worse, it could be the objective for an enemy’s attack.
Because of these factors, forcing decisive engagements, even against large and powerful forces, can be extremely difficult. For warfighters accustomed to the technologies of the modern physical domain, the difference is understandably frustrating. However, field technicians and digital tacticians can do little to change this basic level of capability. They are, at best, tied to the same development and acquisition process as the traditional warfighter.
While capabilities in the cyberspace domain are limited compared with the physical realms, the threats that the force faces are not. The physical isolation the United States has enjoyed has been replaced with a cyber position much more like that of a central European country.
Even within the United States, the networks that are considered friendly often are connected directly to those that are threats. Personnel who work in this realm find their systems surrounded by shadowy forces that want nothing more than to infiltrate, create chaos, corrupt data and cause networks to collapse. Whether these actions stem from mischief or malice, they weaken the ability of the military to do its job.
Furthermore, the physical terrain is unstable. Wind, foul weather and stray electronics can disrupt above-ground connections, and careless digging is able to swiftly and completely sever buried pathways. Even the electronics that are tended so carefully in hardened, climate-controlled buildings are constantly at risk of failing for reasons beyond human control. These hazards make cyberspace a domain of unending change and chaos. It is not an open information superhighway—instead, it is a place made of thousands of paths, each with its own pitfalls.
Given these features, understanding the digital topology and cyber topography becomes critical. For those attempting to perform maneuver actions in this environment, these challenges will require a strong reliance on intelligence analysis. Strategic commanders will not always be able to make tactical decisions based on putting their own eyes on a target. They will have to rely on specialists in the cyber line units to react. As in times past, intelligence positions in cyber units are critical in their ability to recognize enemy actions and operations. They will use higher-level estimates to generate their own predictions of how enemy forces will move in the given environment.
Here is where the World War I parallel becomes strongest. Signal soldiers, as hardware and software technicians, take on the direct action responsibility held by maneuver elements in the physical domain. They must articulate effectively for maneuver and intelligence personnel exactly what those parallels are—the similarities between the cyber landscape and spots on an actual map.
For example, every phone, computer and radio is a point on the cyber operational map. These places may have nothing, or they might contain a cache of supplies. As with places on a physical map, they may or may not be occupied by friendly or enemy forces, watched or booby-trapped. A site may be an open plain, a dense forest or a building with thick walls, no windows and heavy doors to which anyone, friend or enemy, might have the key.
When any of these items are integrated into the network, each one must be turned into a fighting position. Every piece of security software and protocol is equivalent to a foxhole, a set of sandbags, concealment or planned fields of observation and fire. Specialized equipment has particular significance. Routers and switches are key terrain—the crossroads and mountain passes through which traffic can flow. A firewall is the equivalent of a trench or barricade through which open ports and authorized IPs are clear lanes.
Having provided this basic map key, the view of World War I-era conflict can create an understandable vision of what occurs. This explains, in terms of conventional warfare, the importance of keeping some channels open and closing others. For example, solving a transmission issue with modern equipment has more in common with a World War I soldier walking miles of cable between posts to find a small cut than it does the lightning-fast responses to which users are accustomed on a functioning network.
Millions of unseen packets of information are the components and tools of this space. They can produce a variety of weapons and equipment, from items as simple as the papers to pass checkpoints or keys to hardened buildings, to weapons ranging from the small arms of simple port scans and viruses, to the heavy artillery of a distributed denial-of-service (DDoS) attack. They also can be the representation of a hacker, an administrator or a regular user trying to reach a friendly destination.
One of the hardest concepts for maneuver personnel to understand is that the members of the Signal community they see—those who are in their units—are Signal’s rear lines. The trenches and hard fighting at the front happens as far from them as their fights are from Signal.
Their beloved communications shop members are the armorers for the units in the rear; the teams pushed out with communications systems such as command post nodes, Joint Network Nodes and high-capacity line-of-sight radios are garrison gate guards; and the S-6 shops are quick-reaction forces.
Rather than having a few soldiers in open fields, Signal troops direct legions of packets across this blatantly hostile space. In a coordinated hack on critical servers, the amount of cyber weaponry and the number of data packets brought to bear on either side dwarf the number of bullets in any physical conflict. The loss of a packet, or even a million packets, seems trivial because it is bloodless. They receive as much thought as bullets fired. What must be understood, however, is that even a few packets can be the difference between a stable connection and a call for help being forever lost to the void.
Capt. Ryan Robinson, USA, is the security operations officer in charge, Southwest Asia Cyber Center. The views expressed are his alone and do not represent the views or opinions of the U.S. Army.