Network Eccentricity Imperils the Infosphere
Technology that connects anybody also connects everybody.
Responding to a soldier’s complaint about equipment inadequacies in
Revolutions destroy in order to build. While the goals for a light, lithe and lethal military are achievable, they remain so only if as much attention is given to what is discarded as to what is acquired. Those who would transform the military tend to use lessons from battle as a baseline and evolving technologies as a guide. Given that transformation takes a decade or more, one must accurately define the shortfalls in the military kit and then evaluate potential tactics and technologies against a wide range of threats.
Analysis begins by determining why our forces in
Employing networked information technology to connect sensors to shooters directly is the means chosen to find, fix and kill such opponents. While richly interconnected networks can significantly improve collaborative planning and force execution, they do so only if the networks perform reliably and securely when linked through the demonstrably vulnerable Internet and its connective media.
The Internet once was thought to be too dirty and vulnerable to be the primary transport medium for national security matters. A secure and private network called GOVNET was considered then abandoned in favor of a web-based Internet protocol (IP) service-oriented architecture. A web-based architecture is challenged to provide the means to share information without compromising security. Moreover, it must do so in a common operating environment, often with nontraditional partners and across different domains, without knowing precisely who needs that information, how it will be used and, more importantly, how it will be protected. This challenge of secure sharing in an unpredictable environment is characterized by one software engineer as “a leap of faith that the recipient will treat the information properly, not abusing the implied trust.”
Networks will not provide for secure sharing of information until they can demonstrably satisfy three fundamental points.
First is the quality of information being introduced to the network. The metric for quality defined by the warfighter is timely, precise and actionable intelligence immediately accessible at lower echelons. Because of the extraordinarily short kill cycle in insurgency operations, this is especially important at the tip of the spear—where it is most lacking today.
The second essential ingredient in network-centric warfare is information assurance. This mandates that all networks provide secure connectivity while under attack from resourceful opponents. Many of these networks are an assemblage of commercial components, bought off the shelf with operating funds to satisfy local needs. They are connected with little regard to standards or central management and controlled by software that was described by ex-defense official Paul Strassmann as the most unreliable artifact known to humankind.
Historically, our armed forces considered communications—if they did so at all—as a given and fought in what Robert Hermann called “a free signaling environment.” Their information domain was free because it suffered only from mutual interference in the radio frequency spectrum. However, information warfare now must be conducted in a polluted electromagnetic environment that demands significantly higher standards for discipline and deconfliction. A highly regarded expert in information operations recently commented that “we as a military are basing an enormous amount of military capability and future security on an information backbone that may be indefensible and could be prone to interruption and degradation when we can least afford [it].”
The German army responded to failed communications in World War I with a doctrine called Auftragstaktik, which assumed that disconnected units still could function productively within the context of their “commander’s intent.” That doctrine has little utility today when the commander’s intent can be impalpable, mercurial or immensurable. A disconnected force is a paralyzed force.
In congressional testimony, Lt. Gen. Charles E. Croom Jr., USAF, commander of the Joint Task Force–Global Network Operations, outlined proactive steps being taken or planned to build, operate, continually assess and defend the IP-based Global Information Grid, the backbone for virtually all military operations. While barriers can be erected against many forms of cyberattack, the defender always is in a react-and-recovery mode. A single disruptive penetration anywhere in any connected network can propagate instantly with potentially devastating effect on military operations.
However, defense is not the only option available in computer network operations. In his March 21 testimony before Congress, Gen. James E. Cartwright, USMC, commander of the U.S. Strategic Command—and the senior military official charged with full spectrum information operations—voiced a need to take offensive actions in the imprecisely defined domain called cyberspace. He told the House Armed Services Committee that the best defense against cyberattacks is to go on the offensive and “apply the same principles of warfare to the cyberdomain as we do to sea, air and land.” He added that the
The Joint Chiefs of Staff define cyberspace as a domain “characterized by the use of electronics and the electromagnetic spectrum to store, modify and exchange data via networked systems and associated physical infrastructures.” How well then will the sanctioned rules and tools governing the military in sea, air, land and space domains apply to the global electromagnetic spectrum—this nebulous, artificial place in which humans interact over networks without regard to physical geography?
The third essential ingredient for superiority in information warfare is a dramatic reduction in system response time. Superiority in the OODA loop battle is measured in minutes at tactical levels. An Air Force official says that the sense-to-kill cycle time for insurgent operations in
No element of national security—military or civil—is immune from disruption of its information networks. Yet, steps to improve information assurance are hampered by ignorance and apathy on the part of owners and users of the network nodes and terminals. Perhaps a September-11-type assault on the nation’s information infrastructure will be needed to end indifference to a very real threat.
Civil libertarians may fuss about vigilante generals policing cyberspace. They should remember that pre-emptive attack in the electromagnetic domain—known as electronic warfare—long has been an essential adjunct to combat and that nascent technologies to focus electromagnetic energy precisely will provide commanders with nonlethal means to meet objectives.
Finally, every word spoken or written about information warfare—this article included—is itself an act of cyberwar. A modicum of saber rattling can be useful if embedded in policy that gives as much attention to risk management as it does to risk avoidance.
Col. Alan D. Campen, USAF (Ret.), is a SIGNAL contributing editor and the contributing editor to four books on information warfare and cyberwar.