27 April 2017

The Case for Synthesizing Electronic Warfare and Cyber


The two separate worlds of electronic warfare and cybersecurity are beginning to overlap, if not collide.

In the U.S. military, electronic warfare and cyber capabilities live in different military domains, delivered by operators who exist in different military units and who largely grew up in different career fields.

The National Security Agency and the uniformed services have rushed headlong to demonstrate leadership in the cyber domain. But they have exerted less energy trying to determine how to use these capabilities in a coordinated way in the highly contested electronic battlefields of the future.

This can’t go on. We need a “sea change” strategy pivot to better prepare for more sophisticated threats that are further along combining their electronic warfare and cyber assets.

Some background: In the 1990’s, electronic warfare became less cool. Gone from the Air Force fleet were aircraft such as the F-4G and EF-111, two Cold War platforms 100 percent dedicated to jamming or destroying adversary radars. The Air Force Electronic Warfare Center (AFEWC) became the Air Force Information Warfare Center (AFIWC).

The job once done by aviators and intelligence officers who called themselves electronic warfare officers was downgraded to functionality that resided in a pod hung on to an aircraft. At least that was the conventional wisdom at that time. Throughout that transition, many became concerned that the “operational art” of electronic warfare perfected at the AFEWC and other parts of the Air Force was gradually eroding.

Geopolitical changes in this decade justify those concerns.

There is evidence that at least one potential rival – China – views electronic warfare and cyber as complimentary assets that could neutralize the technological superiority of the U.S. military in any future conflict. The Pentagon’s “2016 Annual Report to Congress: Military and Security Developments Involving the People’s Republic of China,” highlights the Peoples Liberation Army’s ambitions in the area, citing efforts to couple electronic warfare, cyber, and counterspace operations to “deny adversaries the advantages of modern, information technology-driven warfare.” Any potential conflict with Taiwan, for example, would likely involve heavy use of coordinated electronic warfare and cyber attacks to neutralize Taiwan’s command-and-control and radar systems. Chinese military doctrine includes concepts such as “Network Swarming Warfare” that would blind the enemy by integrating cyber, electronic warfare, space control and kinetic weapons under one command.

Not to be outdone, our friends in Moscow are actively integrating their own electronic warfare and cyber capabilities. The Russians’ recent military operations in the Crimea and Ukraine included heavy use of cyber and electronic warfare to confuse and disrupt the Ukrainian response to Russian enchroachment in the region. The well-documented cyber attack on parts of the Ukrainian electrical grid offers further insight into a third option, namely using cyber to totally disrupt the electricity of a Russian adversary. Instead of manipulating a network with a cyber attack, or jamming via electronic warfare assets, turning off the lights is now another frightening option.

It is reasonable to assume that the Russians might try replicate their success in interfering with the U.S. presidential election in other theaters of operation. In 2015, threat intelligence provider LookingGlass reported evidence of a Russian cyberwar campaign to support gaining intelligence on troop movements and reconnaissance.

A final example is worth emphasizing. In December 2011, the Iranians reportedly used cyber capabilities to bring down a U.S. RQ-171 drone. Regardless of the veracity of the report, it’s fair to assume that more sophisticated adversaries of the future will possess this capability to disrupt military operations using cyber tools. Given geopolitical ambitions of U.S. rivals, it’s particularly important to synthesize our efforts in the electronic warfare and cyber realms in order to confront a sophisticated threat such as Russia or China on the battlefield of the future.

Unfortunately, the U.S. has been lulled into a false sense of security over the last two decades by the electronic warfare and cyber capabilities of our adversaries in South Asia and the Middle East. As savvy and adaptable as ISIS, the Taliban, and their Islamist allies have been, they have been less able to challenge U.S. forces electronically. The U.S. has had the equivalent of air supremecy in the networked and electromagnetic spectrum throughout the conflicts against the different radical Islamist franchises. That will not be the case should the U.S. collide with the Russians or Chinese in a future conflict. Both countries possess talents in the electronic warfare and cyber realms that are second only to those of the U.S. military.

There is another strong argument for accelerating tighter coordination of electronic warfare and cyber forces in our military. It makes economic sense to steal a technology term, both “scale” particularly well, meaning that they can have a theater-wide impact during hostilities. The reported use of a “kill switch” by the Israeli military to disable the Syrian integrated air defense during the 2007 raid to destroy the Syrian nuclear facility is an example – real or fictitious – of the impact a cyber attack might have against an adversary. Coordinated with theater-wide electronic warfare and kinetic weapons, the ability for cyber to disrupt and confuse an adversary has fueled its ascendancy within the military services. Coupled with electronic warfare, it can have an even greater effect.

The U.S. might have reached a high water mark for the operational use of electronic warfare during Desert Storm more than 25 years ago. The coordinated use of electronic warfare coupled with targeting certain Iraqi command-and-control facilities, effectively knocked out the eyes and ears of the Iraqi integrated air defense for the totality of that conflict. Although Desert Storm pre-dates the modern Internet, and cyber was a minor component in the 1991 war, a more recent example of offensive cyber sabotage and exploitation in North Korea likely uses network connectivity. Recently the New York Times reported alleged U.S. efforts to disrupt North Korea’s nuclear ambitions, most likely by using network connection between Pyongyang and the rest of the world. According to the reports, the U.S. military has been trying to disrupt North Korea’s supply chain, command and control, and launch operations in an effort to slow down that country’s nuclear research and development efforts. 

It’s reasonable to assume that any military options to counter North Korea’s nuclear threat undoubtably contain components of electronic warfare and cyber to maximize the element of surprise, and, as happened in Iraq, knock out and confuse the adversary command and control.

However, the use of offensive cyber capabilities for disruption might be a double-edged sword. U.S. weapon systems might have vulnerabilities, given that cybersecurity resiliency requirements were not built into the acquisition process. Concerns are compounded by the possibility that electronic components manufactured in countries such as China can be compromised.

Electronic warfare and cyber evolved from related disciplines within the U.S. military, but many contend that cyber’s ascendancy should not come at the expense of another powerful military, yet rarely mentioned capability – electronic warfare. The two capabilties are more tightly coupled than convential wisdom and U.S. military leaders might admit. There is strong evidence to support the argument that the U.S. should revisit its current approach, apply what it learned over the last several decades in the electronic warfare realm, and more tightly integrate electronic warfare with recently-developed cyber capabilities.

At least one potential adversary sees the value of doing just that.

No comments: