29 January 2020

How military hacking can improve

Mark Pomerleau

It’s not just the United States that has unique offensive cyber capabilities.

In a March 27 speech, Mike Burgess, Australia’s director general of the Australia Signals Directorate, detailed how his government’s hackers conducted operations against ISIS in Syria to aid military ground forces as part of the global coalition to defeat the terrorist group.

Burgess said this was “the first time that an offensive cyber operation had been conducted so closely synchronized with the movements of military personnel in theater.”

The Australian offensive cyber operation took place in conjunction with a ground raid on an Islamic State position and degraded ISIS communications 11,000 km from the battlespace so commanders couldn’t connect to the internet or communicate with each other.

The operation is similar to those described by U.S. officials, who have detailed operations conducted by U.S. Cyber Command as well as partner forces supporting ground operations as part of the coalition.


In some cases, U.S. officials have described the importance of the partnerships and capabilities of other nations in these contexts because sometimes the United States might not have the authority or the access to conduct the cyber effect itself.

“What we recognize is we have some foreign partners that give us very unique access or very unique capabilities. They operate off of different authorities that compliment our own authorities so they are very, very important,” Lt. Gen. Stephen Fogarty, commander of Army Cyber Command, told reporters in October.

“Episodic synchronization”

The nature of remote cyber operations, despite common conception, are incredibly arduous. They involve first gaining access to adversaries’ networks, mapping those networks to understand where things are and then figuring out how to degrade or destroy portions of the network. Complicating matters further, if an adversary changes portions of the network via a software patch — an anomaly with no physical world comparison — the access gained could be negated.

In the Australian example, Burgess said, “While the effect was almost instantaneous, it took weeks of planning by specialist ASD and [Australian Defense Forces] personnel to make sure it all went exactly to plan.”

Indeed, despite the success of the Australian cyber operation and other similar operations detailed by U.S. officials, others have lamented that such operations today take too long to plan and only have a limited effect.

Despite some recent successes, the military is continuing to have cyber integration challenges.

“We’re going to have to do better than what I call today ‘episodic synchronization.’ We’re going to have to do continuous integration,” Gen. Stephen Townsend, commander of Army Training and Doctrine Command, has said.

He described a similar operation to the Australian example from his time commanding the anti-ISIS coalition.

“We’re going to have to generate sophisticated, multidomain operations in minutes and hours, and those operations will have to last days and weeks,” rather than operations taking weeks to plan and only lasting minutes or hours, he explained.

No comments: