Tactical cyber warfare within military circles is shrouded by a mystique that confounds many commanders and their staffs. Onerous regulations, extremely high and compartmented classification levels, and authorities that cut across multiple three-letter agencies place many cyber capabilities beyond the reach of most commanders. Determined to have a modicum of cyber capability at their level, tactical commanders send their personnel to credential-producing courses and schools that often cost thousands of dollars only to find out those same personnel then have six-figure job opportunities in the private sector when they depart the service in six months.1 Worse, requests for cyber effects or permissions to conduct offensive cyber operations (OCO) at the tactical level entails a process so burdensome and slow, the optimal window for their use passes quickly, leaving many commanders embittered. Commanders consequently are put in the position similar to that of the mythological Greek king Tantalus, doomed for eternity to stand in a pool of water with low-hanging fruit just out of reach. Just as nourishment forever eludes Tantalus, cyber capabilities likewise seem forever tempting but never available to tactical commanders.
Constantly bombarded by the hype and promises of cyber capabilities, tactical commanders nevertheless find themselves starved of these important resources.2 To rectify this, Department of Defense (DoD) leaders should delegate authorities and classification to lower levels, increase the cyber proficiency of the common service member, and develop a globally accessible, joint cyber warfare knowledge database (JCWKD). These initiatives will not only provide a more sustainable model for long-term institutional advancement, but more importantly, equip tactical commanders with the necessary tools to prevail in every domain.
One of the most frustrating aspects of cyber warfare are the high classification levels and senior-level authorities required to use its tools. Often taking an incalculable amount of resources to develop, many tools become highly guarded and off-limits to tactical units.3 While some are developed for specific purposes and have targeted employments for just the right time or geographic location, others come with an expiration. Systems susceptible to zero-day exploits, unpatched operating systems or applications, and weak encryption are often updated and patched, making previous network reconnaissance or footholds within compromised systems uncertain. In some cases, cyber tools rely on specific system vulnerabilities or other inherent weaknesses. Once they are discovered, malware signatures are developed or configurations are changed, potentially making these tools perishable.4
Yet, other tools can have unintended second- and third-order effects. For instance, a system exploit targeted to disable an enemy communication node could inadvertently disable the shared transmission medium of data to emergency services in a city. In other cases, cyber effects delivered on one target could disable an important collections process for gathering intelligence on an adjacent objective. Therefore, officials at the highest level of the government must adjudicate the employment of many cyber warfare tools among competing agencies. Granted, some cyber warfare tools have dangerous potential to cause significant damage and may have far reaching strategic blowback with many different stakeholders—the cases of Stuxnet and Flame are fresh in the minds of many.5 However, customized malware and difficult scenarios make for unfortunate extrapolations and rigid monolithic policies. This leaves some to question the usefulness of cyber effects at the tactical level when a paralyzed chain of command lacks the willingness to delegate authorities.6
Commanders have always faced strategic consequences when it comes to operating at the tip of the spear. The term “Strategic Corporal” is often cited to evince the consequences of tactical actions by any member of a small unit.7 “Special trust and confidence” is also a hallmark proclamation for the assurance we have in our enlisted service members and commissioned officers to accomplish their assigned missions.8 Extending trust to the lowest levels of an organization also enhances the pace of execution.9 Improving speed of execution relative to our opponents generates the operational tempo necessary to thrive in today’s fast-paced environments.10
Distinguished research fellow at the National Defense University T. X. Hammes states, “rapidly evolving technologies that, when combined, may radically alter the way we fight.”11 Therefore, empowering tactical commanders with the necessary authorities to conduct OCO is a step in the right direction if service leaders are serious about empowering their commanders. If not, the momentum generated at the tactical level will become frustrated as requests grind through multiple levels of blinkered bureaucracy resulting in missed opportunities. Additionally, a reduction in the classification level for some cyber warfare tools will allow more individuals in a command to understand the implications of these capabilities, while inviting a more comprehensive discussion on their use. Such an approach will help elucidate risks and expand opportunities for commanders by unshackling their ability to operate in all domains effectively. Furthermore, commanders can benefit from DoD increasing the overall cyber capabilities of its workforce writ large.
The U.S. military can no longer ignore the need to increase the cyber professionalization of all service members. The current trend is to send only certain occupational specialties to more-advanced cyber training. Frequently few in number, these same personnel possessing high-level clearances are the only ones who participate in cyber exercises such as Cyber Flag, therefore limiting the exposure and experience most unit members receive.12 This is a mistake. Cyber key terrain is everywhere, especially at the tactical level. From sensor networks and geographically isolated networks in austere locations to mobile devices, having enough fully trained cyber personnel becomes challenging to support an ever-growing ecosystem of technology. The introduction of autonomous systems, additive manufacturing, and mobile phones will geometrically increase the workload of the few cyber professionals most units possess. Therefore, the ubiquity of cyber throughout the operating environment requires all personnel have a heightened understanding of cyberwar when it comes to their specific functional areas.
For these reasons, the current DoD cyber awareness training mandated for all personnel falls woefully short in building the necessary vigilance toward increasing cyber threats on different fronts. For example, each functional staff may collectively use a dozen different web-based and locally hosted applications to accomplish their missions. Multiplied by five or six functional sections, the number of applications and appliances that may require monitoring quickly becomes overwhelming for the few available cyber professionals.13 Observing the number of contractors on today’s battlefield is a telling sign that the DoD cannot keep pace with the continual fielding of information technologies.14 Moreover, as future scenarios unfold where the electromagnetic spectrum is contested and may prohibit reach-back assistance, operators should have the tools at the tactical level for their given mission profile.
Similar to how every Marine is a rifleman, every service member will need to become a cyber operator in some capacity. To be sure, trusting a larger group of operators with cyber warfare tools and authorities may cause some to balk at this proposal. However, creating a globally accessible database of information and know-how will provide more cyber operators the means for correctly employing cyber warfare tools, while generating feedback to the larger community of practice (CoP).
A JCWKD would provide a means to capture lessons learned and after-actions and help refine future use of cyber weapons, while also establishing feedback mechanisms on the efficacy of current tools and tactics, techniques, and procedures. Such a database would globally crowdsource content from the entire CoP, making it a central repository for the most up-to-date intelligence, while also supporting enterprise features envisioned for DoD’s Joint Information Environment (JIE).15 Complementary hybrid cloud architectures also can allow JCWKD information to reside locally and off-premise, helping to strengthen security and overall management. Employing knowledge curators for husbanding the JCWKD content would ensure information is updated on a regular basis while culling and archiving stale data. Customizable dashboards and alerts would provide operators a single management console with the most important information at their fingertips. Furthermore, adopting blockchain technology will help ensure transactions made to the JCWKD are accurate and trustworthy across many disparate organizations.16 JCWKD would also provide seamless features for routing applications for cyber effects, therefore making chain of custody easier to oversee and approve at higher echelons.
A central repository of knowledge has the potential to become a foundational training database for the development of artificial intelligence (AI) applications. In a recent study from Harvard’s Belfer Center, “Artificial Intelligence and National Security,” authors Greg Allen and Taniel Chan argue that, “The use of robotic and autonomous systems in both warfare and the commercial sector is poised to increase dramatically.”17 Given the speed at which transactions in the cyber domain take place, it is no wonder that AI applications hold the promise to act more responsively in both cyber defensive and offensive scenarios. If the Defense Advanced Research Projects Agency 2016 Cyber Grand Challenge is any indicator of future cyber warfare, artificial intelligence will become a dominant technology for every advanced military. Whether it is building a comprehensive cyber database for enhancing near-term knowledge transfer or long-term training of AI applications, the DoD cannot afford to ignore the potential this capability holds to bring cyber warfare to the tactical level.
Keeping cyber warfare capabilities out of tactical commanders’ hands blunts their ability to conduct true combined-arms across all warfighting domains. Additionally, adversaries that operate with greater freedom of action will engage at a tempo that could outpace the current request process for cyber effects, giving them a first-mover advantage. The relentless introduction of innovative technologies to the battlefield will further demand more of the U.S. military’s already overextended cyber personnel. Tactical commanders ought not long for alimentary crumbs of cyber capability to fall from the combatant commander’s banquet table. The DoD and its cyber high priests need to break the curse of King Tantalus currently encumbering tactical commanders. By delegating authorities, collectively improving the cyber acumen of all service members, and creating a robust database of cyber warfare knowledge, DoD leaders will set the table to allow tactical commanders to be swiftly postured across all warfighting domains.
1. Neal F., “Cyber Force Generation,” Marine Corps Gazette, 101, no. 2, February 2017.
2. “Cyber Steps up Its Role on the Battlefield,” Marine Corps Times, 25 August 2014.
3. Max Smeet, “How Much Does a Cyber Weapon Cost? Nobody Knows,” Council on Foreign Relations Blog, 21 November 2016.
4. Christopher Bartos, “Cyber Weapons Are Not Created Equal,” U. S. Naval Institute Proceedings 142, no. 6 (June 2016).
5. Scott Neuman, “As The Worm Turns: Cybersecurity Expert Tracks Blowback From Stuxnet,” National Public Radio, 1 June 2012.
6. Andrew Metcalf and Christopher Barber, “Tactical Cyber: How to Move Forward,” Small Wars Journal, no. 12, September 2014.
7. Charles C. Krulak, “The Strategic Corporal: Leadership in the Three Block War,” Marine Corps Gazette, 83, no. 1, January 1999.
8. Richard M. Swain and Albert C. Pierce, The Armed Forces Officer (Washington, D.C.: National Defense University Press, 2017), 7.
9. Stephen Covey, The Speed of Trust: The One Thing That Changes Everything (New York: Simon and Schuster, 2006), 255–257.
10. U.S. Marine Corps, “Marine Corps Doctrinal Publication (MCDP 1): Warfighting,” United States Marine Corps (1997), 72.
11. Thomas X. Hammes, “Technologies Converge and Power Diffuses,” Policy Analysis, CATO Institute, 786, 27 January 2016, 3.
12. DoD News Release, “Cyber Flag’ Exercise Tests Mission Skills,” 12 November 2014.
13. Michael Echols, “The Looming Cybersecurity Crisis And Why Opportunity Youth Are The Solution,” Forbes, 18 January 2017.
14. Michael T. McBride, The Proliferation of Contractors on the Battlefield a Changing Dynamic that Necessitates a Strategic Review, U.S. Army War College Strategic Research Project, 2003.
15. Defense Information Systems Agency, “Enabling the Joint Information Environment | Shaping the Enterprise for the Conflicts of Tomorrow,” 5 May 2014, 7.
16. Jill Richmond, “Advancing Cybersecurity with Blockchain Technology,” NASDAQ, 26 April 2017.
17. Greg Allen and Taniel Chan, “Artificial Intelligence and National Security,” Belfer Center for Science and International Affairs, July 2017, 15.