If we made one mistake, it was that we fast-tracked some operational concepts and allowed them to gain inappropriate influence while unproven by history, experimentation, and current operations.
– General James Mattis, U.S. Marine Corps
Keeping up with the Navy’s information warfare (IW) community was tough even when I was on active duty. So, I will confess up front that I had little familiarity with “interactive on-net operators” or “cyber warfare engineers” before reading “Navy Cyber Needs a Refit” by Lieutenant Commander Dusty McKinney and “Cryptologic Warfare Officers Cannot Do Cyber” by Lieutenant Commander Derek Bernsen in Proceedings recently. What I do have is a residual hypothesis from my active-duty days that both articles strongly corroborate: Navy offensive cyber doesn’t exist.
The United States has had military successes in cyberspace and will need many more. The question is the extent to which those successes depend on the U.S. Navy owning an offensive cyber mission. Real capability appears to exist at the national and perhaps joint military levels. But the word on the waterfront is that on board the USS Cyber, the guns are gold-plated papier-mâché. The magazines are empty. There are superstars scattered among the crew. But for the most part, the only things the officers in the wardroom can do well are man the rails and request funding.
The situation calls for actions that go beyond offensive cyber. They extend to the entire IW project—the behemoth of doctrine, organization, and commanding officer billets that cryptologists, principally, TED-talked the Navy into building over the past two decades. The condition of offensive cyber is an entirely predictable result of the Navy implementing IW by shoehorning its information-centric capabilities into the mold of the unrestricted line (URL). That mistake continues to erode the specialized restricted line communities—intelligence, cryptology, information professionals, and meteorology/oceanography—who formed the information dominance corps cum information warfare community (IWC) back in 2009. Visions of URL status were always part of IW’s allure, and offensive cyber featured prominently in the pitch.
Where are we in 2022? Sure enough, offensive cyber seems to be dying ironically in the embrace of an IWC that smothers the specialization necessary for it to thrive. McKinney and Bernsen’s pleas for a cadre of offensive cyber experts laser-focused on their core competency—as opposed to being laser-focused on broadening their resumes for “command at sea” someday—echoes the alarms that some of us sounded since the inception of the IW community. They also ring true with every planner whose inquiries into available cyber options were answered with a blank form to “state the requirement.”
The real tragedy in all this is the waste of time and resources, including the talented and dedicated service members with cyber expertise whom the Navy has been lucky enough to have. The root cause, evident in McKinney and Bernsen’s testimony, is a community culture that prioritizes careers over competence. Consequently, instead of producing information warriors in its officer corps, what the enterprise really produces are clerics of information warfare theology. Their sermons convinced a generation of Navy four-stars that all we had to do to bring cyber warfighting to fruition was implement one last bold doctrinal or organizational reform; perform one more leap of faith that executing software code is militarily no different than flying a Super Hornet.
It was a metaphorical avenue whose inviting breadth in theory always exceeded its length in practice. Even after the smooth pavement started turning into a thicket of poor results, contradictions, and absurdities, Navy leaders have continued onward, as if turning back would endanger their credentials as futurists.
Granted, offensive cyber is a unique animal in the IW zoo. In terms of force employment, its mission of achieving effects against adversaries is consistent with the surface, subsurface, and air units that constitute the Navy’s “line” of maneuver forces. So, thinking of offensive cyber as a new URL-like warfare capability is much more defensible than stretching that description to everything the Navy now groups by fiat under IW—a sleight of hand that proponents have masterfully parlayed into the empire we see today. But offensive cyber never belonged on the Navy’s URL list, for a different reason: Force development is completely different.
In other words, there is nothing inherently naval, or even inherently military, about developing the offensive cyber capability needed to support naval missions. McKinney and Bernsen keenly identify shortfalls in training, bonuses, and career tracks, but these are just droppings from the elephant in the room: Offensive cyber is incongruent with the parameters of manning, training, and equipping that define the armed services. The skills take too long to build, and their market value is in a different universe than military pay. Once the skills are attained, having these people do anything else for an hour is questionable—for a three-year tour, madness. Developing and, in most cases, delivering cyber “fires” does not require practitioners to be anywhere near combat, so they do not need basic training. The number of pushups they can do is irrelevant. The list goes on. Every second of a potential cyber warrior’s time wasted on these distractions accrues directly to the benefit of U.S. enemies.
So What Now?
If the Army, Air Force, or Marines are having greater success with offensive cyber, the Navy should learn from them. But I suspect the natural accumulation of cyber competence at the National Security Agency is a clue that our nation’s offensive cyber warfare capability will ultimately be grounded in a national civilian agency, not the armed services. If we think clearly about the best ways to produce cyber warriors and channel their skills, they have more in common with satellites than with sailors.
The Navy should not only remove offensive cyber from the cryptologic warfare community’s portfolio but stop trying to produce the capability entirely. That, in turn, should trigger honest reflection about how we would have configured the IW community, or even formed it in the first place, if we had known it would fail to produce results in offensive cyber. The ideal end state for these officer communities might look something like this:
- The information warfare and cryptologic warfare communities are disaggregated.
- Naval intelligence incorporates two “feeder” routes: An all-source path like the status quo and a signals intelligence (SIGINT) specialist path based on Navy cryptology. They merge at the O-5 level. This is where the reorganization in 2009 should have stopped. It acknowledges that SIGINT collection and analysis are functionally subordinate to intelligence overall—a source of angst for some cryptologists that explains much of Navy IW’s history—but it does so by giving SIGINT specialists opportunities to lead all-source intelligence teams at the strike group level and higher. In return, officers from the all-source path would have greater access to Navy cryptology’s crucial leadership positions in the SIGINT world.
- Information professionals (IPs) remain focused on the immense task of running communication systems and networks. The latter includes much of the defensive side of cyber, where the case for service-grown capability is indisputable and the Navy has naturally produced better results. Effectiveness in this realm could be much more consequential than potential heroics in cyber offense.
- A new signature management specialty, continuing important work over recent years centered on an afloat information warfare commander (IWC), focuses on the tradeoffs between active and passive operational profiles. These professionals are experts at how communications, sensors, and maneuver might reveal our force disposition to adversaries. They don’t command anything themselves, but their advice to commanders and monitoring of signature control is crucial for operations at sea. The best template for this skill set is not an entire community or even a dedicated career path, but rather something like a high-end Additional Qualification Designator (AQD) earned with experience and training, similar to targeting now. Signature management today is marketed as “IW,” but it is integral to all forms of warfare—a fighter performing a Doppler notch maneuver is managing its signature—so the specialty would be open to both URLs and the restricted line.
- Similarly, for offensive cyber, the solution is not a community in the Navy that aspires to execute those missions, but rather an AQD for professional planners who have the education, experience, and highly compartmentalized access to understand how offensive cyber capabilities at the national level can deliver effects that support naval warfare. They are the bridge between the Fleet and an external agency free to manage human resources for offensive cyber outside the military model.
What would the implications of these changes be for Navy IW’s infrastructure, including OpNav N2N6 in Washington, Navy Information Forces (the IW type command in Suffolk, Virginia), and the U.S. Tenth Fleet in Fort Meade, Maryland? Patriotic taxpayer answer: I don’t care. The Navy should optimize its manpower structures for the Fleet’s warfighting lethality, which includes breaking the IW community back down into logical components and cleanly outsourcing the execution of offensive cyber. The bureaucracy can adjust. If the IW segment of the Navy has developed one authentic skill since 2009, it is handling dramatic organizational upheavals.