ARLINGTON: The Army is reinforcing its combat brigades with cyber soldiers. In 18 months of wargames with a wide range of units — tanks, Strykers, infantry, Airborne, Rangers — Army Cyber Command troops have brought hacking and jamming to bear on the (simulated) battlefield alongside guns and bombs.
The exercises have already revealed cybersecurity shortfalls that prompted the Army to add two network defense specialists to the permanent (“organic”) communications staff of every brigade. Two soldiers per brigade may not seem much, but Army-wide that adds up to over 100 personnel, all skilled specialists in high demand for other cyber missions.
The mock battles have also tested different types of cyber SWAT teams — known provisionally as ECTs, Expeditionary CEMA (Cyber Electromagnetic Activity) Teams — that would be dispatched from higher headquarters to augment brigades as needed for specific operations. The ECT is very much a work in progress. The current design has grown to 15 soldiers, specialists in areas ranging from cyber attack and cyber defense to information operations and electronic warfare.
With limited bandwidth, reliance on erratic wireless networks rather than fiber optic cable, and the ever-present threat of being blown up, battlefield cyber is very different from network operations in quiet, air-conditioned rooms. Called Cyber Support to Corps & Below (CSCB), it’s a tactical effort in service of individual Army corps, divisions, and brigades, each of which has its own networks, its own mission, and its own institutional idiosyncrasies, said Lt. Gen. Paul Nakasone, head of Army Cyber Command. That’s a stark contrast to the strategic role of the 41 Army teams ARCYBER created for US Cyber Command’s National Mission Force, which protects the Defense Department network as a whole.
“Within the National Mission Force, you have a very focused mission in terms of your target, what you’re trying to prevent, what you’re trying to affect,” Nakasone told reporters Thursday. “Cyber Support to Corps & Below, this is art. This truly is art.”
In May 2014, when then-Army Chief of Staff Ray Odierno was being briefed on the stand-up of the then-nascent National Mission Force, he asked, “well, what about the rest of the Army?” recalled Brig. Gen. Patricia Frost, who heads the recently created cyber/EW directorate on the Army staff. A year after Odierno’s challenge, the first ECT exercise with a combat brigade was held, at the Joint Readiness Training Center on Fort Polk, La. Four further exercises followed, light infantry at JRTC, heavy armor and medium-weight Strykers at the National Training Center on Ft. Irwin, Calif. At least one more brigade wargame is still to come.
“At the end of all these rotations,” said Nakasone, “I’m going to come back to the Department of the Army with a recommendation” as to how to train, equip, and organize teams for Cyber Support to Corps & Below. The ECT design has been repeatedly revised based on wargame lessons-learned, which is the whole point of the pilot program.
In particular, electronic warfare specialists — long a neglected field in the Army — are a late addition to the team. Brigades already have a four to six-soldier CEMA (Cyber/ Electromagnetic Activity) cell, but these are headquarters planners rather than hands-on hackers and electronic warfare operators. There’s precious little EW equipment in the Army inventory, as well, with no offensive jammer in service until 2023.
This lack of EW people and equipment is a problem for cyber too: Brigade networks need to be mobile, which means they’re wireless, which makes them just as vulnerable to radio-frequency triangulation, eavesdropping, and jamming as they are to hacking. In fact, at the tactical level, cyber and electronic warfare start to merge — but Army EW barely exists at the tactical level.
What Army EW assets exists are in the hands of high-level headquarters, not corps and below, acknowledged Gen. Daniel Allyn, Vice Chief of the Army Staff. “That’s the area that we are most aggressively working to change our stance and we will ensure that the resources align,” Allyn told an AUSA conference, where Nakasone and Frost also spoke. The Army’s also seeking to accelerate fielding of EW equipment, he said.
It takes cultural change to get some Army officers to take EW and cyber seriously. At a recent meeting of future battalion and brigade commanders, recalled the head of the Army cyber school, Col. Kenneth Rector, “one commander made the point, ‘my job is to maneuver forces and close with and destroy the enemy. It’s not my job to worry about my network… That’s ARCYBER’s job.'”
That attitude — let the geeks take care of cyber and keep out of my way, ’cause I’m a real man with a real war to fight — has complicated the Army’s experiments. When ARCYBER was seeking brigades to embed its experimental cyber teams with, Brig. Gen. Frost said, some units just didn’t want to incorporate the cyber teams into their six-month training plans. (And it’s not just the ECTs: ARCYBER sent some 70 soldiers to August’s National Training Center exercise: trainers, observers, simulated opponents, and advisers as well as the team themselves). Could the ARCYBER guys just show up for the climactic wargame at Fort Polk or Fort Irwin and not bother us before that? these units asked. No, ARCYBER replied, we need to be with you all the way.
Cyber/Electromagnetic Activity needs to get “buy-in from the brigade,” said Col. Jerry Turner, whose 2nd Stryker Brigade Combat Team took an ECT with it to Fort Irwin in January, after six months of training together. “We automatically want to create another stovepipe called CEMA,” he told the AUSA conference, segregating the cyber specialists into their own isolated domain, but that’s a bad bureaucratic habit. Cyber and electronic warfare need to be integrated with everything — artillery fire, ground maneuver, logistics — in a single coherent plan. And that integration has to be the commander’s job, Turner said: “My TOC (Tactical Operations Center) has gotten so complex that the only person who can do all that is me.”
“The network is a warfighting platform, so we need to treat as such,” said Frost. “It is not an it service, it is a warfighting platform… that allows you the ability to shape and execute your operations.”