Senate Armed Services Committee wants DOD to explore ‘tactical’ cyber employment

The Senate Armed Services Committee wants the Department of Defense to examine its use of cyber power beyond the forces of U.S. Cyber Command.

A provision in the committee’s version of the annual defense policy bill, of which an executive summary was released Friday, would require the secretary of defense to review future force employment concepts for cyber operations. The full text of the bill has yet to be released.

Senior congressional officials that briefed reporters Friday pointed to the fact that to date, cyber operations and forces have largely been focused on the strategic level. More and more, there are other avenues to conduct digital actions, officials said, to include tactical cyber.

In fact, the DOD updated its cyber doctrine at the end of 2022 to include for the first time a definition of what it called “expeditionary cyberspace operations,” defined as “[c]yberspace operations that require the deployment of cyberspace forces within the physical domains.”

That recognition was significant given authorities to conduct cyber operations were held at the highest levels of government for many years due to fears that such activities could have unintended consequences or spread into networks beyond the intended targets.

Cybercom owns the offensive cyber capabilities within DOD, and the services conduct offensive cyber operations through Cybercom and the cyber mission forces that each service provides to the command that operate from static, remote locations, mostly focused on IP-based networks.

However, increasingly, there are targets that either aren’t reachable through IP networks or remote access might not be possible. And as DOD has matured its cyber policies, doctrine and capabilities, the reins have begun to loosen up.

Certain factions have sought to use more proximal effects conducted through radio-frequency, which require fewer levels of approval to conduct operations at the very tactical level.  

Several of the services have begun investing in capabilities and forces for their own offensive activities. However, that is mostly in the blended electronic warfare or RF-enabled sphere at the tactical level.

While individual services have started developing and even deploying such forces, all cyber operations must still be connected through Cybercom.

For example, the Army created the 11th Cyber Battalion — which stemmed from the 915th Cyber Warfare Battalion before it — a unit that provides tactical, on-the-ground cyber operations (mostly through RF effects), electronic warfare and information ops. It consists of four companies with over 300 personnel total and five expeditionary cyber teams, which are scalable formations designed to augment units upon request. The Army was recently approved to create another unit called the 12th Cyber Battalion.

The Air Force in the last year or so has developed a concept called Cyber Enabled Air Superiority (CEAS), that aims to use organic Air Force cyber assets to protect its critical missions, such as safeguarding fighter jets from cyberattacks. While the concept is still emerging, the Air Force re-missioned a National Guard unit to initially take charge of the effort.

The Navy has been building what it calls non-kinetic effects teams that are afloat assets to provide cyber, electronic warfare and other similar capabilities for commanders at sea.

The Marine Corps has developed information units for its Marine Expeditionary Forces that include cyber, intelligence, EW and information-related capabilities.

Cybercom has recognized these capabilities, and command officials have begun exploring ways to utilize them, especially as they can serve as entry points for its high-end operators to access hard-to-reach networks that might not be connected to the internet.

These efforts also fit into the concept of the modern triad, which consists of combining the capabilities of space, cyber and special operations forces to create military packages greater than the sum of their parts. SOF are located in some of the hardest places on earth, giving them the opportunity to get close to targets and potentially providing access and entry points for cyber effects.

Given this growth in the concept, the Senate Armed Services Committee also wants the review to encompass the types of personnel DOD will require to conduct cyber operations of all kinds in the future. To date, that has only really included the cyber mission force. As referenced, this could include a much larger pool across the conventional and even special operations forces beyond the Cybercom enterprise.

The summary of the policy bill states the review would include an assessment of personnel policies that could be needed to support any such evolving cyber force, though committee officials clarified this has nothing to do with discussions surrounding the potential creation of a separate and distinct service, or Cyber Force.

“We have focused a lot of this around how we man, train and equip for very exquisite cyber mission forces. There is a bigger pool of people out there,” an official said. “How are we going to employ that full scope of people and how do we need to adjust the personnel policies to be able to keep that flow of people?”