This is part two of a two part series.

The Department of Defense has complicated relationship when it comes to authorities and cyberspace operations.

Traditionally, the authority to conduct offensive and defensive remote cyber operations abroad has triggered an approval process that rests with the president and can be delegated to lower levels.

However, despite the fact the military is maturing its cadre of cyber warriors within U.S. Cyber Command, Army leaders say tactical commanders want to control cyber capabilities on the battlefield given the nature of the trajectory of future wars.

The Army is trying to figure out what additional authorities, if any, it needs to conduct tactical cyber operations. (Steve Stover/Army)
The Army is trying to figure out what additional authorities, if any, it needs to conduct tactical cyber operations. (Steve Stover/Army)

The Army, for example, is gaming out what types of cyber electronic warfare and information operations capabilities should exist at what echelons in a pilot called Cyber and Electromagnetic Activity (CEMA) Support to Corps and Below (CSCB).

While there are significant force structure issues to be determined throughout this process, the Army is also working through the authorities it might need to achieve specific effects.

“As we work this CSCB … people historically said that’ll never be delegated to a [brigade combat team] commander,” Ronald Pontius, deputy to the commanding general at Army Cyber Command, said during a March 8 keynote during the AFCEA Army Signal Conference. “But that’s partly what we’re learning in doing these rotations.”

A brigade combat team operates in a robust social environment, he said, adding items will be posted to social media websites and the brigade has to be cognizant of those items and how they may affect mission and maneuver.

This involves “how are the social conditions chang[ing], is there something you might be able to do when social media takes over in a given area and there are things we’re doing to be able to look at that to combat streams on Twitter or to take a look at what’s being posted on Facebook and how do you deliver information operations message in support of a populace you’re trying to defend,” Lt. Gen. Paul Nakasone, commander of Army Cyber Command, told reporters during a media roundtable at AUSA’s annual meeting in October.

Part of what’s being learned in the CSCB pilot is how can offensive and defensive capabilities can be integrated and what kinds of authorities need to be delegated, Pontius said.

Lt. Alvaro Luna, an offensive cyber planner, told reporters at AUSA, that Army leaders are seeking to gain access to routers, switches and Wi-Fi connections to refine the targeting process of high value targets that might be in an adjacent city.

“If we have access to certain camera feeds, if we have access to who’s in a city, we can piece together that intelligence to aid the commander in their scheme of maneuver,” he said.

Nakasone added that in a real mission context, a brigade might want to prevent this target from talking or they might want to track this target as they made their way above the city through a number of different cameras that these tactical cyber units could hijack.

Evolving authorities

Pontius told Fifth Domain following his remarks that the Army is still collecting data and analysis from the pilots to engage with the larger community to help evolve the current authorities. This larger community could include Congress, the Joint Staff, the office of the secretary of defense all the way to the executive office of the president.

The Army is close, but not there yet, he said, because it wants to continuing doing a series of experiments with different parameters, Pontius said.

“Go back to the early stages when the secretary of defense said get at ISIS – I think you’re aware there were a lot of concerns in the interagency process that said no you can’t do this, no you don’t have the authority,” Pontius told Fifth Domain. “But we were able to work that discussion by not having a generic or philosophical discussion but said here’s the specific capability – we end up calling mission packages – here’s the capability we’re proposing and then we were able to have the right conversation in the interagency that said, ok I understand that.”

As the service continues working its way through the tactical level and deliver lessons learned – which it’s striving for the end of FY18/beginning of FY19 – it’s possible it might not even need to approach the larger community to ask for more authorities.

“At a certain level, commanders have the ability to make decision with electronic warfare,” Pontius said, indicating that there are some effects – especially at the local level – that can be achieved using electronic warfare, vice cyber avoiding the authorities discussion altogether. “We don’t know that yet. We’re still working our way through that.”

The CSCB rotations are working on the roles of cyber verses EW.

“What I’ve seen a bunch of times is they go hand in hand really well,” Luna said.

He added that often cyber operators can perform communications and wireless denials of local area network and the question is should they be doing that when EW can easily go out there and do the same effects with their weapon systems.

“There may not be a need for using cyber effects to do EW jobs,” he said.

The best scenario for when EW would be a better tool than cyber, Luna explained, is anything over the air such as cellular. “We’re really trying to go through the network and get access instead of sitting on a mountain top and gaining access from a Wi-Fi network,” he said.