This is part one of a series detailing Army efforts to advance and integrate tactical cyber, electronic warfare and information operations within traditional forces.

The Army is experimenting with new concepts, capabilities and forces that will be needed within traditional formations as cyber, electronic warfare and information operations become the new normal.

The service’s Cyber Blitz exercise wrapped up its third iteration at the end of September. Launched in 2016 to help the Army learn how to mature cyber operations within traditional units, the experiment serves as a chance for the Army’s cyber community to be the main training audience.

The most recent Cyber Blitz, hosted at Joint Base McGuire-Dix-Lakehurst in New Jersey, set out to explore how cyber forces and capabilities that traditionally belong to a division work with a brigade during a campaign. It also aimed to help prototype new cyber, intelligence and electronic warfare units the Army is standing up.

The Army is looking to stand up a variety of forces with varying degrees of cyber and electronic warfare capabilities to better align related capabilities and create a more lethal force in a modern battlefield.

These forces included:

  • Expeditionary cyber teams — typically a division asset — to bring more cyber capabilities to bear for the brigade commander.
  • Cyber Warfare Support Battalion — a unit already approved by the Army that will fall under Army Cyber Command and serve Army-specific missions, not U.S. Cyber Command joint missions — to integrate intelligence, cyber, electronic warfare, signals, information operations and fires into one formation.
  • Intelligence, cyber, electronic warfare and space (ICEWS, pronounced IQs) detachment — an experimental detachment (part of the Army’s multidomain taskforce in the Pacific) that will integrate all the capabilities of its namesake plus signal, information operations and targeting to support the multidomain task force counter-anti-access/area denial mission, which will be piloted in the fall.

Officials described to Fifth Domain how the Cyber Blitz scenario involved a fight against a near-peer enemy. In this case, the 3rd Brigade, 10th Mountain Division — the actual brigade that was participating and integrating the cyber capabilities within its normal schemes of maneuver — had to move into a country, push out a near-peer threat and reestablish the boarder. This included an air assault at the beginning of the operation.

“We looked at how can we utilize cyber and EW to help set conditions for that air assault to happen,” Lt. Col. John Newman, the deputy commander of the brigade at Cyber Blitz, said.

“Maybe we need to affect some of the communications that are on the ground there to prevent the enemy from realizing that we’re coming in or getting the word out that we are in the process of doing our air assault.”

Army campaign

Cyber Blitz took place as Army leaders consider some radical force structure changes in the cyber and EW space to compete with near-peer nations.

Richard Wittstruck, the Cyber Blitz director, described the campaign plan the Army is evolving, which begins with laboratory demonstrations for emerging technologies then demonstrating those emerging technologies in experiments such as Cyber Quest at the Cyber Center of Excellence.

Some of these emerging technologies are fed into Cyber Blitz, along with programs of record, to test how soldiers like them and how they might help operations.

Cyber Blitz works as the first true integration phase for putting these emerging technologies, concepts and forces together before they are integrated with real brigades during combat training center rotations .

Officials also described to Fifth Domain how the Army is looking to capture lessons from the experiment that will go toward information and updating Army doctrine.

‘Seize the objective’

The Army is learning that all aspects of cyberspace — most of which had been previously reserved for the highest and most strategic levels of the military and government — will be part of the brigade commander’s purview.

“First and foremost a lot of what’s been described in the cyber domain has to be set by Col. Newman in timing and tempo for the first time,” Wittstruck said. He added that the brigade had to take an active leadership role in articulating a maneuver plan and charging cyber personnel to support it.

For the first time, Wittstruck said, the Army broke down some previous barriers. For example, the brigade must tell the expeditionary cyber and electromagnetic activities (CEMA) team commander what they need, when they need it and why they need it as it integrates into the maneuver plan at the brigade level.

Part of this discussion is the notion of a commander needs to dominate in what’s called gray space — space that is not owned by either friendly forces or the enemy — to seize certain objectives as part of their overall campaign. This could manifest itself in the seizing of an oil pumping station due to its importance on the national economy. In the future, Army leaders believe it won’t be enough to physically control the pumping station and surrounding territory, but forces must control the virtual network as well.

“What good is it to win the terrain if the enemy can simply by computer network turn off the pumping,” Wittstruck asked.

Moreover, one of the other additions planners introduced to this year’s Cyber Blitz was the inclusion of split-based operations with a Special Forces detachment that operated from Muscatatuck urban training site in Indiana, more than 1,000 miles away.

These Special Forces units worked with the new multidomain detachment to perform cyber reconnaissance from a remote location during early phases of the operation. Once completed, the special forces units moved to support the ICEWS to establish the cyber objective of the target such as the pumping station.

“In that regard it’s been a very good split-based op,” Wittstruck said.

Part two examines what lessons the traditional maneuver brigade took from integrating cyber capabilities within its operations.