[Editor’s Note: Mad Scientist has observed the following trend in our guest blog post submissions and crowdsourcing contests: while just about everyone recognizes the significance of the cyber domain on Competition and Conflict, it’s our younger contributors — Millennials and Gen Z’ers who either came of age with, or were born into the world dominated by the internet — that seem to grasp the severity and the potential scope of disruption that non-kinetic operations in the cyber domain can wreak. Today’s post — a semi-
finalist in our Mad Scientist Writing Contest on the 4C’s: Competition, Crisis, Conflict, and Change — is no exception. CPT Casey Igo and CPT Christian Turley tackled the following contest writing prompt:
How will our competitors deny the U.S. Joint Force’s tactical, operational, and strategic advantages to achieve their objectives (i.e., win without fighting) in the Competition and Crisis Phases?
… and crafted a compelling case arguing that “the future of war will be defined by the cyber fight” — Enjoy!]
Future conflict outcomes in the next 10-15 years will not solely be judged by what combatant possesses the greatest number of armed personnel or the most lethal materiel. A multi-domain battlespace already exists, and our adversaries will certainly exploit such a varied landscape. The next conflict’s battlespace shall exist virtually as well as physically. The drastic increase in cyber warfare, leveraged by our adversaries, may tip the scales or dull the knife of US combat power before a shot ever leaves a rifle. Cyber warfare will not be a standalone offensive; foreign powers will seek to use their digital influence to shape the narrative, dis-inform, and erode support before a declaration of war passes Congress. The use of elite cyber warriors coupled with a robust weaponized social media enterprise will inflict harm before US forces ever see the enemy.
The first cyber-attack happened over 30 years ago. The creation of the Distributed Denial of Service attack, built when the internet had very limited reach and was not networked across DoD materiel and infrastructure, still wreaked havoc worldwide — both financially and architecturally. The Stuxnet computer worm, some 20 years later, crippled Iranian centrifuges and disrupted their uranium enrichment program. This highly complex weapon system fit in an adversary’s pocket. A USB drive, loaded with a “worm,” enabled attacks on Supervisory Control and Data Acquisition (SCADA) computer systems, something easily passed through a layered security apparatus (just ask Ed Snowden). The power of “man in the middle” attacks, in the context of denial of service, yields damage far worse than a Brigade Combat Team and all of its kinetic assets, and it does so at a fraction of the cost and almost no risk to Commanders.
Last winter’s massive power outages across Texas demonstrated how quickly and easily a civilian population could be devastated. With the vast majority of Texas off the US national power grid, people living in areas powered by “green energy” were left indoors with freezing temperatures for days as windmills failed and natural gas wells froze due to record low temperatures. Extrapolate this circumstance across greater portions of the US and alter the reason for massive power failures to a directed attack. Large-scale SCADA attacks, launched by foreign powers, would decimate not just our ability to heat American homes, but affect our industrial output. How willing would the US population be to wage war abroad when their way of life is threatened before the first casualty? Would the US have won WWII if all of Detroit were unable to re-tool and manufacture the arsenal of democracy had Germany been able to switch off the power from Berlin?
Thinking defense in depth, how effective might the North American Aerospace Defense Command, National Security Operations Center, or Defense Special Missile and Aerospace Center remain should water be shut off or intentionally contaminated at these facilities, potentially creating unsanitary conditions rendering watch officers and support personnel ill? How long can we maintain unit readiness if public or DoD installation waste removal systems were knocked offline? An enemy need not use ICBMs, Type-093 Shang-class subs, or Tupolev Tu-95 long range bombers to incite fear and disable/degrade systems. Should a malware attack neutralize Microsoft Outlook, Army staffs worldwide would grind to a halt and our primary means of communication would die on a digital vine.
Units undertaking training rotations often come away recognizing the same trend as it relates to cyber security. As unit trainers, we often see incidents of poor digital security postures and units suffer the consequences. Simple phishing attacks are commonplace, and future peer threats will construct highly tailored messages. Spear phishing, the selected targeting of individuals, appears more authentic and as a result, nets high success rates. Even today, adversarial targeting via “social media phishing” in conjunction with “whaling” introduces the potential to disrupt senior Leaders or those in certain targeted billets by using Facebook to identify key leaders. As artificial intelligence and bots develop at quantum computing speeds, our enemies ten years from now will possess the capability and intent to create high value target packets with nearly unlimited depth thanks to our online existences and the myriad of ways chat bots can interface and gather intelligence from the unassuming Soldier. An enemy’s ability to fill in gaps and seams within their own intelligence remains a current exploitable weakness due to the Army’s lack of operational security discipline on social media.
The FBI has already investigated threats against U.S. Soldiers stateside, targeted by nefarious organizations due to imagery found on social media, cross-queued with real-time surveillance of that Soldier’s patterns of life. Army Chaplains have been targeted in training events through email phishing tactics, and through these simple acts, have crashed entire unit enterprises. These email and social media cyber-attacks are low cost threat vectors that are rapaciously executable at will, preying on both junior Soldiers, who are far too comfortable accepting specious friend requests or an email from eBay, and senior Leaders far too dependent of digital communications to effectively filter all those emails from their enterprise. The enemy can conduct reconnaissance from continents away and penetrate networks through these simple techniques — techniques that render million dollar assets non-mission capable in minutes.
Sir Francis Bacon wrote “Scientia Potentia Est” — knowledge is power — and in our social media-heavy world, this knowledge is not just being used for personal good. Communication / information is one the three pivotal legs that enable warriors in any conflict to fight, survive, and win. When an adversary influences the information a warrior receives on the battlefield, or even before a Soldier sets foot on the battlefield, it can lead to disastrous results. The use of social media and the sharing of information, both truth and falsities, across a broad spectrum of platforms and personnel has shaped modern society. Social media is an ever present part of the world that is used by people of all ages and educational backgrounds. The use of this spectrum has “shrunk” the world and has enabled a greater understanding of information in an efficient and timely manner. This information sharing has not only been used by individuals for personal gain and knowledge, but by state and non-state actors alike to propagate, deceive, and attack civilian and military targets.
The employment of social media is such a powerful and potent tool in our current and future world that a single post has the ability to influence millions to act for good or evil. Due to the lack of regulatory requirements and or restrictions placed on social media purveyors, any individual across the globe has the ability to influence millions of individuals to act or believe with a single “post” — with little or no retribution.
In October 2020, a French father posted two social media posts disparaging a local educator, and in turn influenced an unassociated individual to behead the educator for reportedly displaying a picture of the prophet Mohammed. This event displays the power social media retains and the wide spread ability it has to influence individuals to act despite having little or no facts regarding any given situation. Additionally, it enables unknown individuals to spread falsities, influencing others to act. If this act is amplified on the state level, then the results can be disastrous in a larger population.
The Australian government suffered from social media’s influential effect in February 2021 when Facebook blocked government entities and news agencies from appearing on users accounts. This single restriction seems miniscule in the grand scheme of global events, but when the Australian government attempted to utilize the social media network to publish emergency messages regarding COVID-19 restrictions and vaccinations, the Australian population was unable to receive or act on the published emergency messages, thus potentially endangering millions of people.
For nearly six years, the world was inundated with news, photos, propaganda, and social media posts from the Islamic State in Iraq and al-Sham (ISIS/ISIL) as they inflicted their horrific human atrocities. ISIS mastered the employment of social media to propagate and intimidate not only the immediate residents of Iraq and Syria, but also large swaths of the population across the globe. In addition to using social media for propaganda, ISIS turned to social media to communicate and maneuver military formations across the battlefield. Their employment of social media may be seen as harbinger for the way state and non-state actors alike will influence global events without directly employing combat troops. State actors will produce and use falsified ideas to influence “followers” to act on their behalf, much like the beheading of a French educator, to achieve greater geopolitical goals. If state actors can influence civilians from across the globe to accomplish their mission sets without directly associating themselves with the act (i.e., via liminal warfare), they will have the ability to maintain their anonymity, avoiding sanctions, retribution, or all-out war.
The future of war will be defined by the cyber fight. Combatants, both proxy and conscripted, will be coders, programmers, and system developers that either will act on their own accord, be influenced by social media popularity, or execute based on the highest paying state or non-state actor. War is resource and financially burdensome for any nation and the consequences are felt by both the victor and vanquished for decades after the cessation of hostilities. By employing “independent” cyber warriors to carry out their objectives, actors can maintain anonymity, avoid sanctions, and all-out war while still projecting strength throughout the globe. As a result of our world being so digitalized and linked through the internet, any individual has the ability to make war with state governments, corporate businesses, or groups of individuals with whom they disagree. The future of war is cyber, and the US needs to recruit, groom, and project cyber strength warriors in conjunction with our Airmen, Sailors, Marines, and Soldiers.
If you enjoyed this post, check out the following related content:
The U.S. Joint Force’s Defeat before Conflict, by CPT Anjanay Kumar, and A House Divided: Microtargeting and the next Great American Threat, by 1LT Carlin Keally, the winning entry and semi-finalist, respectively, to our Mad Scientist Writing Contest on the 4C’s: Competition, Crisis, Conflict, and Change
“No Option is Excluded” — Using Wargaming to Envision a Chinese Assault on Taiwan, by Ian Sullivan
Weaponized Information: What We’ve Learned So Far…, Insights from the Mad Scientist Weaponized Information Series of Virtual Events and all of this series’ associated content and videos [access via a non-DoD network]
Weaponized Information: One Possible Vignette and Three Best Information Warfare Vignettes
LikeWar — The Weaponization of Social Media
Nowhere to Hide: Information Exploitation and Sanitization
The Convergence: Political Tribalism and Cultural Disinformation with Samantha North and the associated podcast
The Erosion of National Will – Implications for the Future Strategist, by Dr. Nick Marsella
Sub-threshold Maneuver and the Flanking of U.S. National Security, by Dr. Russell Glenn
The Convergence: Hybrid Threats and Liminal Warfare with Dr. David Kilcullen and listen to the associated podcast
>>>> REMINDER!!! Army Mad Scientist is CALLING ALL CREATORS with our Multi-Media Contest for imaginative artists who would like to showcase their ideas about future possibilities in alternative ways. For more information, check out our announcement and flyer, then consult your inner muse, unleash your creative talent, get cracking developing your multi-media entry, and submit it to madscitradoc@gmail.com. There are only 19 days left… deadline for submission is 6 August 2021!!!
About the Authors:
CPT Casey Igo commissioned from OCS as an Infantry officer in 2010. He has served in mechanized, Airborne, and light infantry. He served two tours in Afghanistan in support of Operation Enduring Freedom and one in Syria supporting Operation Inherent Resolve. He most recently served as a Mechanized Infantry OC/T in First Army.
CPT Christian Turley commissioned from OCS as a Military Intelligence officer in 2010. He’s a graduate of Indiana University Bloomington and completed MI BOLC, MI CCC, and the Signals Intelligence Course. He has deployed to Afghanistan, Egypt, and Kuwait. He served as a UAS Company XO, Battalion S2, Company Commander, and most recently as an S2 OC/T in First Army.
Disclaimer: The views expressed in this blog post do not necessarily reflect those of the Department of Defense, Department of the Army, Army Futures Command (AFC), or Training and Doctrine Command (TRADOC).