Military cyber operations have been normalized to the point that there is now a defined career path for would-be cyber warriors in the U.S. Air Force and a formal curriculum for training them.

The role of a cyber war specialist, which includes defense as well as offense, is “to develop, sustain, and enhance cyberspace capabilities to defend national interests from attack and to create effects in cyberspace to achieve national objectives,” according to a new Air Force training plan that was published this week.

The Air Force training plan outlines the anticipated career progression of its cyber warriors, and describes the tasks that they must master. See Cyber Warfare Operations Career Field Education and Training Plan, CFETP 1B4X1, July 15, 2018.

Offensively, trainees must learn methods such as buffer overflow tactics and techniques, privilege escalation, rootkits, redirection and triggering, tunneling, and so forth. Defensive methods include encryption, secure enclaves, boundary protection, intrusion detection, etc.

A select group of especially competent trainees will be selected “to futher develop their skills in the areas of secure system design, vulnerability analysis, computer network defense (CND), and computer network exploitation (CNE)” in joint programs with the National Security Agency and US Cyber Command.

The programs will enhance students’ technical skills and will help to “bridge gaps between typical Computer Science/Engineering curriculum and those necessary for Computer Network Attack / Exploitation / Defense.”

“Each intern must complete at least one offensive and at least one defensive tour during the program,” the training plan said.

*    *    *

Some other noteworthy new military doctrinal and other publications include the following.

Human Remains Associated with Sunken Military Craft, SecNav Instruction 5360.2, July 11, 2018. Navy policy normally precludes efforts to recover the remains of those lost at sea. “The Department of the Navy (DON) has long recognized the sea as a fit and final resting place for personnel who perish at sea.”

The guided missile destroyer USS John S. McCain is now named for Senator McCain as well as for his father and grandfather. “As a prisoner of war, [Sen.] McCain represented our nation with dignity and returned with honor,” wrote Secretary of the Navy Richard V. Spencer in a July 12 memorandum memorializing the designation.

The production of electric power for military operations is addressed in a new Army manual. “Modern warfare relies on electrically powered systems, making electricity an essential element that supports warfighting functions.” Though nuclear power systems have previously played a role in the Army, there is no mention of nuclear reactors or isotope power in the new publication. See ATP 3-34.45, Electric Power Generation and Distribution, July 6, 2018.

Military planners should not anticipate that the United States will ever dominate cyberspace, the Joint Chiefs of Staff said in a new doctrinal publication. The kind of supremacy that might be achievable in other domains is not a realistic option in cyber operations.

“Permanent global cyberspace superiority is not possible due to the complexity of cyberspace,” the DoD publication said.

In fact, “Even local superiority may be impractical due to the way IT [information technology] is implemented; the fact US and other national governments do not directly control large, privately owned portions of cyberspace; the broad array of state and non-state actors; the low cost of entry; and the rapid and unpredictable proliferation of technology.”

Nevertheless, the military has to make do under all circumstances. “Commanders should be prepared to conduct operations under degraded conditions in cyberspace.”

This sober assessment appeared in a new edition of Joint Publication 3-12, Cyberspace Operations, dated June 8, 2018. (The 100-page document updates and replaces a 70-page version from 2013.)

The updated DoD doctrine presents a cyber concept of operations, describes the organization of cyber forces, outlines areas of responsibility, and defines limits on military action in cyberspace, including legal limits.

“DOD conducts CO [cyberspace operations] consistent with US domestic law, applicable international law, and relevant USG and DOD policies.” So though it may be cumbersome, “It is essential commanders, planners, and operators consult with legal counsel during planning and execution of CO.”

The new cyber doctrine reiterates the importance and the difficulty of properly attributing cyber attacks against the US to their source.

“The ability to hide the sponsor and/or the threat behind a particular malicious effect in cyberspace makes it difficult to determine how, when, and where to respond,” the document said. “The design of the Internet lends itself to anonymity and, combined with applications intended to hide the identity of users, attribution will continue to be a challenge for the foreseeable future.”

The changing role of “information” in warfare was addressed in a predecisional draft Joint Concept for Operating in the Information Environment (Joint Chiefs of Staff, December 2017).

“Integrating physical and informational power across geographic boundaries and in multiple domains could lead to campaigns and operations with enormous complexity,” the document warns. “The fog and friction of war punishes unnecessary complexity.”

Another concern is that a “focus on informational power could be misread by Congress and other resource allocators to suggest there is little need for a well-equipped and technologically-advanced Joint Force capable of traditional power projection and decisive action.”

The U.S. Army this week published an overview of future military cyberspace operations. See The U.S. Army Concept for Cyberspace and Electronic Warfare Operations 2025-2040, TRADOC Pamphlet 525-8-6, 9 January 2018.

The new Army publication is intended to promote development of cyber capabilities, to foster integration with other military functions, to shape recruitment, and to guide technology development and acquisition. It addresses defense against cyber threats as well as offensive cyber activities.

Proliferation of cyber threats is eroding the benefits of US superiority in conventional military power, the document said.

“The Army faces a complex and challenging environment where the expanding distribution of cyberspace and EMS [electromagnetic spectrum] technologies will continue to narrow the combat power advantage that the Army has had over potential adversaries.”

“Adversaries will conduct complex cyberspace attacks integrated with military operations or independent of traditional military operations.”

“Since every device presents a potential vulnerability, this trend represents an exponential growth of targets through which an adversary could access Army operational networks, systems, and information.”

“Conversely, it presents opportunities for the enhanced synchronization of Army technologies and information to exploit adversary dependencies on cyberspace.”

“If deterrence fails, Army forces isolate, overwhelm, and defeat adversaries in cyberspace and the EMS to meet the commander’s objectives.”

“These [Army] capabilities exploit adversary systems to facilitate intelligence collection, target adversary cyberspace and EMS functions, and create first order effects. Cyberspace and EW [electronic warfare] operations also create cascading effects across multiple domains to affect weapons systems, command and control processes, critical infrastructure, and key resources to outmaneuver adversaries physically and cognitively, applying combined arms in and across all domains.”

Military action in cyberspace is an evolving field that may have overtaken existing law or convention.

“Many effects of cyberspace operations require considerable legal and policy review,” the Army document said.

The superiority of the US military in cyberspace, which once could be taken for granted, is gradually eroding, says an Army Field Manual published this week.

In the past decade, “U.S. forces dominated cyberspace and the electromagnetic spectrum (EMS) in Afghanistan and Iraq against enemies and adversaries lacking the technical capabilities to challenge our superiority in cyberspace.”

“However, regional peers have since demonstrated impressive capabilities in a hybrid operational environment that threaten the Army’s dominance in cyberspace and the EMS,” according to the new Field Manual.

“Rapid developments in cyberspace and the EMS will challenge any assumptions of the Army’s advantage in this domain. While it cannot defend against every kind of intrusion, the Army must take steps to identify, prioritize, and defend its most important networks and data.”

The underlying principles of US Army operations in cyberspace were described in the new Field Manual 3-12, Cyberspace and Electronic Warfare Operations, 11 April 2017 (unclassified, 108 pages).

Within living memory, even a passing mention of cyber weapons or U.S. offensive activities in cyberspace was deemed sufficient to justify national security classification. Now, although the Obama Administration generally neither claims nor receives credit for it, military cyberspace doctrine has become one of a number of significant policy areas in which this Administration is demonstrably “more transparent” than its predecessors.

A new US Air Force directive “provides policy guidelines for planning and conducting AF cyberspace operations to support the warfighter and achieve national security objectives.”

“The AF will execute Cyberspace Operations” — including both offensive and defensive actions — “to support joint warfighter requirements, increase effectiveness of its core missions, increase resiliency, survivability, and cybersecurity of its information and systems, and realize efficiencies through innovative IT solutions.” See Cyberspace Operations, Air Force Policy Directive AFPD 17-2, April 12, 2016.

A companion directive further specifies, for example, that “Air Force Space Command (AFSPC) will… deploy AF approved cyber weapon systems.” See Air Force Policy Directive 17-1, Information Dominance, Governance and Management, 12 April 2016.

Changes in the cyber threat environment require the Army to be able to rapidly reprogram its own military software, a newly updated Army Regulation directs.

“Warfare is rapidly moving into a new domain: cyberspace. This will affect warfighting in all domains, and the Army will take measures to adapt to the cyberspace environment.”

“This increased responsiveness demands shortened timelines to combat enemy threats as they adapt to new technology and to new methods of employment.”

“RSR [Rapid Software Reprogramming] will be required to become even more adaptive, automated, and integrated with weapons systems operating in the EMS [electromagnetic spectrum].”

“This policy gives the Army a process which enables soldiers a reach-back RSR capability that will assist commanders to attain tactical superiority, achieve surprise, gain and retain the initiative, maintain awareness of new and emerging threats, and obtain decisive results…,” the unclassified Regulation said.

The Assistant Secretary of the Army (ALT) will “Ensure that sensor-based weapons and CEMA [Cyber Electromagnetic Activities] systems are developed using software reprogrammable signature detection, classification, and response capabilities that can be responsive and enabling to EW [Electronic Warfare], spectrum management and cyber operations.”

See Software Reprogramming for Cyber Electromagnetic Activities, Army Regulation 525-15, 19 February 2016.