U.S. Military Given Secret “Execute Order” on Cyber Operations

Last June, the Chairman of the Joint Chiefs of Staff issued a classified “execute order” to authorize and initiate a military operation.

The nature, scope and duration of the military operation could not immediately be determined — even the title of the order is classified — but it evidently pertains to the conduct of military cyberspace activities.

The existence of the previously undisclosed execute order was revealed last week in a new Air Force Instruction.

“Classified processes governing C2 [command and control] of AF [Air Force] offensive and defensive cyberspace operations conducted by AF Cyber Mission Forces are addressed in a classified CJCS [Chairman, Joint Chiefs of Staff] Execute Order (title classified) issued on 21 Jun 13,” said Air Force Instruction 10-1701, entitled “Command and Control (C2) for Cyberspace Operations,” dated 5 March 2014.

An execute order goes beyond planning or preparation for conflict, and represents the commencement of a military operation.

The formal definition of an execute order (or EXORD) is “an order issued by the Chairman of the Joint Chiefs of Staff, at the direction of the Secretary of Defense, to implement a decision by the President to initiate military operations,” according to the official Department of Defense Dictionary of Military and Associated Terms (JP 1-02).

“Execution begins when the President decides to use a military option to resolve a crisis,” according to Joint Publication 5-0 on Joint Operation Planning. “Only the President or SecDef can authorize the CJCS to issue an execute order (EXORD).

“Execution continues until the operation is terminated or the mission is accomplished.”

“The CJCS-published EXORD defines the unnamed day on which operations commence or are scheduled to commence (D-day) and the specific time an operation begins (H-hour) and directs execution of the OPORD [operation order].”

“The CJCS’s EXORD is a record communication that authorizes execution of the COA [course of action] approved by the President or SecDef and detailed in the supported commander’s OPORD,” explained JP 5-0.

In response to questions from the Senate Armed Services Committee, Vice Adm. Michael S. Rogers, the nominee for Commander, US Cyber Command (and Director, NSA), said that “Geographic combatant commanders already have authority to direct and execute certain Defensive Cyberspace Operations (DCO) within their own networks.”

Judging from the new Air Force Instruction, however, the June 2013 execute order extends to offensive cyberspace operations as well.

All or most execute orders naturally start out as classified documents. But sooner or later, they are declassified.

A March 2011 execute order for Libya Contingency Operations can be seen here.

A January 1991 execute order for Operation Desert Storm, incongruously signed “Warm Regards, Colin Powell,” is here.

A rare reference to another currently classified execute order appeared in a paper published in Joint Force Quarterly (issue 69, April 2013, p. 53): “In compliance with the guidelines outlined in the Global Response Force Execute Order, JCSE [Joint Communications Support Element] maintains an alert-postured force that can deploy and have its communications packages fully operational within hours of notification for an emerging requirement.” That execute order dates from September 2012, and is classified Secret.

The Senate Armed Services Committee asked Adm. Rogers whether there was a need for greater transparency concerning “the nature of cyber warfare, and the balance between offensive and defensive capabilities.”

Adm. Rogers replied: “I believe the recent disclosures of a large portion of our intelligence and military operational history may provide us with [an] opportunity to engage both the American public and our international partners in discussion of the balance of offense and defense, the nature of cyber warfare, norms of accepted and unacceptable behavior in cyberspace, and so forth.”

“As cyberspace matures as a warfighting domain, I believe our classification policies will also evolve to support growing domestic and international partnerships and relationships,” Adm. Rogers wrote.