As the 21st Century battlefield becomes increasingly complex and asymmetrical, military forces are striving to harness network technology to gain an operational advantage, by transforming traditional linear command structures and linking sensors, unmanned vehicles, command posts and ground troops to achieve decision superiority for full spectrum dominance.
Network Centric Warfare (NCW) is theory of warfare in the information age which hypothesizes that forces which are networked will outperform forces that are not. NCW is an ‘integration of sensors, decision-makers, weapons platforms and support capabilities to enable agility’ providing ‘interoperability and collaboration within and between services’. U.S. Naval Studies Board’s working definition of network-centric maritime warfare (NCMW) is “Military operations that exploit state-of-the-art information and networking technology to integrate widely dispersed human decision makers, situational and targeting sensors, and forces and weapons into a highly adaptive, comprehensive system to achieve unprecedented mission effectiveness.” Network-centric warfare concept also encompasses the combination of emerging tactics, techniques and procedures that a networked force can employ to create a decisive warfighting advantage.
According to U.S. Defense Department, Network centric systems increase the quality and degree of shared mission critical information. This permits a common perception of the battlespace to emerge, creating a shared awareness of the environment. This decreases the level of uncertainty, thus improving the degree of decision quality information which improves the quality and degree of sensemaking and interactions. This in turn improves a force’s agility, time to execute, efficiency, and mission effectiveness.
Pentagon leaders suggested spending just about the same amount of money on net-centric warfare in fiscal year 2020 than they requested in 2019. In the Department of Defense’s budget request for 2020, leaders laid out a plan to spend $10.2 billion on command, control, communications, computers and intelligence systems. That’s up 2 percent from the $10 billion Pentagon leaders asked for last year. “The FY 2020 budget request supports the net-centricity service-based architecture pattern for information sharing,” leaders wrote in the weapons system book accompanying the budget request, using nearly identical language to last year’s request.
Besides network-centric warfare, currently used by the armed forces of the United States, Denmark, Norway and the Netherlands, other coined terms include Australia’s network-enabled warfare, the United Kingdom’s network-enabled capability, the Swedish armed forces’ network-based defense and the armed forces of the Republic of Singapore’s knowledge-based command and control.
China continues to place a high priority on modernizing the PLA’s command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) system as a response to trends in modern warfare that emphasize the importance of rapid decisionmaking and information sharing and processing. The PLA is seeking to improve its technological capabilities and organizational structure to command complex joint operations in near and distant battlefields with increasingly sophisticated weapons.
NCW in action
The military operations in support of operation Enduring Freedom highlighted the emergence of near-real-time information sharing as a source of warfighting advantage. Jeffrey L. Groh describes how Special Forces on the ground were able to use data and voice links provided by communication satellites to co-ordinate their efforts. Not only were the ground forces able to communicate with each other, but also with F-14’s, F-15E’s, B-1 and B-2 aircraft by laser designating targets that the air support would later destroy with Joint Direct Attack Munitions (JDAM). JDAM-equipped ‘smart munitions’ are guided to their targets by an inertial guidance system and the global positioning system (GPS), once again making use of spacebased technologies.
The power of information sharing to increase survivability and lethality in the air-to-air mission was substantiated by the Air Force again in the mid-1990s during a joint tactical information distribution system (JTIDS) operational special project. Air Force pilots flying F-15Cs with and without datalinks clearly demonstrated an order of magnitude increase in information sharing enabled by the datalinks. This operational special project consisted of hundreds of tactical engagements, ranging in size from twoversus-two to eight-versus-16 aircraft, which were conducted during day and night conditions. During the more than 12,000 sorties and more than 19,000 flying hours, the average kill ratio for F-15Cs equipped with datalinks increased by more than 150 percent over F-15Cs fighting with voice-only communications.
Another example of NCW’s success in operations is Link 16, and the advantage it gives to the air forces that make use of it. Link 16, also known as TADIL-J (Tactical Digital Information Link J) is described as a ‘communication, navigation, and identification system that supports information exchange between tactical command, control, communications, computers, and intelligence (C4I) systems.’ The system uses encrypted messages and transmissions which are jam resistant to provide the user with a whole host of possible applications. These include surveillance, electronic warfare, mission management/weapons coordination, air control, positive friendly identification and network management.
The RAND Corporation’s National Defense Research Institute (NDRI) conducted a case study to determine the impact of using Link 16 in an air-to-air combat situation. NDRI summarised their findings by stating that when Link 16 was used ‘the quality of information available to individual fighter pilots was increased significantly’ and that pilots ‘were on average able to make better decisions and make decisions earlier in the opening gambits of tactical air-to-air engagements. This resulted in greatly increased force effectiveness.’ Link 16, combined with the Eurofighter Typhoon’s long range radar provided pilots with ‘exceptional and unrivalled situational awareness of the operating area’ during Operation ELLAMY over Libya in 2011. The system has also seen operational use over Bosnia, Iraq and Afghanistan.
Russia Tests Network-Centric Warfare
The recent Russia’s military operation in Syria tested many Network-Centric Warfare Experiments. Igor Korotchenko, the editor of Natsional’naya Oborona, notes the use of a military internet, which established high-speed secure data transfer between units. Moscow-based military-diplomatic sources were explaining to media that the use of Su-34 jets to strike targets was an important feature, and one that highlighted the network-centric dimension of some air operations. These platforms were network-enabled and, according to such sources, were testing the developing capability to operate in a single information network.
The Su-34 had been fitted with the TKS-2M communications and information management system, which allows data targeting coordination with automated output on electronic maps without depending on ground command posts. Su-34s were exchanging information in real time, which permitted rapid retargeting or changes in tasks, depending upon the tactical situation. The system is also designed to enhance the action and stealth capability of the Su-34. Since the armed rebels or Islamic State combatants had no EW capacity, this lends credence to possible testing for future operations against a rather different adversary.
At the strategic level, the same system was locked into the National Defense Management Center (Natsional’nyy Tsentr Upravleniya Oboronoy—NTsUO), in Moscow, to connect with the Hmeymim airbase. This linkage of the NTsUO and the Russian air group at Hmeymim airbase maintained continuous, real-time, secure command and control (C2) in a networked environment (MK.ru, April 7).
The Russian Armed Forces staged their annual strategic-level military exercise in Sep 2019, alongside units from seven partner countries—Kazakhstan, Kyrgyzstan, Tajikistan, Uzbekistan, China, India and Pakistan—all of them Moscow’s allies in the Shanghai Cooperation Organization (SCO). This year’s strategic command-staff exercise (strategicheskiye komandno-shtabnyye ucheniya—SKShU), Tsentr 2019, tested a number of aspects of military capability within an overall theme of the Russian variant of network-centric warfare:
Initial Hype Cycle
NCW went through hype cycle, “Indeed, it is the new “darling” of the U.S. defense development community.” “In employing this cart-before-the-horse methodology, tentative doctrine, warfare theory and defense management are being planned today as if the actual pieces of network-centric warfare are already developed, and only an organization is needed to put the pieces into place. This is wrong from a programmatic, scientific and engineering perspective,´wrote Lt. Col. Edmund C. Blash, USAR.
Network Centric Warfare (NCW) is the buzzword of choice in current Defence Department rhetoric. “The ugly reality is that networking has become a cure all panacea in the DoD bureaucratic machine, one which can magically offset all force structure limitations, and one which magically only Australia can possess and use properly in the Pacrim,” wrote Dr Carlo Kopp.
Vulnerabilities of NCW
NCW has been criticized on many counts: It will not work because It will be too expensive to implement; Goals such as the provision of complete battlespace awareness cannot be achieved, even in principle; Future conflicts are likely to be asymmetric and unconventional, to which the capabilities provided by networking are ill matched and even Its core thesis is flawed. A networked environment brings with it information overload and great demands on cognition and decision making ability of personnel, sometimes to the level of individual soldiers, seamen or airmen.
“Perhaps the most fundamental flaw in network-centric warfare is that it is based on the premise that machine intelligence and analysis is superior and can be substituted for work now being performed by soldiers. However, no viable proof exists that software algorithms, information fusing or Boolean decision analysis will be any more successful than is the current soldier in the loop. It is important to remember that the history of commercial computer networks is replete with actual instances of massive communication, information, security and processing failures. It is one thing for a Web site or computer server to fail or be hacked; it is quite another for U.S. military forces to encounter the same degree of failure,” writes Lt. Col. Edmund C. Blash, USAR.
However, AI is becoming ready for battlefield as recently in August 2020, the DARPA reported that an Artificial Intelligence developed under it’s ACE program has defeated Human Lockheed F-16 Pilot In Virtual Dogfight sponsored by it. The first round featured each team flying their algorithms vs. adversary AI algorithms. The teams then competed against each other in a round-robin style competition. After two days of competition, the winning algorithm of Darpa’s Air Combat Evolution program took on a human pilot in a Lockheed Martin (LMT) F-16 simulator. Artificial intelligence teams from Boeing (BA) subsidiary Aurora Flight Sciences, EpiSys Science, Georgia Tech Research Institute, Heron Systems, Lockheed Martin, Perspecta Labs, PhysicsAI, and SoarTech entered the competition. In a semifinal, Lockheed beat Physics AI. Heron defeated Aurora in the other semifinal and then took down Lockheed in the final. Heron scored five kills vs. zero for the human pilot.
“A fundamental assumption in NCW is that improving information infrastructures will improve military decision making and therefore military effectiveness. There are various reasons why reliance on infrastructure brings with it significant risk. It can become the ‘primary centre of gravity for opponents to exploit’. This is particularly hazardous if alternative ways of working are not available. If NCW becomes so critical to warfare that forces become incapable of fighting in a non-network centric fashion, there is little doubt that any disruption to networks that they are dependent on could be catastrophic and potentially crippling for a military. Nor is there any doubt that a capable enemy would attempt to exploit this weakness by disrupting networks.” The effects of counter measures such as enemy jamming or enemy attacks on airborne ISR and AEW assets whilst they are still on the ground also need to be considered.
Adversaries can potentially use the domain of cyberspace in various ways to challenge military systems. They can collect intelligence on these systems to steal technology and accelerate their own capabilities. They can use this intelligence to develop countermeasures. And they can use cyberspace as a means to directly attack U.S. military systems. Together, these pose significant risks to operational mission accomplishment.
If embedded processing is corrupted, communication links interrupted, and overhead surveillance/navigation denied, then the battlefield advantage will quickly erode, jeopardizing mission objectives while severely threating combatants in the field. Operating in cyberspace already proliferates for military purposes. In Estonia and Georgia in 2007 and 2008, Russia used cyber manipulation as a strategy prior to engaging in armed conflict. This exploratory precursor provided an opportunity for the Russian military to refine its cyber uses of this fifth domain. Since that time, Russia has continued to disrupt and disseminate false information over online systems. Much of its attention focuses on former satellite countries of the Soviet Union, but the United States, Germany and the United Kingdom have also been targeted. Together with its NATO allies, the United States confronts this Russian cyber threat. However, in the Pacific, the United States stands virtually alone to face China. Cyberattacks may very well be China’s weapon of choice against the U.S. military’s network of dependent systems. These two nations have standing armed forces that view cyber warfare as a means to negate U.S. military technological advantage while providing battlefield value in times of confrontation.
Nations previously deterred from open confrontation by superior standing armies are now able to enter the battlefield via cyber manipulation and attacks. Poorer nations and rogue cyberattack teams may very well develop the means to take down systems of a physically super opponent. These players without the means to openly confront a nation’s armed forces are just as effective. Open system architectures and commercial-off-the-shelf products, while achieving greater affordability, are revealing conceivable vulnerabilities. Secure networks are of paramount importance to the military and defense industry, yet potential adversaries perceive these networks as prime opportunities for insidious penetration to extract data, disrupt and deny.
But the threat goes beyond defense architectures to more pointed attacks against satellites, aircraft and surface combatants. For example, U.S. ships in foreign harbors are keenly aware of local efforts to intercept, characterize and identify communications vulnerabilities. Digital intrusion inside these advanced systems is a major concern because it could negate the hardware’s technological advantage.
U.S. cyber defense systems and networks have significant exposure. The U.S. Air Force directed a small team of hackers to search for a means to attack the Trusted Aircraft Information Download Station, which gathers real-time information from the F-15; after only a couple of days, the team successfully broke into the aircraft’s system, the Washington Post reported last year.
The Army’s mobile Integrated Tactical Network, which consists of multiple nodes essential to optimizing warfighters’ effectiveness and extensive networks that receive and dispense information, also contains vulnerabilities that must be addressed. Network segmentation may in part close some of the vulnerability issues but at the expense of system/network latency. Similarly, uplinks, downlinks and broadcast transmissions from space assets that provide a significant advantage to the military have been recognized by China and Russia as openings to degrading U.S. military operations.
A case in point would be the proliferation of GPS jammers. The Commander of United States Air Force Space Command has identified that US forces have ‘a very heavy reliance on space and we consider GPS foundational in military operations’. Indeed, GPS has been described as ‘the core asset required for NCW to work’. However, in recent years GPS jammers which can block GPS signals have become more widely available than ever before. If a jammer is used by an enemy it has the potential to ‘eliminate GPS navigation and precision guidance capabilities within an extensive area of operations’. Quite clearly, a loss of GPS capability would have calamitous effects on the US’ war fighting capability, as would be the case with the majority of the world’s armed forces that utilise the GPS system. This would be mostly damaging for those forces relying on network-centric navigational systems, to which GPS is a major component.
Modern Reality: Cautious adoption and Cybersecurity management
The modern reality is based on systematic studies evaluating network-centric strategies versus alternative strategies. The test-bed are being developed and used for evaluating the alternative strategies. The vulnerabilities of NCW are also being addressed. RAND report has called for cybersecurity management to limit adversary intelligence exploitation through cyberspace to an acceptable level and to maintain an acceptable operational functionality (survivability) even when attacked offensively through cyberspace. What constitutes an acceptable level of risk is determined by mission assurance risk acceptance. These outcomes need to be achieved continuously throughout the life cycle of a military system, from research and development through disposal. All phases are important, but the development and
sustainment stages are particularly critical—the former because design decisions are made that can limit options in the future, and the latter because most systems reside in sustainment for most of their life cycle.
To successfully attack ware (soft, firm, and hard) through cyberspace, an adversary needs access to the ware, a flaw to exploit that affects the ability to carry out the mission, and the capability to do so. The capability to do so generally entails deep knowledge of the military system being attacked and how it functions. It is probably a fair estimate that the more consequential the offensive cyber attack, the more knowledge the adversary tends to need. Some of that knowledge will generally need to come from effective intelligence collection, including cyber exploitation (thus linking counter cyber exploitation and counter offensive cyber operations).
Managing cybersecurity risk has three components: (1) minimizing vulnerabilities to systems, (2) understanding the threat to those systems, and (3) minimizing the impact to operational missions. Countering offensive attacks through cyberspace has two facets. First, preventing attack requires limiting access, limiting flaws whose exploitation could significantly affect an operational mission (e.g., software assurance), and limiting the ability of an adversary to learn about U.S. systems and missions. Second, operating at an acceptable level of functionality after an attack occurs requires a military system design that can absorb and recover from an attack.Cybersecurity against offensive cyber attacks, then, is layered.
Multiple layers contribute to mitigating vulnerabilities: defensive measures to deny access to the systems, backed up by a robust and resilient design so that when attacked, the system degrades gracefully and recovers rapidly to an acceptable level of functional performance. A penetration test attempts to exploit computer and digital networking vulnerabilities to determine if unauthorized access or other malicious activity is possible. Penetration testing typically includes network penetration testing and application security testing as well as controls and processes around the networks and applications, and should occur from outside the network trying to break in, as well as from inside the network. An adversarial assessment gauges the ability of a computing or networking system to carry on its mission while withstanding cyber attacks, including protecting the system, detecting cyber threats, reacting attacks, and restoring degraded mission capability degraded or lost because of hackers.
The ability of a system to absorb an attack but still function at some acceptable level is often called robustness. The subsequent ability to recover from an attack by restoring either partial or full mission functionality is often called resiliency. The overall operational risk reduction will come from a combination of system security engineering, assessment of how mission assurance is affected, and, because the cybersecurity environment is rapidly changing, adaptive solutions.
To manage cybersecurity effectively and to hold actors appropriately accountable, outcomebased feedback that measures the actual state of cybersecurity and its mission impact is needed, not just compliance with directives.
References and Resources also include:
Is your business effected by Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.
Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/
UK +44 20 8089 9944