The Army is getting up-to-date on cyber and electromagnetic activity policies, finally releasing the long-anticipated updated field manual for cyber and EW functions. The document, titled FM 3-12 "Cyberspace and Electronic Warfare Operations," and dated for mid-April, though publicly released within the last week, replaces FM 3-38, which provided the initial guidance back in 2014.
The new document "provides tactics and procedures for the coordination and integration of Army cyberspace and electronic warfare operations to support unified land operations and joint operations."
"FM 3-12 explains Army cyberspace and electronic warfare operations fundamentals, terms, and definitions," the document reads. "This publication provides overarching guidance to commanders and staffs on Army cyberspace and electronic warfare operations at all echelons."
The updated field manual notes that the electromagnetic spectrum is the "common denominator" for cyberspace and EW operations both of which impacts every operation in the Army.
The Army has been looking to converge and integrate cyber, signal, electromagnetic activity operations at the tactical edgewithin traditional maneuver forces. While the Army is leveraging the resources and assets of Army Cyber Command, the service cyber component of U.S. Cyber Command, which is focused on strategic campaigns, the Army stood up a new cyber directorate at the Pentagon last summer within the deputy chief of staff G-3/5/7 office headed by Maj. Gen. Patricia Frost.
To be sure, the document provides details regarding general cyber operations that are performed by cyber warriors from remote locations for both tactical and strategic effect. "Army cyberspace operations range from defensive to offensive. These operations establish and maintain secure communications, detect and deter threats in cyberspace to the [DoD Information Networks], analyze incidents when they occur, react to incidents, and then recover and adapt while supporting Army and joint forces from strategic to tactical levels while simultaneously denying adversaries effective use of cyberspace and the EMS," it says.
The Army is still gaming out exactly how it will integrate these capabilities with traditional forces and at what echelons with its keystone training event upcoming at the National Training Center at Fort Irwin, California.
"We’re learning by doing," Maj. Gen. John Morrison, commander of the Army Cyber Center of Excellence, said last October at the annual AUSA conference. "We’ve also got selected combat training rotations where we’re putting offensive and defensive plugs on the cyber side as well as EW into brigade combat formations to get after the CEMA construct to learn holistically by executing, which will shape doctrine and TTPs. We have out the final staffing of our initial doctrine that’s going to cover all of that; it’s FM 3-12 that I suspect will be out by the end of the year. That will be a key unifying document and from there, we’ll go into the deeper dive on the actual specifics but it gets after that CEMA construct."
"Where do we put these capabilities? This is what we’re going to be analyzing over the next couple of months," Morrison said. "We’ll be working our way through this and leveraging programs such as the Cyber Support to Corps and Below initiative. Especially on the electronic warfare side and on the cyber side, we are talking about low density and high demand folks. So where we put them and the technology we put in their hand will be the heavy lifting we’ll be looking at."
In November, Morrison told C4ISRNET that other initiatives such as the Cyber Blitz and Cyber Quest exercises also play a critical role in informing the force in terms of doctrine and tactics. "It’s the campaign of learning," he said. "Really, in this space, there’s a lot of learning by doing, both increasing our linkages from the institutional with the operational force so that as things change, we’re able to rapidly bring that back into the institution and then from the institutional side, things like Cyber Blitz and Cyber Quest, how do we inform ourselves moving forward into the future to help our operators understand what the potential is?"
The Army, and military writ large, has placed greater focus on EW capabilities in recent years due to pacing threats from near-peer competitors. In fact, the Army is standing up a new EW detachmenteffective in October 2018. Similarly, top officials have noted that this document is more for the EW folks, not cyber because cyber has Joint Publication 3-12 with their requirements being joint coming down from Cyber Command.
The new field manual describes three types of electronic warfare missions, for which EW is broadly defined as "military action involving the use of electromagnetic and directed energy to control the electromagnetic spectrum or to attack the enemy." The three missions include:
- Electronic Attack: the use of electromagnetic energy, directed energy, or anti-radiation weapons to attack personnel, facilities, or equipment with the intent of degrading, neutralizing, or destroying enemy combat capability and is considered a form of fires
- Electronic Protection: actions taken to protect personnel, facilities, and equipment from any effects of friendly or enemy use of the EMS that degrade, neutralize, or destroy friendly combat capability; and
- Electronic Warfare Support: actions tasked by, or under direct control of, an operational commander to search for, intercept, identify, and locate or localize sources of intentional and unintentional radiated electromagnetic energy for the purpose of immediate threat recognition, targeting, planning, and conduct of future operations ES enables U.S.
Additionally, it describes how EW can be employed from a ground and air perspective.
Within the cyberspace context, the issue of authorities has been much discussed. There is a perception that the authorities process is antiquated and not streamlined enough.
While the authoritiesdiscussion has surrounded the top-down process, typically exercised by the previous White House administration through the National Security Council that can delegate to the Secretary of Defense, some congressional aides believe the authorities issue purely rests within DoD. They note that when the military talks about authorities, they are usually talking about execute orders.
"Army forces conduct cyberspace and EW operations as authorized through Execute Orders (EXORDs); Operations Orders; Rules of Engagement; and the policies directed by the Secretary of Defense and the Combatant Commanders," the new field manual said.
The field manual provides the detailed process for requesting approval for cyber operations, noting that "although the requesting unit may not have the specific target network topology information it should provide current target information. The approval process for cyberspace effects may take longer than other targeting capabilities."
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.