The Buzz

Every War Is a Cyber War—Starting With ISIS

At the end of February, Secretary of Defense Ashton Carter told a House subcommittee that U.S. Cyber Command (CYBERCOM) is conducting offensive operations against the Islamic State. This statement went viral. “Make no mistake,” Peter Singer of New America said, “this is a very big deal.” It signals a shift in the fight against the Islamic State and marks the first time the United States has acknowledged undertaking cyberattacks during armed conflict. CYBERCOM’s campaign makes real what was anticipated—the integration of offensive cyber capabilities in strategies and tactics for waging war.


Using Cyberattacks Against the Islamic State

CYBERCOM’s attacks have two targets: the Islamic State’s use of social media and its use of cyber means to engage in command, control and communications in military operations. In terms of social media, the White House instructed the Department of Defense to use CYBERCOM’s capabilities against the Islamic State after the terrorist attacks in Paris and San Bernardino again highlighted how the Islamic State exploits social media to radicalize and recruit. Government and private-sector efforts to combat these activities, such as the Department of State’s counter-messaging campaigns, were not working—and foreign fighters continued to join the Islamic State.

With mobilization of the .gov and .com domains ineffective, the White House ordered CYBERCOM to degrade the Islamic State’s online presence. This move connects with other post-9/11 decisions that elevated the military’s and intelligence community’s roles in counterterrorism when law enforcement and diplomatic efforts proved inadequate. The conclusion that military cyberattacks are needed to address terrorist use of social media is unprecedented and unanticipated—degrading Twitter-enabled terrorism was not on CYBERCOM’s agenda when it was established.

The second target involves missions CYBERCOM was built to accomplish—disrupting an adversary’s capabilities during armed conflict. CYBERCOM is attacking the Islamic State’s ability to command its forces in the field, control their tactical movements and communicate with fighters during military operations. Such disruption is coordinated with air strikes, special forces operations, and ground attacks to isolate and defeat Islamic State forces. CYBERCOM attacks reportedly contributed to the recapture of Shaddadi by Syrian rebels in February. The campaign to re-take Mosul also involves CYBERCOM attacks. These activities mark the first time the United States has integrated offensive attacks by CYBERCOM in fighting an armed conflict.


Using Cyberspace to Wage War

Reactions to CYBERCOM’s offensive often emphasized this development is seminal for reasons beyond the conflict with the Islamic State. For starters, it demonstrates that CYBERCOM has transitioned from a predominantly defensive focus to “full spectrum” capabilities, which makes CYBERCOM more potent for military operations. CYBERCOM was designed to have these capabilities, but, with CYBERCOM’s offensive mission now operational, the United States has crossed into uncharted territory in the history of war.

Crossing this line means the United States has resolved issues that informed earlier decisions not to use cyberattacks in armed conflict. During the Libyan air campaign in 2011, the Obama administration considered cyberattacks on Libyan air defense systems, but decided against them for various reasons, including legal concerns. The Obama administration now believes the domestic and international legal authority it claims to wage war on the Islamic State permits the cyber offensive.