Will Air-Sea Battle Be "Sunk" by Cyberwarriors?
The conclusion of large-scale counterinsurgency campaigns in the Middle East and Central/South Asia has prompted the U.S. military to refocus its energies on developing new strategic concepts for the twenty-first century. Critical to this effort is identifying how the United States can surmount challenges posed by adversaries exploiting asymmetric advantages to counter U.S. strengths in the air and sea domains. Among the most pressing of these challenges is identifying how the U.S. military can operate in a denied environment—a task that it has not truly confronted since World War II. The central product of this effort is the Air-Sea Battle Concept, which serves as a cornerstone of the Department of Defense’s strategic planning for future power-projection capabilities and missions. Specifically, the Air-Sea Battle Concept was developed following a 2009 directive from the Secretary of Defense to address means of surmounting the challenge posed by Anti-Access/Area Denial capabilities (A2/AD), which seek to thwart U.S. movement and maneuver in a theater of operations. As its name suggests, the Air-Sea Battle Concept places an emphasis on the use of air and sea power to defeat adversary A2/AD capabilities.
Tragically, the Air-Sea Battle Concept fails to recognize the critical and independent role cyberpower should (indeed, will) play in any Air-Sea Battle confrontation with U.S. adversaries. While the concept acknowledges that the air, sea and cyber domains will play important roles as sources of vulnerability and offensive platforms, the Air-Sea Battle Concept relegates cyberpower to a supporting role—for example, using cyber capabilities to defeat integrated air-defense systems or disrupt adversary command and control to enable air and sea supremacy. It is important to note that we are leaving aside broader political and strategic considerations of when the Air-Sea Battle Concept may be employed.
Furthermore, the Air-Sea Battle Concept prioritizes theater operations without acknowledging the retaliatory risk to the American homeland. It goes without saying that defense of the American homeland is the ultimate priority. The most probable avenue of an attack on U.S. interests by any likely Air-Sea Battle belligerent is via the cyberdomain. Failure to properly conceptualize cyber’s independent role in the Air-Sea Battle Concept, therefore, is not merely an issue of semantics; concepts and definitions are important, because planning and resource allocation follow from them.
The U.S. government should anticipate that adversaries will wage Offensive Cyber Operations (OCO) against U.S. forces in theater and American interests around the world, concurrent with conventional military operations. Formulating and maintaining an offensive cybercampaign plan is costly, because it requires enormous resources for tool development, operator training and gaining access to and holding targets continuously at risk. An important implication of this is that oftentimes, states will be engaged with less-than-precise targets, as well as the most vulnerable (rather than optimal) targets. Therefore, we can expect that U.S. adversaries will target vulnerable civilian infrastructure—to which they have already gained access for conducting intellectual property theft and/or espionage—for military purposes. The prospect of such an attack is even more troubling, given that most U.S. command and control assets ride on the backbone of the civilian Internet.
The most obvious course of action is to prioritize bolstering cyberdefense. However, even with extensive planning, the reality is such that we will come under cyberattack. Networks are inherently vulnerable and it is impossible to completely defend against all avenues of attack or completely defeat an adversary’s OCO. The decentralized nature of cyberoperations means that, as long as adversary operators have access to a computer, they have survivable offensive cyber capabilities.
Therefore, taking into account these vulnerabilities, the United States should employ a three-pronged strategy. First, as the current Air-Sea Battle Concept already acknowledges, the United States should employ cyberpower in support of theater-specific air and sea operations to degrade and defeat A2/AD capabilities. Second, the United States should develop capabilities to limit and degrade the adversary’s ability to conduct OCO, not only in theater, but also against the American homeland and American interests. Third (and most neglected by the architects of the Air-Sea Battle Concept), the United States must develop the capabilities to achieve cyber superiority. This will be a critical asset for the United States as part of an escalatory coercion strategy in response to the likely event of U.S. adversaries targeting American (and allied) military and civilian assets in theater and globally.
Accepting that American interests at home and abroad will come under cyberattack in the context of employing Air-Sea Battle to counter adversary A2/AD does not mean planning is a pointless task. The magnitude and costs of any such attack will be considerably greater in a world where the United States has not appropriately conceptualized cyber’s role within the Air-Sea Battle Concept.
Erica D. Borghard is an Assistant Professor in the Department of Social Sciences and the Executive Director of the Grand Strategy Program at the United States Military Academy at West Point. She received her PhD in Political Science from Columbia University.