Freedom of Manoeuvre in Cyberspace

By Lieutenant Colonel

By Lt Col

 Eric

 Jodoin

, CA

 AF

Joint Air Power Competence Centre

By Major

By Maj

 Fotios

 Kanellos

, GR

 AF

Joint Air Power Competence Centre (2019-2022)

Published:
 April 2023
Warfare Domains: Cyberspace Operations
Subject Areas: Cyberspace Operations

Abstract

How can traditional military manoeuvres be applied to cyberspace? This paper explores the concept of Freedom of Manoeuvre (FoM) in cyberspace and proposes that manoeuvre can be interpreted as the methods and processes employed to attack and defend systems and information resources. The paper discusses cybersecurity fundamentals, the importance of situational awareness, risk management models, and defensive cyberspace operations. It also examines the impact of Emerging and Disruptive Technologies (EDTs) such as 5G, Artificial Intelligence (AI), and Quantum Computing (QC) on FoM in cyberspace.

Executive Summary

NATO defines manoeuvre as ‘Employment of forces on the battlefield through movement in combination with fire, or fire potential, to achieve a position of advantage in respect to the enemy to accomplish the mission’. But how does this definition apply to a nascent cyberspace domain? The objective of this paper is to help warfighters better understand cyberspace operations and explore what might constitute Freedom of Manoeuvre (FoM) in cyberspace. NATO has no doctrinal definitions for FoM in cyberspace. Therefore, this paper proposes that manoeuvre in cyberspace can be interpreted as the methods and processes employed to attack and defend systems and information resources to give one actor a competitive advantage over another.

To achieve its objective, this paper introduces the reader to cybersecurity and cyber defence fundamentals. To prevail in cyberspace, three components must be preserved: The confidentiality of the data, the integrity of data and systems, and the availability of data and systems. This is commonly referred to as the CIA Triad. In order to preserve the CIA triad, we must maintain cyberspace Situational Awareness (SA) to understand the space we operate in, including the infrastructure and the data within it. Next, we must develop adequate risk management models to identify and mitigate threats and vulnerabilities. Finally, we need a defensive cyberspace operation mechanism capable of dealing with breaches whenever the mitigation measures are overcome.

Cyberspace permeates our everyday lives. It was introduced to automate and expedite repetitive tasks and help humans deal with increasingly complicated problems. OODA loops are particularly well suited to allow automation of repetitive tasks that do not require human judgment; whomever can iterate through their descision processes the fastest gains a decisive advantage on any competitive endeavour, including warfare. Therefore, the system of systems that are OODA loops were early adopters of cyberspace technologies and continue to push the boundaries of the possible by adopting Emerging and Disruptive Technologies (EDTs) to automate tasks once considered unsuitable for computers. Adoption of computers and EDTs brings a suite of challenges including the risks of failing to fully secure and defend them, in accordance with the cybersecurity fundamentals discussed earlier. Russian’s quick deployment of a new cryptophone shortly prior to the start of the Ukrainian invasion and it’s almost instantaneous failure at the war’s onset is such an example. While EDTs should not be considered a cure-all, it does provide us with new opportunities and threats. Therefore, chapter 5 is dedicated to EDTs and will cover the impact on FoM in cyberspace brought about by EDTs such as 5G, Artificial Intelligence (AI), and Quantum Computing (QC).

With a basic appreciation of cybersecurity fundamentals and how OODA loops are enhanced through the effective use of cyberspace, it becomes possible to tease out the unique characteristics of cyberspace. Speed and operational reach can very quickly deliver effects against a great number of geographically separated targets. Rapid concentration and distribution becomes possible through automation to overwhelm a single target through fires coming in from innumerable points of origins across the world. Dynamic evolution plays a disproportionate role in evolving and transforming cyberspace at a rate never experienced by mankind before. Finally stealth and associated difficulties in attribution significantly complicates established international laws and norms regarding the proportionality and scope of a response.

Another key element to any manoeuvre is the identification of terrain, particularly key terrain. Because of the unique characteristics of cyberspace listed previously, it is often hard to identify relevant key terrain at any one time. However, there is one constant that transcends all recorded failures to defend in cyberspace: All attackers managed to circumvent or overcome authorization and authentication measures, making these the highest of high grounds regardless of the circumstances. It is also the reason why the cybersecurity industry as a whole is moving toward a ‘zero trust’ model where authorization and authentication takes centre stage.

The zero trust model is especially applicable to NATO as the organization is taking a data-centric approach to multi-domain operations where data sharing, data exchange, data appreciation, and data exploitation become the nexus to enable fully synchronized cross-domain and cross-nation military operations in the ultimate instantiation of the OODA loop. This vision for MDO will only be achievable if FoM in cyberspace can be preserved while being denied to our adversaries.

Finally, as we increasingly rely on technologies to enhance military capabilities, soldiers will be increasingly reliant on equipment and weapons platforms that depend on cyberspace to fulfil its function. Therefore, they will no longer simply be frontline fighters in their respective domain (air, land, sea, space); these conventional physical assets simultaneously occupy the frontline of cyberspace and their operators may be the first to observe attacks directed at them (or their equipment) through cyberspace. Therefore, military personnel of all branches will need to be adequately trained to deal with threats and attacks emanating from cyberspace and strongly supported by organic cyberspace capabilities such as incident response and hunt teams intended to blunt any such attacks. The concept of cyber FoM provides the lexicon and framework to make this vision a reality.

Author
Lieutenant Colonel
 Eric
 Jodoin
Joint Air Power Competence Centre

Lieutenant-Colonel Jodoin holds a Master of Science in Information Security Engineering (MSISE) from the SANS Technology Institute and has accumulated over a decade of experience in the planning and conduct of cyberspace operations.

His experience include a tour as director of operations at the Canadian Forces Network Operations Center (CFNOC), instructor and lecturer on various cyberspace operations and intelligence courses such as the Canadian Forces Cyber Defence Indoctrination Course, cyberspace operations planner for Canada and in support of multinational operations including Operation Inherent Resolve, and lead of the Cyber Component Coordination Element (CCCE) embedded within the Canadian Joint Operations Command (CJOC).

Information provided is current as of March 2022
Author
Major
 Fotios
 Kanellos
Joint Air Power Competence Centre (2019-2022)

Major Fotios Kanellos graduated from the Hellenic Air Force (HAF) Academy in 2003 as an Electrical Engineer specializing in Telecommunications and Computer Science. He holds three Master degrees, one in Technical-Economic Systems from the National Technical University of Athens (NTUA), one in Environmental Sciences from the University of Patras and another in European and International Studies from the National and Kapodistrian University of Athens.

He served as an inspection engineer for T-2 C/E aircraft and system engineer for the T-6A Flight Simulator at the Hellenic Air Training Command in Kalamata. His previous appointment was at the HAF Support Command managing IT and Cybersecurity projects. Currently, he is the Cyberspace SME at the JAPCC.

Information provided is current as of February 2022

Contact Us

Contact Information

Joint Air Power Competence Centre
Römerstrasse 140
47546 Kalkar
Germany

+49 (0) 2824 90 2201

Request for Support

Please leave us a message

Contact Form