By Col (ret'd) Pat Stogran
The headlines read Canada is going to develop an offensive capability in cyber warfare. For the most part the message was well received by the general public, but for one Armchair Colonel, washed-up warfighter and student of strategy that I am, it confirmed for me the reason I decided my shelf-life in uniform had expired back in 2007 and the inferences that I have been drawing from the unclassified open sources that I am privy to now as a civilian: Canada’s strategy to defeat extremist Islam is either fundamentally flawed or simply non-existent.
Granted, our government does have a National Cyber Security Strategy, created under the Conservative government of Stephen Harper, but not only is that document so passive and reactive to the threat that it can be dismissed as mere window dressing. We should not have much confidence that our government is effecting that strategy any more coherently, as flawed as it is, than they did their Canada First Defence Strategy that was in place while our defence forces were consumed fully with operations in the Middle East.
Back in the good ole days when I was still serving, we used to talk about the profound effect that the emerging technologies of the Information Age were going to have on the way we fought wars. At the time, military theorists were prognosticating that the technological revolution was going to be an impetus for a whole new form of warfare, a sort of global insurgency. Some of the bolder predictions suggested would make conventional warfare obsolete. The intellectually agile doctrinal grey beards in the military were quick to seize on this concept, coining it the “asymmetric threat,” and developed an impressive and pretty comprehensive body of dogma regarding the emerging security environment that they bubble-wrapped and delivered to the trigger pullers.
Operators embraced this theory as a Revolution in Military Affairs (RMA), but sadly missed the mark in terms of what all this groundbreaking theory meant. Operationally, the focus of effort was on the exploitation of digital technologies, seemingly on precision-guided munitions of hugely devastating potential to be delivered with virtual millimetric accuracy as to destroy pinpoint and moving targets on the other side of the globe. Senior management in the military saw this RMA as a force multiplier that would allow us to disperse our assets over huge swaths of territory in order to enhance their survivability on this “modern battlefield” while concentrating their fires at key times and places to destroy the enemy’s armoured forces before they could figure out what was happening. In other words, the military community was exploiting information technology in order to be the deadliest damn force on the Industrial Age battlefield. If we had to fight World War II over or intervene in Bosnia again, we were going to kick some serious ass.
At the same time, however, a concept called Information Operations (IO) was also being promulgated by doctrine gurus. The United States Army Field Manual 3-13 Information Operations defines it as “the integrated employment, during military operations, of information-related capabilities [IRCs] in concert with other lines of operation to influence, disrupt, corrupt, or usurp the decision-making of adversaries and potential adversaries while protecting our own.” (A breakdown of those IRCs — which amount to a revision of operational functions and concepts that, for the most part, were already resident in military operations — can be found in the sidebar on page 27.) IO consolidated and enshrined them to their rightful context vis-à-vis the physical destruction caused by the combat power that military formations generate by either kinetic attack — the transmission of energy to destroy targets through explosive means or high-velocity projectiles — or non-kinetic attack, such as chemical, electromagnetic, acoustic or light energy, or radiation.
While the profoundness of the RMA was clearly apparent in the devastating effect that information technology had on kinetic operations, I would submit that the importance and hence the full potential of IO doctrine has yet to be realized in theory and in practice.
The military is notorious for pumping out new and plagiarized doctrine as vigorously as putrid water out of the bilges of Canada’s aging warships, but on the ground continues to conduct operations the way it always has, except for the more colourful lexicon. I think there are two reasons why this happens. First, the concepts can become so esoteric and philosophical that they have little relevance for the warfighter. Secondly, if new and emerging doctrine does not take hold within the force, the answer often seems to be to write more rather than write more clearly.
One can see both of these phenomena manifested in the development and application of IO doctrine. Since the turn of the century, IO has been a growth industry for doctrine writers. IO has morphed between one of capturing the philosophies behind and practices associated with the non-physical aspects of combat operations to being subjected to the mission-creep of institutionalizing an entirely new domain the military was referring to as Information ‘and Influence’ Operations. Thankfully, in the latest iteration of Field Manual 13-3 the U.S. Army has dropped the reference to “influence” operations from its title. My reason for this should be readily apparent to regular readers of my column in Esprit de Corps. The whole raison d’être of military forces and their operations is to influence the behaviour of antagonists. As such, physical and information operations in the military should at once be viewed as a continuum of coercion that the military brings to the diplomatic, economic and informational efforts being applied by the government at the national strategic level.
In the meantime, a full-fledged Information War is being waged around the world and our government is only just realizing that Canada requires a full-fledged offensive cyber capability. For some, the Stuxnet viral cyber attack on Iran’s nuclear capability was, for all intents and purposes, an opening salvo of this information war in cyberspace, but we can be very sure that affair was but the tip of the proverbial iceberg. Russian cyber attacks that have caused damage to infrastructure and the power grid in Ukraine, fake news, malware detected in a New England power station, the hacking of Democratic National Committee emails: these are all indications of a war that is raging every bit as vigorously in the informational domain as the physical one that is out of control in the Middle East.
In upcoming articles I intend to unpack the theory of Information Operations with a view to discussing how it might lend itself to mitigating the threats as they exist today for Canadians and the Canadian way of life. As usual, I look forward to comments and criticisms from readers to help me with my analysis, and offer a copy of my book Rude Awakening: The Government’s Secret War Against Canada’s Veterans to anybody who’s contribution makes its way into my column. Until next month ...