Soldier from 3/187th Infantry, 101st Airborne Division, out of Fort Campbell, Kentucky, sets up SATCOM to communicate further with key rear elements as part of search and attack mission in area of Narizah, Afghanistan, July 23, 2002 (U.S. Army/Todd M. Roy)
Applying Irregular Warfare Principles to Cyber Warfare
By Frank C. Sanchez, Weilun Lin, and Kent Korunka
he cyberspace threat exists in a cyberspace and cyberspace threats that and can foresee, rapidly respond to, realm that does not conform to are initiated by faceless, borderless, and and counter cyberspace threats, the T the physical limits of land, sea, sometimes nationless enemies. These U.S. military’s strategy and approach to air, and space. Unlike these traditional enemies manifest in a domain neither cyberspace must adapt and incorporate domains, cyberspace fosters an unpre- confined nor governed by the tradi- unconventional approaches and hybrid dictable threat that can adjust, morph, tional norms and rules of war, which warfare into its operational capability. and reproduce without a national the broader military has no experience Despite its importance, the Nation’s identity or face.1 The challenge of the undertaking. To ensure the United leaders, strategists, and military planners military is to posture its approach to States maintains cyberspace dominance struggle to understand how cyberspace operations (CO) fit into national security as an instrument of national policy. A Commander Frank C. Sanchez, USN, is an Action Officer on the Joint Staff J32, Intelligence, significant shortcoming is due to the Surveillance, and Reconnaissance Operations. Major Weilun Lin, USAF, is Chief of the Central and leaders’ lack of experience and basic South Asia Branch, Joint Cyberspace Center, U.S. Central Command. Lieutenant Colonel Kent Korunka, USA, is a Joint Intelligence Planner, Joint Planning Support Element, Joint Enabling understanding of what cyberspace is and Capabilities Command, U.S. Transportation Command. what effects can be achieved in the cyber
JFQ 92, 1st Quarter 2019 Sanchez, Lin, and Korunka 15 Table. Conventional, Cyber, and Irregular Warfare Conventional Cyber Irregular Gaining political, economic, ideological, social, and Assisting in gaining political, economic, Assisting in gaining political, economic, Purpose (why) religious dominance via geolocation dominance ideological, social, and religious dominance; ideological, social, and religious dominance; for a period of time gaining information for competitive advantage gaining information for competitive advantage Using overt operations and/or covert operations; Using overt operations and/or covert operations; Using covert operations; attribution through Strategy (how) showing might; little attribution issue attribution issue intelligence State and nonstate actors, adaptive adversaries Involvement Some people such as military or paramilitary Everyone who has a device connected to affected such as terrorists, insurgents, and criminal (who) personnel networks networks Mainly intangible items such as information or Humans; mainly tangible objects; directly Humans; mainly tangible objects; directly Targets (what) tangible items such as information systems; may affecting human life affecting human life indirectly affect human life in cyber physical cases Anywhere with respect to geolocation if Space (where) Limited geolocaion Global connected Ongoing, but one attack is usually within a short Duration (when) A limited period of time Very limited period of time period of time Preparation time Relatively long period of time Relatively short period of time Relatively short period of time (when) Cost (what) Expensive Relatively less expensive Relatively less expensive Characteristics Relatively more transparent Relatively opaque and in stealth mode Relatively opaque and in stealth mode (what) Attribution (what) Relatively easy to find out May be hard to find out Relatively difficult to find out Rules of engagement Relatively clear Not clear Not clear (what) Less severe if not life or death situation; Less severe if not life or death situation; Impression (what) Always severe or brutal; obvious sometimes not felt sometimes not felt Damage (what) Severe with physical casualty Severe with information loss Sometimes severe Direct impact Everyone/every business connected to affected Someone/some businesses Someone/some businesses upon (who) networks Impact based on Geolocation Connection Geolocation (where) Deterrence (what) Obvious and forceful Limited currently Subtle Dominance (what) Could be achieved Hard to achieve Hard to achieve Result/Gain Obvious May not be very clear May not be very clear (what) Winner (who) Clear to identify May be hard to decide May be hard to decide Time for Relatively long Relatively short Relatively short recovering (when)
Source: Adapted from Jim Chen and Alan Dinerman, “On Cyber Dominance in Modern Warfare,” in Proceedings of the 15th European Conference on Cyber Warfare and Security, ed. Robert Koch and Gabi Rodosek (Reading, UK: Academic Conferences and Publishing International Limited, 2016), 54. realm. Unlike the younger generation, special operations. The many similarities warfare and cyber warfare are similar and who are considered digital natives, the shared by IW and cyber warfare (CW) providing the critical framework for using majority of national and military leaders can establish a foundation to guide U.S. IW principles to approach, define, and and military planners are considered leaders in the execution of cyberspace op- integrate cyberspace operations across all digital immigrants. Popularized by Marc erations to maintain cyber superiority. domains and Services, U.S. leaders can Prensky, the phrase digital natives refers Early cyber power theorists generally begin to understand how cyber power to the generation who grew up using dig- recognized three key terms: cyberspace, can increase the effectiveness of the ital technology, and digital immigrants cyber power, and cyber strategy.3 As the cy- broader U.S. military cyber force. refer to the generation born before the berspace domain matures, cyber theorists advent of technology (circa the 1980s) and thinkers still have not reached the Irregular Warfare and Cyber but later adopted its use.2 While digital appropriate definitions of these key terms. Warfare Interlinked immigrants lack cyber knowledge, many An understanding of irregular warfare Special operations have a long, storied, of them understand irregular warfare fosters a rudimentary knowledge of cyber and varied history within the U.S. mil- (IW) and the value and importance of warfare. By highlighting how irregular itary, including, for example, Roger’s
16 Forum / Applying Irregular Warfare Principles to Cyber Warfare JFQ 92, 1st Quarter 2019 Rangers, the assault of Pont-du-hoc, criminal organizations, and small groups and IW. A key difference, low personal and Operation Eagle Claw. Colonel to operate in the cyberspace environment risk, is the greatest strength of cyber Joseph Celeski, USA (Ret.), noted that on a similar level as nation-states and warfare. Cyber attacks can be conducted the Joint Special Operations University transnational organizations. The anonym- from almost anywhere while still within Special Operations Forces (SOF)-Power ity and lack of attribution afforded actors the confines and relative safety of a Workshop concluded that special oper- in the cyberspace domain resemble the nation-state’s geographical boundaries. ations is “a multi- and cross-domain covert or clandestine aspects of SOF. The low personal risk of CW lies in stark force, capable of conducting or sup- The cyber domain threatens regional contrast to the high personal risk assumed porting conventional or unconventional and national security in ways that are un- by SOF personnel conducting missions operations on various levels leading common in the other traditional domains in highly contested environments or deep to or supporting military and political of land, sea, air, and space.11 As a result, behind enemy lines. The low personal outcomes.”4 Members of the workshop bad actors in cyberspace range from in- risk of CW is further supported by the listed the following characteristics of the dividual hackers and criminal enterprises ease of entry into cyberspace and the lack SOF operational environment: to violent extremist organizations and of attribution so long as appropriate steps nation-states. Bad actors steal information are taken to conceal identities. A complex operating environment •• for personal or national gain for reasons Many core activities of special opera- marked by instability and ambigu- that include profit, intelligence, denial of tions seamlessly fold into the context of ity; acts of violence, influence, and services, or to inflict damage on critical cyberspace missions. Offensive cyberspace leverage are conducted in a nonlinear infrastructure. Within the traditional do- operations are similar to the intent of spe- and often indirect way and include mains, these types of actions are relatively cial operation’s direct action, countering low-level operations of subtlety and recognizable and easier to classify as acts weapons of mass destruction, military in- guile.5 of war, but in cyberspace the underlying formation support operations, and special A high-risk, highly sensitive environ- •• intent and attribution of a cyber attack reconnaissance missions. Likewise, the ment, in which there is high personal are difficult to discern. intent of special operation’s foreign inter- and political risk in conducting Past thinkers and strategists have nal defense and security force assistance operations.6 identified other similarities between missions compare to defensive cyberspace An irregular warfare environment •• special operations and cyber operations. operations.15 While the cumbersome characterized by intra-state and sub- Eric Trias and Bryan Bell wrote, “The process to identify and attribute the actor, state acts of political violence, plus inherently clandestine nature of special target, and effect of cyber attacks and insurgency, subversion, violent politi- operations parallels the ease of conduct- information to a nation or group is signif- cal action, and terrorism.7 ing stealthy cyber operations.”12 Patrick icant, the necessity for overt nation-state Joint Publication 3-05, Special Duggan proposed that “cyber-warfare versus nation-state engagement is not Operations, described the special opera- is, at its core, human-warfare” and “re- as profound. Operations in cyberspace tions environment as “hostile, denied, or quires SOF’s unique human expertise, should espouse undetected intrusion politically and/or diplomatically sensitive unconventional mindsets, and discreet where the potential for monitoring, . . . and . . . characterized by one or more asymmetric options.”13 Most notably, destabilizing, and manipulating provides of the following: time-sensitivity, clan- Jim Chen and Alan Dinerman presented greater long-term gain than immediate destine or covert nature, low visibility, a framework to compare and contrast destruction or devastation. work with or through indigenous forces, the similarities between conventional The U.S. approach to CW would greater requirements for regional orien- warfare and cyber warfare. Using factors likely best benefit from mirroring special tation and cultural expertise, and a higher borrowed from other authors, Chen and operations, IW, and the SOF community, degree of risk.”8 Dinerman created a matrix to facilitate the which rely on highly specialized and Cyberspace shares similarities with discussion of the cyber warfare capabilities unique tactics, techniques, procedures, special operations due to its complexity compared to conventional warfare.14 An and equipment. At its core, irregular and actors. The new global domain adaptation of their findings is reflected in warfare is about the “highly adaptive of cyberspace relies on the connected the table, which includes IW for compari- actors.” Rain Ottis and Peeter Lorents information technology infrastructure son and contrast, in order to highlight the wrote, “Cyberspace is a time-dependent that includes all the automation and similarities between CW and IW. While set of interconnected information systems networked system components through not entirely inclusive of all aspects and and the human users that interact with which information or content flows or is characteristics of each warfare, the table these systems.”16 They stress the fact that stored.9 Cyberspace operations are con- illustrates the strong parallels between “cyberspace is an artificial space, created ducted in the physical network, logical cyber warfare and irregular warfare. by humans for human purposes,” which network, and cyber-persona layers of the Despite the many similarities high- requires the need to understand and in- cyberspace domain.10 The ease of entry lighted in the table, it is important to fluence peoples’ thoughts and actions.17 into cyberspace allows individual actors, recognize the differences between CW
JFQ 92, 1st Quarter 2019 Sanchez, Lin, and Korunka 17 ing highly specialized skills with flexibil- ity, creativity, and innovation along with unique capabilities that achieve national objectives across a wide array of military options.19 Along those lines, the article introduces several other concepts and terminologies adapted from the SOF community. First, the concept of relative superi- ority used in irregular warfare should be applied to cyberspace operations. In his book Spec Ops, Admiral William McRaven defined the term relative superiority as “a condition that exists when an attacking force, generally smaller, gains a decisive advantage over a larger or well-defended enemy.”20 As noted earlier, ease of entry into the cyberspace domain requires low personal risk as it enables a force as small as an individual hacker to overwhelm or operate against a well-defended adversary at a potential point in time. A common misconception exists that global cyber dominance or supremacy is possible and easily maintained. William Bryant quoted the argument from noted cyber expert Martin Libicki that “cyber supremacy is meaningless and, as such, is not a proper goal for operational cyber warriors.”21 The Joint Operating Environment 2035 envisions a future security environment full of vulnerable points through which weapons systems can be directly engaged and military operations have global reach to individual work stations, servers, routers, or controller chipsets.22 The broad and dynamic nature of cyber- space, consisting of countless devices, makes it impossible to maintain total cyber superiority. This is a persistent risk where at any point in time, one may lose relative superiority. The recent release of U.S. Cyber Command’s “Command Soldier assigned to 2nd Armored Brigade Combat Team, 1st Cavalry Division, conducts dismounted electronic warfare training at Fort Hood, Texas, August 29, 2018 (U.S. Army/Carson Petry) Vision” highlighted this by stating, “New vulnerabilities and opportunities Applying Other IW by Colonel Sid Shachnow, USA, in the continually arise as new terrain emerges. Principles to Cyber mid-1980s, as guiding principles that No target remains static; no offensive Because of the similarities, the next will support success in future cyberspace or defensive capability remains indef- logical step is to cross over special oper- operations.18 The special operations initely effective; and no advantage is ations and IW terminologies to build on construct is built on individuals, small permanent. The well-defended cyber the foundation of thought and theory units, and advanced technology. The terrain is attainable but continually at regarding cyber warfare. In the paper first SOF Truth recognizes that its per- risk.”23 In Air Force Doctrine Document “Adapt Special Operations Principles sonnel rather than the equipment are 3-12, Cyber Operations, the Air Force to Cyber,” Nicholas Co recommended what gives special operations its decisive defines cyberspace superiority as “the the application of SOF Truths, created edge. It is highly trained people apply- operational advantage in, through, and
18 Forum / Applying Irregular Warfare Principles to Cyber Warfare JFQ 92, 1st Quarter 2019 from cyberspace to conduct operations ability for developing its strategy for Figure 1. �cCormick�s at a given time and in a given domain cyberspace operations.29 Some strategies Counterinsurgency �odel without prohibitive interference.”24 This are only oriented toward cyber defense definition closely aligns with Admiral or cyber security while other strategies
McRaven’s comment that relative superi- are offensive in nature. Principles and Feedback Population Feedback ority is achieved at the pivotal moment in theories from Gordon McCormick’s an engagement.25 “Counterinsurgency Diamond Model” Second, the term superiority alludes can be applied as a framework for devel- 1 1 2 2 to the ability to project a type of power oping a holistic approach or strategy for Insurgent 3 COIN Force Force on an adversary—cyber power. But the cyberspace operations. For this article, 4 4
Department of Defense (DOD) does a brief explanation of McCormick’s 5 5 not have a definition of cyber power. The model in its context and framework closest DOD definition is the Air Force’s would allow application of its overall International Feedback Feedback definition of cyberspace force application premise to cyberspace. As shown in Community as “combat operations in, through, and figure 1, Greg Wilson briefly describes from cyberspace to achieve military the model’s utilization and interactions: ���rce� Gordon H. McCormick, �Seminar in Guerrilla objectives and influence the course and Warfare,� Naval Postgraduate School, Monterey, CA, 2003. outcome of conflict by taking decisive The Diamond Model establishes a com- actions against approved targets.”26 To prehensive framework that considers define cyber power, John Sheldon uses the the interactions between the state or Figure 2. Cyberspace following: “the ability in peace and war host-nation government, the insurgents or �iamond �odel to manipulate perceptions of the strategic terrorists, the local populace, and inter- Feedback Population Feedback environment to one’s advantage while at national actors or sponsors. The state or the same time degrading the ability of an the “host nation” government’s goal is to adversary to comprehend that same en- destroy the insurgents or limit their growth 2 2 vironment.”27 By adapting SOF concepts and influence to a manageable level. The 1 1 Controllers 3 Disruptors and terminology to these previous defini- insurgent or terrorist goal is to grow large 5 4 4 5 tions, this article proposes the following enough to destroy the state’s control mecha- definition as a springboard for additional nisms and replace the existing government thought and discussion on cyber power. or force some form of political concession Feedback Governance Feedback At the strategic level, cyber power is from the government that achieves their the combined strength of a nation’s desired goals. To develop an effective ���rce� Adapted from McCormick’s Mystic Diamond Model (McCormick, �Seminar in Guerrilla Warfare,� Naval cyberspace capabilities to conduct and strategy, the state must first understand its Postgraduate School, Monterey, CA, 2003). influence activities in, through, and from advantages and disadvantages relative to cyberspace to achieve national security the insurgents. The state, which normally objectives in peacetime and across the full has an established security apparatus operational environment. National spectrum of conflict. At the operational consisting of armed forces and police, has leaders and military professionals should and tactical level, it is also the control and a force advantage over the insurgents but utilize this Cyberspace Diamond Model relative superiority gained by application suffers from an information disadvantage. to frame their strategic approach to cyber of cyberspace operations over an adver- This information disadvantage stems from warfare. This framework, however, can sary that uses technology as a means to the fact that the insurgents or terrorists are also be implemented at the operational contest integrity, confidentiality, security, difficult to detect and target because they and tactical levels to aid military leaders and accessibility of information. are dispersed and embedded in the local and planners in translating strategic direc- populace.30 tion into operational plans. Irregular Framework for The Controllers. Controllers are Cyberspace Strategy The Cyberspace Diamond the current influential or administrative Today there is a multitude of perspec- Model, shown in figure 2, is based force of a section of cyberspace, or in- tives and frameworks for cyber strategy. on McCormick’s Counterinsurgency formation communication technology The operational environment influences Diamond Model and promotes infor- (ICT). Examples of controllers can strategy because strategy must anticipate mation legitimacy in cyberspace through range from network administrators to the changes in the operational environ- good governance, improved security, and national governments. Generally, there ment.28 DOD utilizes central aspects of transparency (as related to attribution). is a single force that is the lead, but the the cyber threat such as threat actors, Information legitimacy is at the heart of private sector, organizations, or countries insider threats, supply chain vulnerabil- the cyberspace conflict, as it is received can provide additional capabilities to ities, and threats to DOD operational and perceived by all actors within the augment the controllers. The controllers
JFQ 92, 1st Quarter 2019 Sanchez, Lin, and Korunka 19 Air Force Institute of Technology students listen as professor (right) explains hacking technique during class at Wright-Patterson Air Force Base, Ohio, February 20, 2018 (U.S. Air Force/Al Bright) must integrate all instruments of national supporting disruptors. There is not article incorporates the term of gov- power—civil, military, diplomatic, in- always a clear distinction between volun- ernance based on the United Nations formation, economic, technology, and tary disruptors and those coerced into Educational, Scientific, and Cultural financial. These forces include but are supporting disruptors. For example, com- Organization’s (UNESCO’s) definition. not limited to policymakers, military, law puters in a botnet that are maliciously UNESCO defines it as “structures and enforcement, intelligence, infrastructure controlled without the owners’ consent processes that are designed to ensure ac- providers, and cyber security personnel. can be considered coerced (involuntary) countability, transparency, responsiveness, Controllers are defined by the disruptor’s disruptors. Disruptors conduct exploita- rule of law, stability, equity and inclu- perceptions, but external forces can be tion of the population’s trust to gain siveness, empowerment, and broad-based perceived by the disruptors as influencing support or control. participation.”31 UNESCO also refers to the situation, and, consequently, those The Population. The population it as “the norms, values and rules of the forces become part of the controllers. consists of the user in cyberspace or game” and “about the culture and insti- The same is true of the controllers the ICT—humans or machines. While tutional environment in which citizens defining the disruptors; however, the support may be coerced out of the pop- and stakeholders interact among them- controllers typically have a greater burden ulation, the population is not considered selves and participate in public affairs.”32 of proof as dictated by global perceptions. disruptors until it provides additional As one of the actors in the Cyberspace Attribution is the greatest hurdle for the support beyond what is required. The Diamond Model, governance consists of controllers to overcome. population serves as the source of power external nation-states, international orga- The Disruptors. Disruptors are the in both diamond models. However, in nizations, and other groups that do not humans, machines, governments, and cyberspace, the operational environment function in a direct or indirect support criminals conducting or supporting extends past geographic borders where role for the controllers and disruptors. operations to interrupt or disturb the the population can be global, regional, or Members of the governance, similar to availability, security, confidentiality, or an individual system user. the population, remain neutral until they integrity of information in cyberspace. Governance. Although cyberspace provide support to a side; once support is Disruptors are also anyone or any- lacks the normal rule of law and tra- provided (or perceived to be provided), thing that is either actively or passively ditional notion of governance, this they become controllers or disruptors.
20 Forum / Applying Irregular Warfare Principles to Cyber Warfare JFQ 92, 1st Quarter 2019 The legitimacy of an organization or en- tity may be placed upon or perceived by the actors within cyberspace. Examples of governance, perceived or placed upon by the population, are the National Institute of Standards and Technology, WikiLeaks, or Hypertext Protocol.
Framing Cyber Strategy and Feedback Controllers and disruptors must conduct every operation in consideration of how it will affect the perceived legitimacy of the information that is received by the population and governance. As shown and numbered on the Cyberspace Diamond Model, the controllers and disruptors will use all five of the follow- ing strategies throughout the cyberspace conflict; however, the source of power, Building 92 at Microsoft Corporation headquarters in Redmond, Washington, May 30, 2016 as noted, is primarily the population. (Courtesy Coolcaesar) Cyberspace enables controllers to focus on direct action against the disruptors amount of resources, time, capabilities, obvious signature enables the disruptors by utilizing cyber attacks. It is important and manpower. to identify the activities and locations of to note, however, that controllers must Strategy 2: Information Disruption. controllers, which therefore increases the recognize the significance of maintaining As depicted in figure 2, the intent of level of personal risk to the controllers. the security, accessibility, integrity, and strategy 2 is to prevent or interrupt the This knowledge enables disruptors to confidentiality of the population’s infor- opponent’s control of the population. conduct attacks at the time and location mation. As a result, emphasis is placed The objective of the controllers is to of their choosing, thereby potentially on strategies 1 and 5 as both forces must create a divide between the disruptors reducing collateral damage or attribution. execute elements of each strategy. and population by delegitimizing the Because the operational environment Strategy 1: Population Support. In disruptors’ information and denying can be expansive, controllers must first figure 2, the intent of strategy 1 is to gain them access and freedom of movement gain intelligence before it can conduct the support of the source of power‑—the to, from, and through the population effective operations against disruptors. population—since both controllers and and other resources in the operational Indiscriminate assaults can delegitimize disruptors rely on popular support for environment. Disruptors must attempt the governance of the ICTs and thereby success. Although controllers are gener- to delegitimize information transmitted lose the support of the population. An ally strong in resources, personnel, and through cyberspace and ICTs or break example of indiscriminate assaults is a cyberspace capabilities, they normally lack or disrupt the controllers influence over government’s mass censorship of infor- specific intelligence on the disruptors. the population and resources that dis- mation in cyberspace. Therefore, controllers need popular ruptors depend on. Strategy 2 favors the Strategy 4: Disrupt Interaction. support to gain the required intelligence disruptors due to ease of attack on the Both forces require perceived legitimacy to identify the disruptors. This is sim- information legitimacy of the controllers to obtain support and access to gover- ilar to the IW interaction between the as compared to the challenging task of nance in strategy 4. The recent Shadow counterinsurgency or insurgency forces the controllers to attack the information Brokers (disruptors) leak of National and the population. Controllers promote legitimacy of the disruptors. Transparency Security Agency secrets and capabilities information legitimacy through good and accountability are key to the success serves to disrupt information legitimacy governance, improved security, and of the controllers. Similar to IW, it is eas- between the U.S. Government (con- socioeconomic conditions in cyberspace. ier for insurgents to attack the legitimacy trollers) and Microsoft (governance). The goal of controllers is to maintain its and control of governments. Microsoft has perceived governance control of the operational environment, Strategy 3: Direct Action. Strategy because it is responsible for providing the legitimacy of their information, and 3 is directed at striking the opponent vulnerability and security patching the trust of the population. Securing and to disrupt his operations and deny his and fixes for its products. Using the maintaining the support of the popula- will and ability to continue the conflict. Cyberspace Diamond Model, the U.S. tion will cost the controllers a substantial The controllers’ broad, sweeping, and Government (controllers) needs to attack
JFQ 92, 1st Quarter 2019 Sanchez, Lin, and Korunka 21 17 the information legitimacy of the Shadow state and nonstate actors should be con- Ibid. 18 Nicholas Co, “Adapt Special Operations Brokers (disruptors), while boosting their ducted in protracted regional and global Principles to Cyber,” U.S. Naval Institute Pro- relationship, interaction, and trust with campaigns, often beneath the threshold ceedings 143, no. 6 (June 2017), 58–59. Microsoft (governance). of overt war.33 Furthermore, our cyber 19 JP 3-05, Special Operations, I-2. Strategy 5: Governance Relationship. strategies require a whole-of-nation and/ 20 William H. McRaven, Spec Ops, Case Strategy 5 outlines that at the nation-state or a whole-of-international-coalition Studies in Special Operations Warfare: Theory and Practice (New York: Random House, level, the legitimacy of governance and approach to obtain relative superiority 1995), 4. strong international backing can provide in the dynamic cyberspace operational 21 William D. Bryant, “Cyberspace Supe- perceived information legitimacy. At environment. By utilizing the Cyberspace riority: A Conceptual Model,” Air & Space that level, this is stressed through the Diamond Model to frame cyberspace Power Journal 27, no. 6 (November–December whole-of-nation approach and strong strategy at the strategic, operational, and 2013), 25, available at
22 Forum / Applying Irregular Warfare Principles to Cyber Warfare JFQ 92, 1st Quarter 2019