Chief of warfighting integration and chief information officer for Office of Secretary of Air Force discusses cyber security during seminar at Barksdale Air Force Base (U.S. Air Force/Chad Warren)
Cyber Power in 21st-Century Joint Warfare
By E. Lincoln Bonner III
For, in war, it is by compelling mistakes that the scales are most often turned.
—B.H. Liddell-Hart Strategy: The Indirect Approach (1941)
n 2008, Russian military forces, autonomy to pro-Russian governments supported by cyber attacks, rapidly in South Ossetia and Abkhazia. Cyber defeated opposing Georgian forces power is the ability to exploit cyberspace Lieutenant Colonel E. Lincoln Bonner III, USAF, is I Director of Operations at the Space Operations and seized territory later traded in to create advantages and influence Squadron Aerospace Data Facility–Colorado. exchange for Georgia’s granting greater events, and cyberspace is the interde-
102 Features / Cyber Power in 21st-Century Joint Warfare JFQ 74, 3rd Quarter 2014 pendent and interconnected networks and helped guarantee that it would fail.”2 (that is, information mobility), and at- of electronics and the electromagnetic As a result, the requirement emerged to tack—in addition to orientation (that is, spectrum where information is created, gain and maintain air superiority, thereby information/computer processing) and stored, modified, exchanged, and securing the information advantage flow- command and control—without prohibi- exploited.1 The 2008 Russia-Georgia ing from aerial observation. Despite its tive interference by the enemy. Cyber war marks the only public incidence of value to effective land operations, aerial interdiction interrupts, destroys, or oth- cyber power integrated with traditional reconnaissance could not directly degrade erwise neutralizes electronic information kinetic military operations. To date, or defeat enemy operations. lines of communication and electronic however, little attention has been paid In the same manner, cyber power’s information systems of supply (that is, regarding how to integrate cyber power military development can trace its cyberspace) used by enemy land, sea, air, into conventional military operations. roots to reconnaissance. As the recent and space forces for a sufficient length of Rather, research has tended to focus on Mandiant report about Chinese cyber es- time that they will immediately or in due the independent use of cyber power for pionage highlights, much of the impetus course prove fatal to his continuance of espionage and as a means of strategic to develop cyber power arises from the effective operations. Unlike today, World attack to punish and/or compel a state advantage that accrues to the side that War II bombers lacked the precision to do one’s will. can conduct more effective cyber recon- attack capability to substitute for the le- This article addresses this research gap naissance operations.3 In turn, effective thality of land forces to destroy an enemy by focusing on how cyber power can best cyber reconnaissance and the information army. Hence airpower’s primary offensive be integrated into joint warfare to fight advantage that comes with it depend contribution was air interdiction. Like and win the Nation’s wars. Using the on possessing at least a degree of cyber air interdiction in Slessor’s time, cyber Russia-Georgia war as an illustrative case, superiority. Like airpower, cyber recon- interdiction is the principal contribution this article argues that the principal value naissance and cyber superiority can make of cyber attack operations in joint warfare of integrating cyber power into a joint friendly operations more effective, but today. military campaign is that it compels the they cannot directly degrade or defeat In the air and cyberspace domains, enemy to make mistakes by performing enemy operations. offensive operations to destroy or neu- three main warfighting tasks: reconnais- In 1936, 18 years after World War I tralize the adversary’s air and cyber forces sance, superiority, and interdiction. It ended, Sir John Slessor of the Royal Air are the primary means of establishing begins with a description of how cyber Force described how airpower could be superiority within each domain. Cyber power’s main warfighting tasks support integrated with land operations to di- reconnaissance, however, plays a much kinetic operations by degrading/disrupt- rectly and substantially degrade or defeat greater role in gaining cyber superiority ing the enemy decision cycle. The cyber an adversary’s warfighting capability in than aerial reconnaissance plays in estab- aspects of the Russia-Georgia war are airpower and armies. Using evidence lishing air superiority. At the tactical level then analyzed to show how pro-Russian from British military operations in the in cyberspace, the speeds of action and of forces employed cyber power to degrade Middle East, Slessor deduced that in ad- observation both approach the speed of the Georgian decision cycle in support of dition to aerial reconnaissance, airpower’s light. In other words, cyber defenders do kinetic military operations. Finally, impli- main warfighting tasks in a joint air-land not have the benefit of the warning time cations for present and future integration campaign were to gain and maintain air that observation at the speed of light via of cyber power into joint warfare are superiority and to interdict enemy land radar gives air defenders. Consequently, discussed. lines of communication and supply. Air tactical defenses are unlikely to have suf- superiority continues to provide friendly ficient warning to react against a cyber Reconnaissance, Superiority, forces with the ability to exploit airpower attack and prevent significant negative and Interdiction for reconnaissance, mobility, and attack effects. Tactical defense in cyberspace Cyber power has evolved similarly to without prohibitive enemy interference.4 is more akin to battle damage repair, early airpower and will likely make Air interdiction destroys or interrupts recovery, and reconstitution than to any contributions to joint warfare now and those elements of an enemy’s system of analogous effort to parry a physical blow. into the foreseeable future, namely to supply or communication for a sufficient Effectively defeating cyber attacks thus conduct cyber reconnaissance, gain and time that the degradation will immedi- largely depends on fielding a set of defen- maintain cyber superiority, and conduct ately or in due course prove fatal to his sive measures that one knows in advance cyber interdiction. continuance of effective operations.5 an adversary cannot overcome. That is, In World War I, the advantages of aer- Cyber superiority and cyber interdic- the most effective way to achieve cyber ial reconnaissance gave birth to the battle tion can also be described in terms akin superiority is to field cyber defense and for air superiority. Aerial reconnaissance to air superiority and air interdiction. cyber attack capabilities that render po- “warned of any movement or change in Cyber superiority provides friendly forces tential corresponding enemy cyber attacks the enemy camp, and with few excep- with the ability to exploit cyber power and defenses impotent a priori. The criti- tions it foretold the enemy’s offensive for reconnaissance, communication cal requirement for neutering potential
JFQ 74, 3rd Quarter 2014 Bonner 103 Marines monitor aircraft and ground troops for information to pass to combat elements, Operation Javelin Thrust (U. S. Marine Corps/ Chelsea Flowers) enemy cyber attacks and defenses without can develop and field cyber defenses that transportation network is to deliver ac- known precedents, and thus the key to negate adversary cyber attacks prior to curate, relevant, and timely supplies (that cyber superiority, is technical intelligence their use as well as develop cyber attack is, the right stuff to the right place at the about enemy cyber attack and defense capabilities impervious to enemy cyber right time)—or information in the case capabilities, as well as tactics, techniques, defenses. Possessing cyber attack capa- of cyberspace.6 Regardless of whether an and procedures. Although all-source bilities that are relatively impervious to interdiction campaign chooses to target intelligence contributes to developing anticipated defenses is a critical require- a network’s capability to deliver supplies this foreknowledge, the principal way ment for cyber interdiction. The kinetic with accuracy, relevancy, or timeliness, the of gathering the requisite intelligence is corollary to this set of cyber reconnais- objective is the same: to introduce friction cyber reconnaissance. Unlike orders of sance activities might be more commonly and uncertainty into the decision cycle so battle, cyber capabilities only exist in cy- described as intelligence preparation of it becomes increasingly difficult for the berspace and cannot be observed except the battlespace. Therefore, it is during the enemy to conduct effective operations in from within cyberspace. Thus, those who intelligence preparation of cyberspace, comparison to friendly forces. Interdiction win the cyber reconnaissance competition which should be constantly ongoing dur- is not about the impact of any one attack in peacetime will likely win the battle for ing peacetime, when cyber superiority is on an enemy network, but rather the cu- cyber superiority in wartime. won or lost. mulative effects of a stoppage.7 To gain and maintain cyber superi- Cyber interdiction is made possible A successful interdiction campaign ority, peacetime cyber reconnaissance by, and complements, cyber superior- accounts for a network’s capacity—how operations should prioritize intelligence ity. Interdiction in general is a network much (flow volume) and how fast (flow about enemy cyber reconnaissance and warfare concept applicable to any domain. rate) supplies can travel through the attack capabilities (for example, enemy An electronic information network is network to meet user demand. In air in- malicious code development), followed simply a transportation network, but terdiction campaigns, air attacks and land by enemy cyber defense capabilities. With rather than physical supplies, information operations complement each other to intelligence about these activities, one is the commodity. The objective of any overwhelm the enemy’s supply network.
104 Features / Cyber Power in 21st-Century Joint Warfare JFQ 74, 3rd Quarter 2014 Air attacks destroy, disrupt, or degrade the decision advantage created by cyber Cyber Power in the 2008 nodes and links in the enemy’s land trans- reconnaissance over cyber interdiction. Russia-Georgia War portation/supply network (for example, For example, the United States in World The 2008 Russia-Georgia war helped rail and roads), reducing its capacity. War II, in what it anticipated to be a long focus attention on cyber power and Simultaneously, land combat operations conflict, protected the information ad- its utility in war in a way that previous create demand for a high volume of sup- vantage it gained from breaking German cyber power uses had not. That con- plies to flow through the network at a and Japanese encryption rather than flict’s high profile caused it to become high rate. Land combat operations place taking actions that might compromise the subject of much study, so it is a rich timeliness requirements on an enemy’s this invaluable intelligence source. This source of information for analyzing the supply network that air interdiction critical intelligence advantage allowed dynamics of cyber power in a joint mili- prevents the network from meeting. For U.S. forces to decimate Japanese convoys tary campaign. example, when combat was at a fever as well as choose the time and place of Following Georgian independence pitch in the phase of the Korean War battle in a war that lasted more than 3 in 1991, secessionists seeking to remain spanning the Inchon Landing to China’s years.8 Commanders going forward must part of Russia seized control of the ma- entry, both sides consumed supplies weigh the costs and benefits of sacrificing jority of Abkhazia and portions of South voraciously, demanding a high volume intelligence gained from cyber recon- Ossetia before cease-fire agreements were and a high rate flow from their respective naissance over the long term against the reached in 1992 and 1994.9 These con- networks. However, the North Korean effects created by cyber interdiction in flicts remained unresolved and formed army had to rely on a low capacity rail the near term. the roots for the 5-day war between and road network to meet its tremendous Cyber interdiction compels an enemy Russia and Georgia in 2008.10 needs. American air interdiction ensured to make a mistake. Like the complemen- On the surface, cyber power would that North Korean forces could never tary relationship between air interdiction not appear to be particularly useful in a accumulate enough supplies or resources and land operations, high intensity kinetic war with Georgia. Only 7 percent of the in sufficient time to mount a successful operations create information demands citizens used the Internet daily,11 which counterattack, and U.S. forces rapidly that can overwhelm an information might cause one to overlook Georgia’s moved north to the Yalu River. At pre- network whose useful capacity has been critical cyber vulnerability—more than cisely the time when the enemy needs the reduced by cyber interdiction. To limit half of 13 connections to the outside most from its supply network, interdiction the effects of cyber interdiction, an op- world via the Internet passed through makes it capable of providing the least. ponent could concentrate his information Russia, and most of the Internet traf- A cyber interdiction campaign— supplies, which would place them at fic to Web sites within Georgia was where cyber interdiction is the greater risk for destruction from cyber or routed through Turkish or Azerbaijani destruction, disruption, or degradation kinetic attack. Additionally, cyber attacks Internet service providers, many of which of nodes, links, and data in an enemy that alter, reroute, or delay data present a were in turn routed through Russia.12 information network to interrupt it and choice to an opponent. If a cyber attack Georgia’s Internet infrastructure suffered reduce its capacity—functions similarly alters or reroutes an enemy’s data, he can from a dearth of internal connections to an air interdiction campaign, with one act on the information he has, increas- known as Internet exchange points.13 critical exception. Unlike air interdiction, ing the likelihood that he will make a Consequently, a Georgian user’s request cyber interdiction can make portions of mistake, or submit additional requests in for a Georgian Web site would likely be cyberspace inaccessible for other opera- an attempt to acquire the missing data, routed through Russia, analogous to tions such as reconnaissance. Air attacks thus reducing his network’s useful capac- having to travel through Mexico to get do not prevent the use of the air domain ity and hindering timely information from Los Angeles to San Francisco.14 for mobility and reconnaissance. Because development. If he chooses the latter, As a result, pro-Russian forces could cyberspace is composed of information he will compound the effects of cyber employ cyber power to affect a large networks, cyber interdiction, which by attacks that add extraneous data into percentage of Georgia’s access to, and definition will disrupt enemy informa- the network, further impeding timely use of, the portion of cyberspace known tion networks, will probably hinder the information development and poten- as the Internet. Lacking control of the ability of cyber reconnaissance to gather tially depriving him of new information infrastructure required for external or in- intelligence data from targeted networks. altogether. Cyber interdiction thus com- ternal Internet use, Georgia could neither As a result, tension exists between cyber promises an enemy’s decision cycle by disperse network traffic nor cut Internet interdiction and cyber reconnaissance. placing him on the horns of a dilemma. connectivity from abroad as defensive If one anticipates a long conflict, or Should he yield superiority in decision measures without ceding the cyber if use of a specific cyber attack in one speed or yield superiority in decision advantages of Internet access if the state conflict would significantly decrease quality? Either way the cumulative effect came under cyber attack.15 one’s cyber advantage in more vital po- of yielding decision superiority over time The Russia-Georgia war officially tential contingencies, one should favor will inevitably lead to mistakes. started on August 7, 2008, after
JFQ 74, 3rd Quarter 2014 Bonner 105 Georgian military forces responded all indicate that the cyber superiority failure of Georgia’s cyber defense, it did to alleged Russian provocation with a the pro-Russian cyber forces held over attempt at least one major counterattack, massive artillery barrage on the town of Georgia was the product of excellent but it also failed. Georgia posted cyber Tskhinvali in South Ossetia.16 Moscow preconflict cyber reconnaissance and in- attack tools and instructions in Russian- seized the opportunity to further so- telligence preparation of cyberspace. language Internet forums to deceive lidify South Ossetia’s and Abkhazia’s To assert cyber superiority, pro- pro-Russian cyber forces into unwittingly independence from Georgia. It immedi- Russian cyber forces suppressed Georgia’s attacking Russian Web sites instead of ately deployed troops to South Ossetia cyber defenses through diversion and Georgian sites.27 This Georgian counter- and initiated aerial bombing raids on direct attack. Educational institutions attack appears to have had a negligible Georgian territory. It also deployed its devoted to science, technology, and effect on the Russian Web sites targeted.28 navy to blockade the Georgian coast and medicine were among the initial 11 Overall, the cyber defense efforts were landed marines on the coast of Abkhazia. botnet cyber targets struck.22 At the too little too late. After Russian mechanized forces and time, Computer Emergency Response With cyber superiority in hand, pro- South Ossetian militia defeated the Team Georgia (CERT Georgia) was Russian forces used cyber interdiction lightly armed Georgian military around chartered solely to provide cyber security to choke Georgian communications Tskhinvali, they invaded Georgian terri- for higher education institutions within by leveraging the generic properties of tory uncontested.17 Georgia was not able the Georgian Research and Educational transportation networks. After the first to offer even a modicum of additional Networking Association (GRENA).23 By wave of botnet cyber attacks on the initial resistance because of the advantage cyber attacking educational institutions, cyber 11 targets, an ad hoc cyber militia joined power created for the Russian forces.18 attackers focused CERT Georgia on its the assault. Cyber attack tools and a list The concentration and advanced charter mission of protecting GRENA’s of suggested targets were posted on Web preparation of cyber attacks in the war cyberspace and away from responding sites for Russian supporters to launch suggest that cyber superiority and cyber to the larger national crisis. By attacking their own strikes. The instructions were interdiction operations against Georgia what the opponent must succor—the simple enough for people with limited were the product of cyber reconnaissance GRENA—pro-Russian cyber forces used computer skills to follow. This ad hoc and intelligence preparation of cyberspace CERT Georgia’s natural response against cyber militia was so effective that it shut well in advance of the conflict. The cyber it to divert and suppress the state’s best down or defaced 43 Web sites beyond the interdiction campaign against Georgia cyber defenses. Also, a popular Georgian 11 original botnet targets.29 In total, 54 included both Web site defacements and Internet hacker forum was among the Georgian Web sites related to commu- distributed denial of service (DDoS) at- initial 11 cyber attack targets, impeding nications, finance, and government were tacks. The botnet assault was precise in some of Georgia’s more capable cyber struck, and Georgians could not access scope and concentration, never exceed- experts from coordinating an organized these sites for information or instruc- ing 11 targets, and the same Web sites response.24 Pro-Russian forces achieved tions.30 The cyber attacks thus denied continued to be attacked throughout cyber superiority using the method Georgian forces access to a key portion of the war.19 Most of the cyber attacks were Slessor described to gain command of the their information network, the Internet, customized for Georgian targets with at air—through disruption, dislocation, and reducing their overall information net- least one Web site defacement prepared disorganization of the opposing force. work’s useful capacity. more than 2 years prior to the conflict.20 Pro-Russian cyber power maintained As a result, the cyber attacks dislo- The cyber attacks were also sophisticated cyber superiority throughout the conflict, cated Georgian data flows, shunting in their targeting. Government and news and as a result Georgia never mounted a data that normally would have traveled media Web sites were struck first, helping successful cyber defense or cyber counter- over the Internet into more traditional sow confusion by hindering Georgians attack. For example, Georgia attempted conduits such as telephone and radio and their officials from determining what to maneuver around the cyber attacks by communications. Additionally, land, was actually happening and delaying any filtering them out based on their origin sea, and air combat operations created international response. In addition to (that is, their originating Internet pro- a dramatic spike in the data volume and Georgia’s two major banks, cyber attacks tocol [IP] address). However, the cyber data rate demands on Georgia’s overall targeted commercial entities that could attackers’ intelligence preparation allowed information network. For example, in have been used to communicate or help them to easily defeat this tactic. Cyber the town of Gori, government and news coordinate a response to Russian forces attackers routed their assault through Web sites were disabled with DDoS at- writ large and the cyber attack specifi- foreign servers to mask their real IP ad- tacks just prior to a Russian air attack, cally.21 The concentration of botnet cyber dresses and created false IP addresses to which would predictably drive informa- attacks on 11 targets, the years-long cyber spoof Georgia’s cyber defense filters.25 tion demands up.31 A subsequent spike attack development, and the sophisticated Still, Georgia preserved the use of some in information communication demands appreciation of how Georgia would likely government Web sites by moving them combined with the dislocation of Internet use the Internet to operationally respond to U.S.-based servers.26 Despite the communications to more traditional
106 Features / Cyber Power in 21st-Century Joint Warfare JFQ 74, 3rd Quarter 2014 Marine F/A-18 Hornets escort F-35 Lightning II to Eglin Air Force Base, Florida (U.S. Air Force/Joely Santiago) forms—such as cell and land phones—ap- Furthermore, cyber interdiction In that war, cyber attacks for cyber pear to have created a bottleneck. likely multiplied the effectiveness of superiority and cyber interdiction were Georgians were trying to transmit cyber attacks conducted to achieve cyber mutually reinforcing. The result was more data at a higher rate than the use- superiority by interfering with CERT a situation where Georgian commu- ful capacity of their information network Georgia’s ability to gain situational nications—its system of information could accommodate because a large pro- awareness and orient itself to more supply—were gummed up, preventing portion was being consumed by cyber effectively respond. Slessor describes timely delivery of data and commands attacks injecting extraneous data into the the problem of air superiority as “how to Georgian forces. The Georgians had network. The cyber attacks effectively to deprive the enemy the ability to to choose whether to yield superiority in jammed Georgia’s overall information interfere effectively by the use of his decision speed or decision quality. The ef- network during the early stages of the own air forces.”33 Because all Georgian fect with either option was an unqualified war when rapid and organized action by information communications were es- Russian military advantage that Georgia Georgian defenses, cyber and kinetic, sentially jammed by the cyber interdiction could not overcome. could have had the greatest impact.32 attacks, CERT Georgia would have Cyber interdiction created a Russian had an extremely difficult time simply Implications military advantage at the operational and gathering enough data to understand the As in the early days of airpower, cyber tactical levels by hindering the Georgian cyber attacks’ effects, much less mitigate power today is critical to victory, but it military’s ability to organize and conduct them. By jamming all Georgian com- probably cannot win wars alone if for no effective operations to thwart kinetic munications, cyber interdiction not only other reason than its inability to create Russian military operations. Cyber in- interrupted Georgia’s traditional military much violence, although this shortcom- terdiction created conditions such that response but also likely stifled Georgia’s ing will likely fade in the future. Conse- Georgian forces could not help but to cyber defenses, prolonging pro-Russian quently, it is imperative to understand act mistakenly. cyber superiority. how best to employ cyber power in
JFQ 74, 3rd Quarter 2014 Bonner 107 concert with land-, sea-, and airpower. interdiction. Data fusion centers are few attacking those nodes in cyberspace Airpower theory suggests two principles in number compared to the combat sys- will have widespread effects. However, to guide cyber power strategy at the tems they support (for example, fighters, tactical data is so perishable that even operational level: securing the enemy’s tanks, and submarines), and they are the temporary disruptions to the data link freedom of action, and confronting him nodes where raw materials (data) are mar- network can have significant negative with a choice between at least two bad shaled and transformed into information, impacts on the ability of each tactical unit options. Cyber superiority satisfies the a coherent understanding of the situa- to derive information before the data are first principle, while cyber interdiction tion to be shared across military forces. no longer a valid basis for decisions. As satisfies the second. The example of the Data fusion centers are centers of gravity a result, disrupting tactical network data 2008 Russia-Georgia war demonstrates in cyberspace because they are where links, not disabling nodes, is the appro- the truth of these principles, but how orientation happens. Fusion centers priate objective of cyber interdiction at should one go about gaining and main- at the operational level include enemy the tactical level. Interrupting these links taining cyber superiority and conduct- command and control nodes and intel- can cause brief but meaningful delays and ing cyber interdiction? ligence, surveillance, and reconnaissance misperceptions in an opponent’s decision With securing cyber superiority processing, exploitation, and dissemina- cycle to create or magnify a “first look- being the first priority for military cyber tion nodes. By destroying, degrading, or first shot-first kill” tactical advantage. By power, initially focusing on neutralizing neutralizing these data marshaling yards, focusing military cyber power on gaining the adversary’s capability to prohibi- cyber interdiction caps an adversary’s and maintaining cyber superiority and tively interfere with friendly operations operational effectiveness by limiting his cyber interdiction at the operational and via cyberspace seems most logical. ability to orient and concentrate effects tactical levels, joint forces can maximize Consequently, the enemy’s cyber attack, in time and/or space. Regardless of an their capabilities and gain a significant de- cyber reconnaissance, and cyber defense enemy’s camouflage, concealment, and cision advantage difficult for an opposing capabilities should be among the highest deception capability to foil kinetic strikes, force to overcome. priority targets for cyber reconnaissance data fusion centers must advertise their In joint warfare, it is the air campaign and all-source intelligence preparation location in cyberspace (for example, that can benefit most from the effects of of cyberspace, as well as among the IP address) to some degree to receive cyber superiority and cyber interdiction highest priority targets for suppression data and distribute information. Data against enemy data fusion centers and or destruction (via cyber or kinetic at- fusion centers are almost certain to tactical data links. Although cyber power tack) once hostilities begin. Second, be vulnerable to cyber attack because supports land and sea operations, the air cyber attacks directed at those portions their utility heavily depends on their campaign is typically the leading effort in of cyberspace irrelevant to the war but connectivity—the power of a network joint warfare. Beginning with World War which an opponent must succor, such grows exponentially with the number of II, airpower has formed the vanguard of as the cyber attack on the GRENA that users.34 If these nodes are not widely con- every U.S. military operation whether diverted CERT Georgia from the larger nected, they are irrelevant to the enemy’s based on land or sea. Additionally, the conflict, are valuable in that they focus warfighting effort and can be ignored. ability of modern air forces to conduct the enemy’s cyber defense forces away Degrading data fusion capabilities creates parallel warfare in the style first used from decisive points. Third, cyber attacks greater uncertainty at the operational during the 1991 Persian Gulf War should be used to interdict data required level and compels an adversary to rely critically depends on the exploitation of by enemy cyber repair, recovery, and more on his ability to adapt at the tacti- cyber power for situational awareness, quick reaction defense forces to disrupt cal level. In turn, an enemy’s ability to communication, and reconnaissance. the adversary’s ability to effectively parry adapt at the tactical level depends on the Furthermore, enemy capabilities to cyber strikes. Together, these actions effectiveness of his tactical network and defeat stealth aircraft have at their heart should neutralize, divert, and disorganize communication/data links. Thus, cyber data fusion to overcome stealth’s ability an opponent’s cyber power to gain and interdiction at the operational level mag- to hide from air defense radars. Cyber maintain cyber superiority. nifies the significance and impact of cyber power puts the integrated in integrated Cyber interdiction targets are the interdiction and electronic attacks to dis- air defense. With cyber power knitting air next most important cyber objectives rupt data links at the tactical level. defense sensors and shooters together, in joint military operations, first at the An opponent’s tactical data links are an opponent could generate an airspace operational level and then the tactical and the next most important cyber interdic- picture with fewer weaknesses. However, strategic levels. At the operational level, tion target set after data fusion centers. At without a data network to fuse multiple analogous to the rail marshaling yards the tactical level, each node (for example, sensors, surface-to-air missile batteries that were the primary air interdiction fighter plane, platoon, and destroyer) become individual defenders in a one-on- targets of World War II, data marshaling on the tactical network has some level one engagement, a scenario that stealth yards (also known as data fusion centers) of data fusion capability, so information aircraft have proved they can dominate are the logical focal points for cyber is rarely concentrated to the point that since 1991. Cyber interdiction applied in
108 Features / Cyber Power in 21st-Century Joint Warfare JFQ 74, 3rd Quarter 2014 23 support of air forces can dramatically ease D. Kramer, Stuart H. Starr, and Larry Wentz Georgian Research and Educational Net- (Washington, DC: NDU Press/Potomac working Association, available at
JFQ 74, 3rd Quarter 2014 Bonner 109