FORT IRWIN, Calif. — U.S. Army Cyber Command is deploying Expeditionary Cyber-Electromagnetic Activities Teams to support tactical commanders at National Training Center rotations, and the CEMA operations have tried to replicate real-world operations support through the cyberspace domain.
Sgt. Camille Coffey, a cyber operations specialist from the Expeditionary Cyber Support Detachment, 782nd Military Intelligence Battalion (Cyber), from Fort Gordon, Ga., provided offensive cyber operations as part of the Cyber-Electromagnetic Activities (CEMA) Support to Corps and Below (CSCB) program during the 1st Stryker Brigade Combat Team, 4th Infantry Division, National Training Center Rotation 18-03, Jan. 18 – 24, 2018. (Photo Credit: U.S. Army photo by Mr. Steven P Stover (INSCOM))
CEMA is an Army initiative designed to provide tactical commanders with integrated cyberspace operations, Department of Defense Information Network operations, Electronic Attack, Electronic Protection, Electronic Warfare Support, Spectrum Management Operations, Intelligence, and Information Operations support/effects.
According to Maj. Wayne Sanders, the ARCYBER CEMA Support to Corps and Below chief, success for the brigade combat team in the cyberspace domain begins at the D-180 planning conference — 180 days before the unit’s NTC rotation.
Spc. Victorious Fuqua (at the computer), and Staff Sgt. Isaias Laureano, both cyber operations specialists from the Expeditionary Cyber Support Detachment, 782nd Military Intelligence Battalion (Cyber), from Fort Gordon, Ga., provided offensive cyber operations, while Spc. Mark Osterholt pulled security, during the 1st Stryker Brigade Combat Team, 4th Infantry Division, National Training Center Rotation 18-03, Jan. 18 – 24, 2018. (Photo Credit: U.S. Army photo by Mr. Steven P Stover (INSCOM))
“The biggest thing for the D-180 are the key leader engagements,” said Sanders. “[At those conferences] we can inform the brigade commander about what types of CEMA support we can provide to help him shape conditions for his battle to be able to close with and destroy the enemy.”
Sanders said while he doesn’t foresee BCTs executing their own cyberspace operations organically, he does expect the commander and the staff to have an initial understanding of the CEMA environment and to provide their higher headquarters with a cyber effects request form. He said that if the brigade plans for an expeditionary CEMA capability to be brought out to support their operations correctly “then we can provide that for them.”
“If you’re looking at this from a real-world perspective, if they identify that they are going somewhere in the world — somewhere they would need additional capacity that they may not have coverage for — they can submit that through a CERF, as a request for forces,” said Sanders. “And the beauty of the Expeditionary CEMA Teams is their scalability and reach back.”
Sgt. Camille Coffey (at the antenna), and Spc. Victorious Fuqua, both cyber operations specialists from the Expeditionary Cyber Support Detachment, 782nd Military Intelligence Battalion (Cyber), from Fort Gordon, Ga., provided offensive cyber operations as part of the Cyber-Electromagnetic Activities (CEMA) Support to Corps and Below (CSCB) program during the 1st Stryker Brigade Combat Team, 4th Infantry Division, National Training Center Rotation 18-03, Jan. 18 – 24, 2018. (Photo Credit: U.S. Army photo by Mr. Steven P Stover (INSCOM))
Sanders explained the ECT concept originated from the Chief of Staff of the Army, who directed the Cyber Support to Corps and Below Pilot in 2015. The pilot tasked ARCYBER to assess the best package of equipment, capability, authorities and personnel to support a BCT.
“That’s why, out of the DOTMLPF-P (Doctrine, Organization, Training, Materiel, Leadership and Education, Personnel, Facilities and Policy) came the need for a force that provides the authorities, the senior and master level expeditionary cyber operators, and a quick turn cyber development capability, that doesn’t exist right now in the Army,” said Sanders. “It provides infrastructure support personnel that can provide the same thing as having people on the ground.”
Sgt. Maj. Jesse Potter, the operations sergeant major for the 780th Military Intelligence Brigade (Cyber), said that although this is the ninth rotation since 2015, it has been an iterative process to best replicate real-world operations, and more is being learned each time a rotation is conducted.
“We’ve learned that we were a very large logistical burden to the rotational training units. We learned our lessons about the CEMA capability that we can provide to a rotational training unit, and at the same time we were reducing the logistical requirement to provide that capability,” said Potter.
“Eventually, we concluded that an expeditionary mindset, based on the commander’s request for cyber effects, is best fitted with a plug and play capability,” he continued. “Meaning, we need to identify the personnel that fit those requirements, ensure the teams are self-sufficient with a reach back capability to reduce the logistical footprint, in both a flyaway kit, light capability, to a more robust sustained operation, whether in a peer or near-peer environment, permissive or non-permissive environment.”
Potter also said another area ARCYBER is looking at was CEMA support at the division and corps levels. “What’s missing, what’s next, are the division and corps level exercises,” he said. “Enabling the education of the commanders [is] through the institutional arm of the Army, which is primarily the mission of the Cyber Center of Excellence. That is what the CCoE is working toward –incorporating CEMA into all aspects of the PME (Professional Military Education).”
“And then for the higher level exercises, just like we’ve done for the NTC rotations, how does the staff enable cyber based effects that supports the commander’s objectives, and what can they gain from having the cyberspace capability that they currently don’t have?” Potter continued. “Because at the same time, that education will benefit the brigade combat teams.”
Furthermore, ARCYBER is not just looking at the development of the ECT structure and incorporating that support at the division and corps levels — the command is also determining the organizational structure to command and control those ECTs.
“Regarding the ECT structure…you have individuals, put together as a team, predominantly from four separate organizations across three MACOMs (Major Commands) — ARCYBER, Intelligence and Security Command, and the Cyber Center of Excellence,” said Potter. “Moving to an organizational structure whereby the ECTs are part of a larger unit as the force structure solution means we no longer have an organization that’s made up of a hodgepodge of people, further exasperating the issues that we have with the rotational training unit.”
Potter and Sanders said that’s where they are now. Organic ECTs, all assigned to the same unit, and subordinate to ARCYBER will provide the Army with an expeditionary CEMA capability.
ARCYBER used the lessons learned from the past nine NTC rotations to determine the optimized force structure they are proposing to the Army to stand up an organization with all those separate elements that were under different commands, to fall under one command with CEMA capabilities tailored to meet the tactical commander’s objectives.
By Mr. Steven P Stover (INSCOM)
We need to see more of this stuff, period. The conflicts of the future are going to include this kind of warfare down to the squad level, and we need to have the trained personnel on hand to do ELINT and electronic warfare down to that point, instead of having to borrow them from the Navy. Not to mention, we’re gonna need gear you don’t need a ship’s hull to haul around and power…
What’s gone on in Ukraine points the way towards where warfare is heading. The Russians aren’t even the ones I’d really worry about, to be quite honest; their tech base isn’t the one churning out hundreds of thousands of drones for the commercial market. More than likely, the next big wave “Revolution in Military Affairs”, akin to the shocks given during WWI from things like the machine gun, barbed wire, and the rest…? It’s going to come from some small, high-tech country like Singapore, with plenty of advanced manufacturing capacity, an intelligent and imaginative workforce, and the incentive of some oversized neighbor like Malaysia. Then, we’re going to see weaponized commercial stuff come in like swarms of quadcopter drones equipped with cheap sensors, hand-grenade style warheads, and wireheaded kids playing with the controllers as if they were on some live-action video game. I’m actually surprised that Israel hasn’t done something like this, already, and at least weaponized their border surveillance with cheap networked drones.
On the other hand, just how much do we know about that drone attack on the Russian airbase in Syria not that long ago…? Deniable dress rehearsal, perhaps?
What’s ELINT and Cyberspace got to do with drones and Singapore / Malaysian relationships?
Same things that IEDs, rear-area battle, and all the rest had relevance with the campaigns in Iraq and Afghanistan. Do try to remember how many of those devices were set off with standard cell phones bootstrapping off the local networks…
Like it or not, the drones/IED controllers/damn near everything are probably going to be part of the environment going forward. We’re dealing with an environment where crypto is going to be masking comms transmissions going over things like WiFi and other networks all around us as we patrol. The guy with the ELINT package is going to be as critical to a squad as the guy with the RPV controller who is as important as the guy with the SAW… Especially for low-intensity warfare. High-intensity, we’ll probably just blast everything that emits, and call it good.
At some point, some actor on the battlefield is going to leverage this stuff, and you’re going to see another case where an up-and-coming power takes down a major one, the way the Japanese did at Tsushima and Port Arthur. Only, this time it will probably be even more of a shock, because “nobody will see it coming”. Kinda the way “nobody saw the IED campaign coming”, which is a crock of BS, but they’ll still say it.
Well that’s one (good) other way of looking at it. My very own limited experiences with the Signal Squadrons were all about raising the masts and establishing coms ASAP after the FOBs are built so they can update their Facebook statuses.
Leave aside logistics and so on, this is an interesting improvised setup.
700-900 Mhz Yagi antenna from Walmart ducktaped to Manfrotto tripod with a “video” head (by the way, these cam-locks on its legs aren’t as reliable as twist-locks), two UHF pigtails, some Ethernet-enabled SDR fed with power over the CAT5 patchcord from a PoE injector, GoalZero Yeti powerpack, and Getac rugged laptop.
That would be more convenient to drill two extra holes in antenna’s mounting plate, find a 1/4-20″ nut and a random small self-tapping screw, and actually bolt it to a tripod’s quick-release plate instead of ducktaping it. But, I guess, it still works for them.
The Army should put all SIGINT, EW, and CNO into one functional area. I think having all three training together and cross-training will achieve better effects on the battlefield.
It used to be that way and then the Army stove piped it. Now they are dealing with the consequences.