For the first time the U.S. Army has produced “the first doctrinal field manual of its kind” on military activities in cyberspace, including offensive, defensive and network operations.
A new Army field manual “provides overarching doctrinal guidance and direction for conducting cyber electromagnetic activities (CEMA)…. It provides enough guidance for commanders and their staffs to develop innovative approaches to seize, retain, and exploit advantages throughout an operational environment.”
The manual introduces the fundamentals of cyber operations, or “cyber electromagnetic activities” (CEMA), defining terms and identifying important operational factors and constraints.
Several years ago, any official discussion of offensive cyber operations was considered classified information. That is no longer the case, and the new Army manual — which itself is unclassified — treats the subject as a normal part of military conflict.
“Army forces conduct OCO [offensive cyberspace operations] across the range of military operations by targeting enemy and hostile adversary activity and related capabilities in and through cyberspace,” the Field Manual says.
Cyberspace attacks in support of offensive operations “may be directed at information resident in, or in transit between, computers (including mobile phones and personal digital assistants) and computer networks used by an enemy or adversary.”
“Cyberspace attacks may employ capabilities such as tailored computer code in and through various network nodes such as servers, bridges, firewalls, sensors, protocols, operating systems, and hardware associated with computers or processors. Tailored computer code is only one example of a cyberspace capability… designed to create an effect in or through cyberspace.”
“Cyberspace attacks may employ manipulation which includes deception, decoying, conditioning, and spoofing to control or change information, information systems, and networks.”
Ordinarily, the manual states, the U.S. Army should not be conducting offensive cyber operations against U.S. targets. “Unless approved by appropriate authorities, Army assets cannot be used to perform attack or exploit operations on U.S. entities.”
Brendan Koerner reported on “How America’s Soldiers Fight for the Spectrum on the Battlefield” in Wired Threat Level, February 18.