The Joint Concept for Integrated Campaigning: Intelligence Challenges

The US Joint Chiefs of Staff has released the Joint Concept for Integrated Campaigning (JCIC) dated 16 March 2018.  “The foundational idea of the JCIC is to enable an expanded view of the operating environment by proposing the notion of a competition continuum.  This competition continuum offers an alternative to the obsolete peace/war binary with a new model of cooperation, competition below armed conflict, and armed conflict.  These are not mutually exclusive conditions.”  “The central idea consists of four interrelated elements that broadly describe how the Joint Fore and its partners can effectively campaign: Understand the Operating Environment, Design and Construct the Campaign, Employ the Integrated Force & Secure Gains, and Assess & Adapt the Campaign.”

Intelligence is “The directed and coordinated acquisition and analysis of information to assess capabilities, intent and opportunities for exploitation by leaders at all levels to further national interest.”[1]

The Operational Environment is: “A composite of the conditions, circumstances and influences that affect the employment of military forces and bear on the decisions of commanders.”[2]  Simplistically, the study of the Operational Environment needs to provide the following:

·         What is the current state of the Operational Environment (context)?

o   Who are the actors?  Are they cooperative, competitive or an adversary in some or all issues?

o   Why?

o   What are their goals?

o   What are their capabilities?

o   What is their intent?

o   What and How are their relationships with others?

o   What are their strengths and weaknesses?

o   What is their culture, religion, societal structure etc?

o   What are their operational concepts, doctrine, and tactics, techniques and procedures?

·         What is happening in the operational environment (horizon scanning)?

o   What is changing?

o   Why is it changing?

o   How could it develop?  Is it a risk, threat or an opportunity?

·         That can then lead integrated campaigning design.

o   How do we want the Operational Environment to be (desired outcome)?

o   How do we change the Operational Environment (strategy)?

o   What are the activities of the actors?  Why?

o   To who, what, where, when and how do we apply national instruments of power to influence the actors in order to achieve our desired outcome (ways)?

o   What are our military objectives?

o   What military capabilities and resources do we require (means)?

o   How did our actions influence the operational environment? (Complexity requires continuous assessment for adaptive planning)

“Gray Zone challenges are defined as competitive interactions among and within state and non-state actors that fall between the war and peace duality.”[3]  Therefore, Gray Zone challenges are activities that occur before armed conflict.  Political agitation, terrorist incidents and/or criminal acts etc will be conducted to appear as unrelated activity to each other and the sponsor.  These activities are designed to achieve the maximum progress towards the adversaries political desired outcome below the threshold of conflict.  Care should be taken to detect a “fig-leaf[4]” and Denial[5] and Deception[6].

“Hybrid Warfare incorporates a range of different modes of warfare including conventional capabilities, irregular tactics and formations, terrorism acts including indiscriminate violence and coercion, and criminal behaviour.”[7]  Therefore, they are activities conducted during armed conflict.

Increasing complexity requires intelligence assessment of increasingly greater resolution of the operational environment to enable understanding, rather than just situational awareness.

Integrated campaigning and multi-domain operations will require timely, detailed, and accurate intelligence, in order to achieve desired national outcomes.  The intelligence community needs to adapt to these circumstances.

---

[1] UK (JDP 2-00)

[2] NATO (AAP-6).

[3] US Special Operations Command (SOCOM) White Paper “The Gray Zone” dated 09 September 2015.

[4] A minor action that could be used as a justification for a larger action.

[5] Actions taken to prevent or impair intelligence collection.

[6] Actions taken to influence an actor as to the wrong adversary course of action.

[7] Frank Hoffman, Potomac Institute of Policy Studies “Conflict in the 21^st Century: The Rise of Hybrid Wars” dated December 2007.

UK: Offensive Cyber Operations Policy

On 23 May 2018, the UK Attorney General, the Rt Hon Jeremy Wright QC MP, gave a speech at the Royal Institute of International Affairs (RIIA) to inform on the UK interpretation of international law with regard to cyber-attacks.  This expands upon a speech at the International Institute of Strategic Studies (IISS) on 11 January 2017 regarding the UK application of international law on self-defence.  The following are extracts of these speeches.

Let’s look at the IISS speech first:

·         “Under the UN Charter, armed force may be used both pursuant to a Chapter VII authorisation by the UN Security Council and in individual or collective self-defence under Article 51 of the UN Charter.”  Comment: The UK position is that to trigger collective self-defence there does not need to be a direct threat to the assisting state.  However, the state subject to the threat must have sought the assistance of the assisting state(s).  The UK also recognizes humanitarian intervention as a possible legal basis for the use of force in certain exceptional circumstances.

·         “… Article 51 of the UN Charter does not require a state passively to await an attack but includes the “inherent right” … to use force in self-defence against an “imminent” armed attack …”  Comment: there is no accepted UN definition of “imminent”.

·          “Following the [9/11] attacks, the UN Security Council … confirmed that self-defence could be justified in relation to non-state actors.”  “… self-defence is available as a legal basis where the state from whose territory the actual or imminent armed attack emanates is unable or unwilling to prevent the attack or is not in effective control of the relevant part of its territory.”  Comment: the UK formally notified the UN Security Council (03 December 2015) that Article 51 is the legal basis for UK military action in Syria against Daesh.

·         “Where there is an identified direct and imminent threat to the UK or British interests abroad, the UK has always maintained it will take action to counter that threat.”

·          “The absence of specific evidence of where an attack will take place or of the precise nature of an attack does not preclude a conclusion that an armed attack is imminent for the purposes of the exercise of a right of self-defence …”

Turning to the recent RIIA speech:

·         “Cyber space is not – and must never be – a lawless world.  It is the UK’s view that when states and individuals engage in hostile cyber operations, they are governed by law just like activities in any other domain.”

·         “On 26 June 2015, the UN Expert Group, including not just the UK and the US, but also Russia and China, recognized that the UN Charter applies in its entirety to cyberspace.  The Group affirmed the relevance of a state’s inherent right to act in self-defence in response to a cyber operation meeting the threshold of an armed attack.”

·         “… the UK considers it is clear that cyber operations that result in, or present an imminent threat of, death and destruction on an equivalent scale to an armed attack will give rise to an inherent right to take action in self-defence …”

o   “If a hostile state interferes with the operation of one of our nuclear reactors, resulting in widespread loss of life, the fact that the act is carried out by the way of a cyber operation does not prevent it from being viewed as an unlawful use of force or an armed attack against us.”

·         “When states are engaged in an armed conflict, this means that cyber operations can be used to hinder the ability of hostile groups such as Daesh to coordinate attacks, and in order to protect coalition forces on the battlefield.”  Comment: see paragraph below.

·         “In addition, it is also worth stating that, as a matter of law, there is no requirement in the doctrine of countermeasures for a response to be symmetrical to the underlying unlawful act.”  Comment: The UK National Cyber Security Strategy 2016-2021 states that, “… respond to cyber-attacks in the same way we respond to any other attack, using whichever capability is most appropriate, including an offensive capability.

·         “… attribution of conduct … require a state to bear responsibility in international law for its internationally wrongful acts, and also for the acts of individuals acting under its instruction, direction or control.

·          “… our National Offensive Cyber Programme (NOCP) is building a dedicated capability allowing the UK to act in cyberspace.  Comment: the NOCP is a joint Government Communications Headquarters (GCHQ and Ministry of Defence (MoD) partnership.  Detailed liaison with close Allies is critical to ensure deconfliction of cyber operations, and that there is no adverse effect on intelligence collection operations.

On 12 April 2018, Jeremy Fleming, Director of GCHQ, revealed at the CyberUK2018 conference that the UK had conducted a “major offensive cyber campaign” against Daesh.  “These operations have made a significant contribution to coalition efforts to suppress Daesh propaganda, hindered their ability to coordinate attacks, and protected coalition forces on the battlefield."

As well as informing the British public of the legal basis of government policy, the RIIA speech was clearly intended to convey a message to potential hostile actors in order to deter malicious cyber activity.