GREY ZONE OPERATIONS IN THE INFOSPACE DIMENSION: IMPERATIVES FOR INDIA

Sections
Introduction
Information Operations as part of MDO
Information Operations: Concepts
EW Operations and CEMA
Cyber Operations
Cognitive Operations and CIO
Towards a Tri-Service IO Command
References

[The following is the script of a special address which was delivered at the Platinum Jubilee Seminar on ‘Electromagnetic Spectrum and National Security’ conducted in hybrid mode by Military College of Telecommunication Engineering, Mhow, India on 01 Oct 2021. Eminent speakers at the Seminar included MoS MeitY, Defence Secretary, CDS, COAS, GOC-in-C ARTRAC, Chairman DRDO, National Cyber Security Coordinator, and President SIDM, amongst others. The Seminar was attended by participants from the Defence, Industry and Academia from over a hundred locations.]

Introduction

At the outset, I would like to thank the Commandant for inviting me to deliver this talk, and once again address an august audience from this familiar platform, evoking feelings of warm nostalgia. On the occasion of the Platinum Jubilee of the establishment of our distinguished Alma Mater, it is indeed a great honour to be here.

Having heard the multiple facets of Electro-Magnetic Spectrum Operations (EMSO) from eminent chairpersons and speakers over three interesting sessions, the topic given to me provides an opportunity to put EMSO in perspective with respect to the broader notion of Information Operations (IO). Information operations, in turn, are an increasingly important component of the Multi-Domain Operations (MDO) construct, which nicely captures the changing character of warfare in the 21st Century.

Since the canvass of IO is very wide, I will only touch upon a few conceptual and operational aspects, leading to certain recommendations. Some of my proposals may appear to be divorced from reality; I would rather describe them as transformative. In view of the recent aggressive stance adopted by China and the raising of the PLA Strategic Support Force (SSF), in my view undertaking such transformative measures has become an imperative.

With this brief introduction, let me commence with how information operations fit into the broader concept of MDO.

Information Operations as Part of MDO

These days there is frequent reference to the five-dimensional battlespace construct: land, sea, air, space and cyberspace [1]. Of these five domains, the recently added space and cyberspace domains are what uniquely characterise 21st Century warfare. While the first four domains are physical in nature, cyberspace is a man-made virtual domain. I am using the terms dimension and domain synonymously, but there are several nuances associated with these two terms which are beyond the scope of this talk.

Five Dimensional Battlespace

The cyberspace domain needs further analysis. As per Indian Army doctrine, information operations – and I am using this term as a synonym for information warfare – comprises three components, namely, cyber warfare, electronic warfare and psychological warfare. I prefer to use the term Cognitive Operations instead of Psychological Warfare, for reasons which I shall soon elaborate. If the fifth dimension is restricted to cyberspace, there appears to be no field of play for electronic warfare and cognitive operations. In this context, it is interesting to note that in the 1993 seminal article by John Arquilla and David Ronfeldt, Cyberwar is Coming!, the term Cyberwar is used as a synonym for Information War [2]. If the term Cyber in the five-dimensional construct is meant to be used in its broader sense, then to avoid confusion it may be better to rename this fifth dimension as Infospace. Alternatively, there may be a need to doctrinally adopt additional domains into the battlespace, by adding the Electro-Magnetic (EM) and perhaps the Cognitive dimensions to the existing five-dimensional construct. That said, there are varying views on how warfighting domains and dimensions should be defined.

This multi-dimensional battlespace also provides the backdrop for discussing MDO [3], which is innately a joint services construct. In the Indian context, while the traditional domains of land, sea and air broadly map to the three Services in terms of charter, the space and cyberspace domains have more of a tri-Service flavour. This may not be true in the case of China, where strategic space and cyberspace operations are chartered to the recently raised PLA SSF [4], or for the US, where for instance a Space Force has been raised for defending its interests in space [5]. Under the relatively new paradigm of MDO, it is perhaps best not to attempt linking domains to Services. This de-linking is implicit in a recent USAF definition of domain, which I find to be precise and meaningful, and which reads as follows: [A domain is] a sphere of activity or influence with common and distinct characteristics in which a force can conduct joint functions [6].

Whichever way we decide to define a domain and conceptualise MDO is the 21st Century battlespace, it would be a mistake to underestimate the increasing importance of cyber, electronic and cognitive operations in modern warfare. This is especially true in the current global security landscape, wherein while one must be prepared for conventional wars however low may be their probability, the conflict space has expanded in significant measure into the grey zone. Against this backdrop, let be now focus on some noteworthy issues related to Information Operations.

Information Operations: Concepts

It is important to clarify here that I am using the term Information Operations to denote military operations in the information domain.

Primary IO Components

The slide indicates a simple means for differentiating amongst the three primary components of Information Operations, namely, EW, cyber and cognitive operations. The weapon in the case of EW is EM energy which targets electronics in machines, for cyber operations it is a piece of malicious code targeting data and software, and for psychological/ cognitive operations the weapon is the message targeting human minds [7].

Amongst these three, cyber and EW are more closely related. The US Army – notably not the Department of Defence (DOD) – groups these two capabilities under Cyber Electro-Magnetic Activities (CEMA), China calls their synergetic employment as Integrated Network Electronic Warfare (INEW), and Russia groups these two capabilities under Information Technical Operations (ITO). For this talk, I shall use the term ITO and CEMA interchangeably [8].

IO Hierarchy

Let me now elaborate on why I prefer the term Cognitive Operations over Psychological Operations. Under this head one can group several capabilities, as follows: PSYOP are operations which convey selected information – not necessarily truthful – to foreign audiences in order to influence their behaviour; Public Information (PI) are actions aimed at informing foreign as well as domestic audiences; Military Deception (MILDEC) includes activities meant to deliberately mislead adversary military decision makers; Military Diplomacy (MD) involves relationship building with foreign publics and military audiences; and Civil-Military Operation (CMO) are activities carried out to influence civilian populace in an operational area for achieving the desired objectives, an example being Sadbhavna projects, and are best characterised as actions that convey meaning [9].

A 2013 RAND study uses the term Inform and Influence Operations (IIO) for this group of capabilities, with a nuanced difference between inform and influence components [10]. Some of us tend to use the broader term Information Operations to denote only this smaller group, to the exclusion of cyber and electronic operations. Such usage can create confusion, especially as it is not in line with our own doctrine. I shall be referring to the terms Cognitive Operations and IIO synonymously.

All of these operations aim to create effects in the cognitive domain, hence my preference for the term Cognitive Operations over Psychological Operations. Moreover, the term Psychological Operations tends to convey a restricted scope analogous to PSYOP.

It is important to understand that CEMA and Cognitive Operations are distinct streams of IO, as this has major implications for evolving organisational structures. While conduct of CEMA requires base expertise in communication and computer science disciplines, conduct of Cognitive Operations requires experts grounded in the social sciences. It is also important to note that each of the IO capabilities which I have listed so far requires specialists trained well beyond the basic streams, a fact which has not yet been recognised by our Armed Forces. The result is that all IO appointments – cyber, EW, PI, IO, etc – are manned by a floating population of non-specialists; floating because officers as a rule are posted to these on a one-off tenure, and non-specialists because there is no special training beyond a few weeks being imparted on any of these disciplines, barring a notable exception at MCTE involving cyber training at a post-graduate level.

EW Operations and CEMA

So much for a conceptual backdrop. I shall now offer some views on operationalising each of the three components of IO by our Armed Forces, commencing with EW.

EW is a principle component of EMSO, and we have already benefited from three insightful sessions on this subject. I would, however, like to offer some views on the synergetic employment of cyber and EW capabilities, as captured by the notions of CEMA/ ITO.

If these two capabilities are to be employed merely independently, then the necessary synergy can be achieved through staff coordination. However, one can visualise several scenarios where a tighter cohesion is necessary. For instance, Electronic Support (ES) capability may be leveraged to ingress into an adversary cellular network, after which cyber effects may be employed to disrupt or deny information flows. What type of organisational structure is best suited for such operations?

I am of the view that purity of units and cadre should be maintained for cyber and EW capabilities. This is because, while both are founded on ICT disciplines, further training needed for honing these two types of expertise is entirely different [11]. Therefore, effective CEMA should be achieved by putting together mission based cross-functional teams.

Continuing further on the critical issue of expertise, the attack and exploit components of both these capabilities require a degree of specialisation which cannot be adequately achieved through one-off tenures. I am convinced that for officers, EW and cyber profiles must be created based on the principle of multiple tenures, and for other ranks these capabilities warrant creation of separate trades. It is also my opinion that, in the context of the Indian Army, short of raising an altogether separate line directorate and cadre, it is only the Corps of Signals which can sustain these profiles and trades, that too after existing HRD policies undergo a transformative change. Thus, a policy which envisages posting a significant percentage of all arms officers to cyber establishments makes little sense. Even one-off tenures given to inadequately qualified Signals officers is not good enough.

Cyber Operations

In the traditional domains of land, sea and air, our Armed Forces are equipped with both offensive and defensive capabilities and assigned the charter for protecting our national sovereignty in these domains. It is noteworthy that a similar charter does not extend to either the space or cyberspace domains. Specifically with respect to cyberspace, the charter which exists today is limited to protecting military cyberspace, not national cyberspace. That said, the Armed Forces do possess some capability for conducting full-spectrum operations in cyberspace.

Protection of national cyberspace, just like the traditional domains, must necessarily be based on a strategy of active defence, which in turn is contingent upon the capability for carrying out offensive cyber operations [12]. Also, if the Armed Forces are to carry out effective MDO, then this capability must become exclusively their responsibility. The PLA SSF and the US Cyber Command exemplify this thought process. In contrast, as per the Indian cyber governance model in vogue today, the primary charter for cyber deterrence rests elsewhere. Similar remarks may be made with respect to the space domain. Suffice to say that our cyber governance model requires a transformative change, and a suitable response to the PLA SSF must be evolved within the ambit of our Armed Forces. The imperative of countering the PLA SSF also dictates that we upgrade to a full-fledged tri-Service Cyber Command on priority [13]. This, in fact, was recommended by the Naresh Chandra Committee as early as 2012.

Equally important and even more emergent is the need to train a specialist cadre capable of conducting full-spectrum cyber operations. Scarcity of high end cyber skills for specialist cyber organisations has always been a constraint. This problem has been further accentuated with the raising of the Defence Cyber Agency (DCA), and the most daunting hurdle towards raising a Cyber Command will be the shortage of requisite expertise. Absence of the requisite charter has resulted in a lack of adequate focus in this area so far. Cyber skill development within the Armed Forces, therefore, needs to be critically reviewed [14]. In my view, with the right HRD policies the Armed Forces are best placed to recruit, train and sustain such a cadre, better than any other agency. It merits mention here that this great Institution has made notable strides in this field in recent years even in the absence of a charter.

In the context of protecting our national cyberspace, the contentious issue of cyber sovereignty also merits deliberation. The idea of national sovereignty is intimately tied to the sanctity of territorial integrity. For the traditional domains of land, sea and air, territorial boundaries are, broadly speaking, well demarcated. In contrast, cyberspace is perceived as a ‘global commons’, perhaps because of its rather imprecise identification with the Internet as also rights associated with the free flow of information. Nevertheless, given the strategic vulnerabilities which cyberspace throws up in an increasingly connected world, we need to seriously consider moving away from a ‘global commons’ perspective to one based on ‘cyber sovereignty’, as exemplified by the Great Firewall of China. Specifically, we need to consider firewalling our entire national cyberspace, by implementing what is sometimes referred to as an Internet kill-switch, which may be activated as per the dictates of national security [15].

Cognitive Operations and CIO

I have already given a brief overview of the spectrum of activities under Cognitive Operations. The alternative term, Inform and Influence Operations, is also quite meaningful. While Inform operations, such as PI and to an extent MD, are based on truthful information, most Influence operations, such as PSYOP or MILDEC, would necessarily be contingent upon lies and deceit. There is a view that agencies which deal with truth based operations should not be the same as those which employ deceitful measures. Thus, for instance, PI and PSYOP should not be chartered to the same set of people.

Differentiating Cognitive Functions

I have already highlighted that CEMA and Cognitive Operations are fundamentally dissimilar in character, requiring different streams of expertise. It is important that, at all levels, design of staff structures be premised on a clear separation of these two streams of IO. Further, it is proposed that ADG (IW) and ADG (Strategic Communications) should be re-designated as ADG (CEMA/ ITO) and ADG (Cognitive Ops/ IIO) respectively, with the two verticals merging under DG (IW), which should be preferably re-designated as DG (IO). Also, separate specialist staff appointments for CEMA and Cognitive Ops should be created down to Corps HQ.

As of now, no PSYOP units/ establishments are in existence. Cognitive operations are being undertaken by non-specialist staff officers posted at various headquarters on one-off tenures, thereby resulting in sub-optimal execution. There is an urgent need to raise field establishments for conduct of these specialist operations. As a first step, a pilot tri-Service Cognitive Operations Unit could be raised, manned by personnel trained in the different cognitive disciplines [16].

As already pointed out, the Corps of Signals and MCTE are best placed to carry out training for the CEMA disciplines. The same clarity does not exist for the cognitive disciplines, since expertise in these disciplines has not been nurtured within the Armed Forces so far. A third type of training is also needed, ie, training of staff officers on integrated employment of different IO capabilities. The Army War College presently conducts courses with this objective. I would like to propose the following enhancements and modifications to the existing training format for IO courses. Specialisation in specific cognitive disciplines should be developed well beyond the existing levels, perhaps with the help of establishments such as DIPR and other institutions within the country. Also, cyber and EW legs of all IO courses should be conducted at MCTE. In addition, specialist officer profiles should be created for tenanting cognitive operations appointments in various formations as well as the proposed Cognitive Operations unit.

Having discussed cyber and cognitive operations, let me also say a few words about Cyber Influence Operations (CIO). CIO lie at the confluence of Influence Operations and cyberspace activities. Certain influence operations may not involve the use of cyberspace at all, such as public diplomacy, economic sanctions, etc. Just like CEMA involves the synergetic employment of cyber and EW expertise, CIO leverage capabilities in the cyber and cognitive domains, though not all CIO employ cyber operations. For instance, dissemination of biased narratives through social media platforms does not require special cyber expertise, only expertise in generating the desired narratives. On the other hand, hacking Facebook databases to obtain user profiles and then sending targeted messages based on psychographic profiling, as was done by Cambridge Analytica during the US 2016 presidential elections, requires expertise in both cyber and cognitive disciplines. The former are termed as CeSIO and the latter as CeTIO.

Cyber Influence Operations

 

The various functions of IO as discussed above can be mapped to CIO as indicated on the slide.

Mapping IO to CIO

Towards a Tri-Service IO Command

I have alluded twice earlier for the need to evolve a suitable Indian response to PLA SSF. Within the US DOD too there appears to be a thinking that their IO capabilities need to be further developed and better integrated, in line with their current thrust towards evolving Joint All Domain Operations (JADO) concepts and capabilities.

In our context, upgrading the DCA to a Cyber Command should be considered as only the first step towards creating a Tri-Service IO Command. Using a ‘bricks and clay’ approach, this objective may not be as far-fetched and resource intensive as it might appear. An evolutionary approach appears to be feasible where, in the first phase, existing IO resources of the three Services could be placed under an IO Command HQ which is raised, based on the principle of dual control. Additional specialist units could be raised subsequently in a phased manner to gradually boost its capabilities. A skeleton representative architecture of such an IO Command is flashed on the slide [17].

Indian Information Operations Command: Skeleton Architecture

Concluding Remarks

I will conclude by saying that we need to take transformative steps along three lines of action: One, evolve doctrine, an updated one for IO and also separately for cyber operations, EW and cognitive operations; two, raise additional EW units with state-of-the-art equipment profiles, a pilot cognitive ops unit, upgrade DCA to a Cyber Command, and adopt an evolutionary approach for raising a Tri-Service IO Command; and three, make transformative changes to our HRD policies in order to nurture super-specialisation in various IO disciplines.

I might add here that evolving doctrine and transforming HRD policies entails very limited commitment of resources, only a change in mindsets. As regards the additional raisings which have been proposed during this talk, the increments involved are of the order of a few thousand personnel. In my view, if we are to develop adequate capabilities for grey zone warfare and transition from a strategy of physical attrition to one of cognitive attrition, such a trade-off in manpower from the kinetic to the information and cognitive realms is clearly warranted.

References

(1)         Lt Gen (Dr) R S Panwar, 21st Century Warfare: From “Battlefield” to “Battlespace”, Future Wars, 06 Oct 2017, Accessed 14 Oct 2021.

(2)         John Arquilla and David Ronfeldt, Cyberwar is Coming!, in In Athena’s Camp: Preparing for Conflict in the Information Age, 01 Jan 1997, RAND Corporation, Accessed 14 Oct 2021.

(3)         Andrew Feickert, Defense Primer: Army Multi-Domain Operations (MDO), US Congressional Research Service, 22 Apr 2021, Accessed 14 Oct 2021.

(4)         Lt Gen (Dr) R S Panwar, PLA’s Strategic Support Force and its Implications for India, Future Wars, 09 Jun 2020, Accessed 14 Oct 2021.

(5)         United States Space Force, Website, Accessed 14 Oct 2021.

(6)         USAF Role in Joint All-Domain Operations, US Air Force Doctrine Note 1-20, Curtis E Lemay Centre, 05 Mar 2020, pp. 01, Accessed 14 Oct 2021.

(7)         Lt Gen (Dr) R S Panwar, IW Structures for the Indian Armed Forces – Part II (Section: Differences amongst IO Components), Future Wars, 31 Mar 2020, Accessed 14 Oct 2021.

(8)         Lt Gen (Dr) R S Panwar, IW Structures for the Indian Armed Forces – Part III, Future Wars, 14 Apr 2020, Accessed 14 Oct 2021.

(9)         Lt Gen (Dr) R S Panwar, A Battle of Wits and Bits: A Call to Action for the Indian Armed Forces (Part-I), Future Wars, 08 Dec 2020, Accessed 14 Oct 2021.

(10)        Isaac R. Porche III et al, Redefining Information Warfare Boundaries for an Army in a Wireless World, Pub. RAND Corporation, Santa Monica, CA, pp. 42, 59, Accessed 14 Oct 2021.

(11)        Lt Gen (Dr) R S Panwar, IW Structures for the Indian Armed Forces – Part IV (Section: Proposed IW Structures), Future Wars, 14 Apr 2020, Accessed 14 Oct 2021

(12)        Lt Gen (Dr) R S Panwar, Cyberspace Governance in India: Transform or Perish – Part I (Section: Cyber Defence Strategies), Future Wars, 19 May 2020, Accessed 15 Oct 2021.

(13)        Lt Gen (Dr) R S Panwar, Infospace Wars: Towards an Indian Information Operations Command – Part II (Section: India’s Response Options), Future Wars, 26 Jan 2021, Accessed 15 Oct 2021.

(14)        Lt Gen (Dr) R S Panwar, Cyber Skill Development in the Indian Armed Forces: An Exploratory Overview, Future Wars, 07 Jul 2020, Accessed 15 Oct 2021.

(15)        Lt Gen (Dr) R S Panwar, Cyberspace Governance in India: Transform or Perish – Part I (Section: Our National Cyberspace: A Notional Model), Future Wars, 19 May 2020, Accessed 15 Oct 2021.

(16)        Lt Gen (Dr) R S Panwar, Infospace Wars: Towards an Indian Information Operations Command – Part II (Section: Contours of a Tri-Service IO Command), Future Wars, 26 Jan 2021, Accessed 15 Oct 2021

(17)        Ibid.

0 Comments

Your Views

Recent Posts

Subscribe To The Future Wars Newsletter

Join this mailing list to receive a weekly newsletter about the latest posts from R S Panwar's Future Wars Blogsite.

Almost finished....To complete the subscription process, please click the link on the email we just sent you.

Share This