Bitskrieg. John Arquilla
to share our thoughts publicly about the path that we believed should be followed in future military campaigns.41 And we didn’t have to wait too long to see a much more fully realized version of our concept put into practice. In the wake of the 9/11 attacks on America, it was quickly determined that al Qaeda had perpetrated them, and that the Taliban government of Afghanistan was providing that terrorist group with a physical haven. There was no time to muster a large ground force; and arranging to send big units to that land-locked country swiftly, then supplying them, would have been nightmarish. So, instead, only 11 “A-teams” of Green Berets went to Afghanistan in late 2001 – just under 200 soldiers.
They soon linked up with friendly Afghans of the Northern Alliance, a group that had been previously beaten quite soundly by the Taliban, losing roughly 95 percent of the country to those fundamentalist zealots. But with the leavening of those few Americans, who were highly networked with air assets, they managed to defeat al Qaeda and drive the Taliban from power in very short order.42 This, Ronfeldt and I believed, was a true demonstration of the power of being able to employ a major information advantage that would allow far smaller forces to defeat much greater enemy armies. And to win even when indigenous allies’ forces are of a far lesser quality, man for man, than the enemy they face. Thus, the defeated, demoralized fighters of the Northern Alliance reemerged victorious – because the handful of American specialists who fought alongside them on horseback were uplinked to ISR and attack aircraft that allowed them to monitor enemy movements in real time and to call in strikes from the air, in minutes, from the steady and unending stream of fighter-bomber pilots who maintained constant coverage above the battlespace. Then-Secretary of Defense Donald Rumsfeld, who had unleashed the Green Berets over the objections of many senior generals, saw in this campaign the singular opportunity to catalyze what he came to call “military transformation.”43
It turned out that Pentagon leaders disliked the word “transformation” as much as they hated the notion of a “revolution” in military affairs. And in the debate over the looming invasion of Iraq in 2003, they prevailed against Donald Rumsfeld’s preferred idea of using the “Afghan model” – a few highly networked troops inserted into indigenous rebel groups (Kurds in the north and Shiites in the south, in this case) – in favor of a more traditional armored attack, augmented by “shock and awe” strategic bombing of Iraqi infrastructure. The campaign unfolded in Blitzkrieg-like fashion, hewing to a playbook Heinz Guderian’s World War II-era panzer leaders would easily recognize. John Keegan made this point in his study of the campaign, noting that the invasion “was predicated on the principle of [coalition forces] advancing at the highest possible speed, brushing aside resistance and halting to fight only when absolutely necessary.”44 In the event, conventional military operations went well, but a nasty insurgency soon arose that bedeviled the occupiers for years. And, as more troops were sent, they provided more targets for improvised explosives and snipers. Large reinforcements were sent as well to Afghanistan – overturning Rumsfeld’s model – which had remained relatively quiet for four years, but then insurgents arose there, too. The Blitzkrieg playbook proved useless in both countries, where US and Allied forces soon suffered from enlisement, the term the French used when they were bogged down in Indochina.
This brings us to the matter of how cyberwar applies to countering insurgency and terrorism. As important as an information edge is in conventional warfare, it is crucial in irregular conflicts. For without information, refined into actionable knowledge, it is simply too hard to find, much less to fight, elusive foes. Cyberwar, which emphasizes the informational dimension, offers two remedies: hack the enemy, and turn one’s own forces into a “sensory organization.” They can still be “shooters,” too, but “sensors” first. As Paul Van Riper and F. G. Hoffman put the issue – about what will matter most in 21st-century conflict – “what really counts in war is gaining and maintaining a relative advantage in . . . awareness.”45
Lack of knowledge about enemy dispositions, movements, and intentions was the cause of the American debacle in Vietnam, where the insurgents were able to remain hidden much of the time, and had greater awareness of their opponents’ plans and maneuvers. And attempts to find the guerrillas by “dangling the bait” with small Army and Marine patrols proved costly and frustrating. As Michael Maclear summarized, “On patrol, the GIs were inviting certain ambush.”46 This problem was never adequately solved in Vietnam, and recurred in Afghanistan and Iraq when insurgencies arose in these countries after American-led invasions.
In Iraq, though, General David Petraeus understood that failure to gather information about the insurgent networks was the critical deficiency that had so undermined the occupation forces’ efforts during the first three years (2003–6) after the invasion. Given overall command there, Petraeus repeated techniques he had used in the Kurdish north – i.e., embedding with the locals rather than surging out patrols and raids from a handful of huge forward operating bases (FOBs). He knew that, as Victor Davis Hanson has summarized the Petraeus strategy, “He had to get his men outside the compounds, embed them within Iraqi communities, and develop human intelligence.”47 This was as much an information strategy as it was a military strategy. And the insurgents’ information edge was soon blunted by the flow of intelligence about them that came from Iraqi locals who felt exploited by al Qaeda cadres. In less than a year, violence in Iraq dropped sharply. Where nearly 40,000 innocent Iraqis were being killed by terrorists each year before Petraeus and his emphasis on gaining an informational advantage, just a few thousand were lost to al Qaeda annually from 2008 until the American withdrawal at the end of 2011. When US forces returned in 2014, to fight the al Qaeda splinter group ISIS, the Petraeus model dominated. Only small numbers of Americans were sent; they embedded closely with indigenous forces, and decisively defeated ISIS.
But this aspect of cyberwar – controlling or “steering” the course of conflict by gaining and sustaining an information advantage – still has few adherents, and the dominant view of limiting cyberwar just to cyberspace-based operations prevails. It is a reason for failure to repeat the Petraeus approach in Afghanistan, where the reluctance to distribute small forces throughout the country among the friendly tribes – which worked so well there back in 2001 – allowed the Taliban insurgency to rise and expand. Sadly, even the very narrow, tech-only view of cyberwar has not been properly employed in Afghanistan, nor in broader counter-terrorism operations globally. In Afghanistan, the Taliban’s command and control system, and movement of people, goods, weapons, and finances, all rely to some degree on communication systems – locally and with leaders in Pakistan – that are hackable. That they have not been compromised is proved by the growth of the insurgency. The same is true of worldwide counter-terror efforts; cyberspace is still a “virtual haven” for terror cells. Yes, they often rely on couriers. But the Taliban locally – as well as ISIS, al Qaeda, Hezbollah and a host of other dark groups who operate more widely – would be crippled if they were to lose faith in the security of their cyber/electronic communications. And if these systems were compromised secretly, all these groups would be destroyed. Even this narrower approach to cyberwar, if employed as the lead element in the counter-terror war, would prove decisive. As yet, this has not been the case. The world is much the worse for it.
Rise of the intelligent machines of war
Another technological aspect of cyberwar – an especially “cool” one – has to do with the rise of robots – or, more delicately put, artificial intelligence (AI). These machines, devices, and their software are the ultimate cyber tools, embodying the principles of control-through-feedback that Norbert Wiener envisioned. Back in the 1950s, he thought of the “human use of human beings.” Today, we should be thinking about the “human use of artificial beings.” In cyberspace, there is already much use of automation, by many countries, where bots have the authority to move swiftly on their own to counter attacks on information systems they are tasked with defending. The pace of cyberspace-based attacks is often too fast for humans to detect, track, and disrupt. On the more proactive side, there is widespread use of information-gathering AI “spiders” and other searchers – though the world’s more democratic societies have strived to impose at least some limits on the use of such capabilities.