On military bases during World War II, the loudspeaker system often blared a curious message:
Wanted: Volunteers for immediate overseas assignment. Knowledge of French or another European language preferred; Willingness and ability to qualify as a parachutist necessary; Likelihood of a dangerous mission guaranteed.
Without any further instructions, the messages attracted a mix of individuals some of the the most creative and dangerous missions of WWII. Known as the Jedburghs, the small special purpose teams were a WWII phenomenon born out of the British Army and Sir Winston Churchill’s affinity for “ungentlemanly warfare.”
The multi-national teams were trained in irregular warfare, maintained extensive foreign language skills, and excelled at subterfuge, sabotage and surveillance. Jedburghs were sent deep into Nazi-held territory to disrupt the German war effort by waging unconventional warfare. As a concept, they provide an example of how an unconventional take on cross-functional partnerships can affect a war zone and operate effectively in politically sensitive environments.
The Jedburgh legacy lives on within 1st Special Forces Command who recently revamped the concept as four-person operational detachments. Today’s Jedburgh program should serve as the model for a new type of multi-domain collaboration: the pairing of the Cyber Mission Force and Special Operations Forces, or the integration of lethal and non-lethal assets, to tackle some of the most vexing challenges associated with strategic competition.
While CMF and SOF capabilities are already employed together in the military’s Special Mission Unit concept, integrated Cyber-SOF assets are needed at scale if the US wants to compete with the persistent threat of Russia and the pacing threat of China.
Getting Out in Front of Conflict
In 2018, U.S. cyber strategy shifted from one of restraint to engagement when U.S. Cyber Command obtained additional authorities under the National Defense Authorization Act. A cornerstone of the Department of Defense Cyber Strategy (the next update is expected soon) is the 2018 Defend Forward policy and USCYBERCOM’s hunt forward initiative
Hunt Forward Operations are executed by teams from the Cyber National Mission Force, the offensive arm of USCYBERCOM, who engage with allies at their invitation to identify malicious cyber activity and observe adversary tradecraft and tools “in the wild.” Hunt Forward teams are therefore proactive measures that protect partner and U.S. networks. However, in addition to being a geographic concept, Hunt Forward is also temporal, as a teams’ activity enables an understanding of malicious cyber activity before it reaches US networks – much like the presence of SOF teams around the globe.
As a policy, Defend Forward is similarly temporal – it bridges short term tactical goals with over-the-horizon capabilities, as defined in ongoing counter-terrorism efforts – or capabilities and accesses developed in and through cyberspace today, that will enable the US to maintain the initiative and security of tomorrow. General Paul A. Nakasone, the commander of USCYBERCOM, describes the policy’s enabling activities as those that force an adversary to focus on defending their own assets, thereby inhibiting the adversary’s ability to go on the offensive.
The concept should sound familiar – especially after two decades of counter-terrorism operations – as it mirrors SOF activities: engage with the enemy, far from the US homeland, and constantly apply pressure to prevent the conditions necessary for an attack on the homeland – or strategic insecurity – from occurring.
In other words, the best defense is the continuous and relentless application of offense or, what some researchers call, “initiative persistence.” Thus far, HFOs have paid off, with a few dozen successfully completed missions across at least 14 countries.
Collaboration for Multi-Domain Operations
As Nakasone recently explained, Hunt Forward missions include sharing threat indicators, providing warning, sharing personnel, and providing insight with a host nation’s forces. In this sense, the CNMF teams serve a function much like that of the SOF teams tasked with Security Force Assistance, where training between the host nation and US service members is designed as a skill and information exchange.
However, Hunt Forward could expand to include more components of the Irregular Warfare portfolio, including Stability Operations. Cross-functional teams are used in a variety of military contexts, and the integration of SOF operators into elements of the CNMF, or vice versa, should be considered a crucial next step for the strategy of integrated deterrence.
Within the joint force, the concept of integrating operational skill sets is used to counter irregular threats through a balanced approach for strategic advantage. And integration also brings a premier skill to a team that would otherwise lack the capability. For example, SOF teams consistently embed Air Force Close Combat Controllers to support small units of action because of their exquisite Joint Terminal Attack Controllers capabilities.
The Air Force JTACs are revered among SOF as the premier enabler for controlling terminal attacks – ground force commanders consider them to be both a force multiplier, by providing critical fire control measures, and a risk mitigator for coordinating airstrikes. While the other services encourage their own small units to organically develop the JTAC capability internally, the skill is often assigned as a secondary job or additional duty and therefore fails to deliver the same performance as a fully qualified Air Force CCT.
Working Smarter, Not Harder
Similarly, cyber work role qualification and certification, much like the JTACs, is something SOF doesn’t have to develop or provide internally and, conversely, the CNMF doesn’t have to develop or provide its own version of special warfare training. Instead, creating the concept for Cyber-SOF tactical teams is – like the Jedburghs and embedded JTACs – a joint solution to the joint problem of an increasingly hostile cyberspace.
Without question, the cultures of SOF and CMF units may seem wildly different but, in reality, they are quite similar: both hold expertise in high regard, train consistently for ongoing and continuous global operations, and understand the strategic and cumulative effect of their teams’ operations. Additionally, CNMF and SOF units are postured to respond quickly to shifting global priorities and to an attack on the homeland or allied nation.
While an integrated concept will take time to develop and implement, there are areas in which immediate coordination is needed and possible: 1) close-access requirements for high sensitivity network and infrastructure access, 2) language and cultural fluency in forward deployed regions, and 3) foreign partner training.
Because the Cyber Mission Force and Special Operations Forces are two of the most exquisite tools of national power the US has, there is bound to be resistance to coordination but, failing to collaborate and integrate will produce redundant efforts instead of a unified strategy that efficiently leverages US assets to affect global and national security.
Using the blueprint of the multi-functional Jedburghs and the lessons learned from the embedded JTACs – models known to work effectively – a joint Cyber-SOF effort could better thwart attacks from peer adversaries like China, and provide another layer of proactive defense to the strategy of integrated deterrence.
Nicholas Dockery is a Special Forces Officer and a General Wayne Downing Scholar. He is pursuing a Masters in Public Policy at the Jackson School for Global Affairs, Yale University. Captain Maggie Smith, PhD, is a US Army cyber officer assigned to the Army Cyber Institute at the U.S. Military Academy where she is a scientific researcher, an assistant professor in the Department of Social Sciences, and an affiliated faculty of the Modern War Institute. She is also the director of the Competition in Cyberspace Project.