As the 2020 election draws near and concerns about Russian interference in U.S. elections grows, U.S. military cyber officials are developing information warfare tactics that could be deployed against Russian officials and private entities, the Washington Post reported. U.S. Cyber Command, or Cybercom, is developing information warfare tactics ranging from subtle warnings to more direct attacks on Russia’s information warfare capabilities.
Neither these tactics nor the perceived need for an aggressive information warfare stance is new to this election cycle. Prior to the 2016 election, aides from the Obama administration’s National Security Council drafted guidelines describing a range of options remarkably similar to those being considered by Cybercom today.
Those efforts were complicated by a lack of clarity as to which U.S. governmental entities were responsible for which information warfare tactics. Prior to the 2018 midterms, both Congress and the Trump administration approved guidelines that clarify those responsibilities, freeing Cybercom to develop more ambitious information warfare tactics and to deploy them more swiftly.
What can we expect for the 2020 election?
While Cybercom’s preparations are necessarily classified, its previous information warfare tactics are a useful guide to what it may be planning for the 2020 elections.
The U.S. intelligence community has consistently pointed to Russia as the primary source of election interference, and it was far better prepared to combat such interference in the 2018 midterm elections that it had been in the 2016 presidential election.
Specifically, Cybercom targeted the Internet Research Agency (IRA), a private “troll farm” funded largely by companies controlled by Russian oligarch Evgeny Prigozhin, a close ally of Russian President Vladimir Putin. The U.S. intelligence community has long identified the IRA as a central player in Russia’s attempt to influence U.S. elections by seeding the domestic conversation with disinformation and encouraging discord among the electorate.
A month before the 2018 election, Cybercom launched a strategy largely based on emails and text messages to surreptitiously obtain personal information from IRA employees. It them showed its hand, demonstrating that the employees’ identities and personal information were known and could be released publicly. When the interference did not stop, Cybercom took a far blunter approach, causing the IRA’s servers to crash on Election Day and leaving behind misleading information that caused widespread finger-pointing among IRA managers and employees.
Experts believe that 2018 suggests a roadmap for Cybercom’s information warfare strategy heading into the 2020 election. The documented history of recent Russian interference, however, along with significant changes in U.S. policy, could encourage Cybercom to employ far more pointed and aggressive tactics during the current election cycle.
Officials suggest that Cyber Command would target senior Russian officials and oligarchs like Prigozhin who are believed to support Russian information warfare efforts financially. Such efforts are likely at first to resemble those employed against the IRA: a series of warnings backed by a demonstration that the targets’ personal data has been obtained without their knowledge. While this strategy would shift Cybercom’s focus from troll farms and other operational targets to their sources of funding and governmental support, it is widely believed that no information warfare strategy currently in development includes Putin as a target. As its history shows, however, Cybercom is prepared to target Russian oligarchs directly, and important stores of data could be hit.
Cybercom’s emerging information warfare mandate
Information warfare is nothing new—the Voice of America radio network is just one recent example of how information has been used to support the U.S.’s broader strategic goals. Cybercom itself, however, is only ten years old, and its standing within the Pentagon and in relation to other federal departments—and to information warfare itself—has changed over time.
Cybercom’s traditional role has had less to do with information warfare than with defending online U.S. assets against attacks from abroad. Over the last decade, it has developed more offensive capabilities, demonstrated last summer by its disabling of a crucial databased used by Iran’s military forces to target shipping traffic in the Persian Gulf in response to Iran’s downing of a U.S. surveillance drone.
In the runup to the 2020 election, Cybercom has emerged as the agency primarily responsible for countering election interference. While the Joint Operations Command has dedicated staff and resources to developing information warfare capabilities and the Army, Marine Corps, and Air Force have followed suit, no department or agency had been formally tasked with protecting the integrity of U.S. elections. Cybercom’s success in 2018, however, made it a compelling choice to combat efforts to interfere in the 2020 election.
Cybercom is led by Gen. Paul Nakasone, who has held the position since 2016. Since 2018, he also heads the National Security Agency (NSA), adding the nation’s most powerful internet-surveillance and cryptography agency under his purview.
Until the 2020 election, the U.S. lacked a coordinated response to election interference. Cybercom may have been the likeliest agency to direct such a response, but its operations in such cases were considered both military and diplomatic in nature, and were subject to review by others outside the Pentagon, including the State Department and the CIA, before receiving formal approval by the Secretary of Defense.
That began to change in 2018, when Congress classified cyber actions not involving the use of force as traditional military activities not subject to the same types of review as covert missions. Cyber operations like those used to combat election interference that once involved months of vetting and approval can now proceed far more quickly and responsively to threats and opportunities. President Trump further clarified matters some weeks later, when he specified that DoD approval alone would be required for execution of such operations, regardless of how the State Department and other agencies weigh in.
Further in preparation for the 2020 election, Congress recently created the position of Principal Information Operations Adviser. This role is designed to help reconcile the strategies pursued by Cybercom and other agencies with the broader policy objectives of federal departments, notably DoD and State.
These changes give Nakasone the means to execute a more ambitious anti-interference strategy in the 2020 election than anyone in his role has been authorized to conceive or pursue in the past. He appears to relish the challenge.
Remarking on the 2020 election, Nakasone told a defense forum in December “We can’t let up. This is something we cannot be episodic about. The defense of our nation, the defense of our elections, is something that will be every single day for as long as I can see into the future.”