cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Making defence more cyber ready

Amid a decrease in demand for special operations forces teams to undertake counterterrorism operations, researchers have called for an integration of special operations capabilities into the cyber and information warfare continuum.

user iconReporter
Tue, 15 Nov 2022
Making defence more cyber ready
expand image

In 2007, Israeli special operations forces (SOF) teams penetrated Syria. According to a New York Times article published following the incursion, the special operations teams employed jamming capabilities against Syria’s anti-air systems, opening the way for targeted air strikes from the Israeli Air Force.

Though the conceptual application of the SOF team was no different — that being the ability for small, yet highly trained teams to bring about operational and strategic level advantages often within the grey zone — the character of the application shifted from counterterror operations to an unmistakably cyber domain.

Writing for War on the Rocks this week, Josh Golding, former cyber analyst at the US Department of Defense, examined how special operations and cyber warfare teams can leverage their unique capabilities to influence the battlefield.


To the author, the syncretisation of cyber and special operations is a natural way to harness the unique skills of SOF teams while the demand for counterterror and counterinsurgency operations decreases globally.

“On a site visit to Afghanistan in 2019, former Special Operations Command commander General Richard Clarke noted that 60 per cent of the special operations community’s focus was now on ‘working in the information space’, a dramatic change from the 90 per cent focus on kinetic operations he observed between 2002-11,” he argued.

“Left with a bloated Special Operations Command numbering 70,000 people after 20 years of counterterrorism operations, the Pentagon must make the tough calls about what to prioritise during the shift to peer competition.”

Such an examination is consistent with the traditional concept of special operations capabilities, especially the requirement to conduct tasks in “hostile, denied, or politically and/or diplomatically sensitive environments” (as defined in the US Special Operations Joint Publication 3-05). Such applications are unique to the demands of conventional forces in peer-to-peer conflict.

As such, Golding cited former commander of the US forces in Iraq and Syria General Stephen Townsend to observe the importance of developing “easier-to-deploy” cyber units to take advantage of this extremely impactful vector.

“Recently, the 915th tested its ability to gain access to ‘internet of things’ devices inside a house containing mock terrorists to gather intelligence and potentially create effects to drive out the group,” Golding observed.

“Expeditionary cyber operators achieved this by gaining proximal access to the target house from a nearby office in Maryland. This sort of operation is reminiscent of an attempted Russian intelligence close-access operation conducted from a car in The Hague to gain access to the Organisation for the Prohibition of Chemical Weapons’ networks in 2018.”

As observed with Golding’s example, there are substantial data points to evidence the impact of special operations cyber units in military competition.

Looking back to the Stuxnet attack in 2010, special operations use of cyber warfare proved paramount to undermining Iranian nuclear capabilities.

While commentators laud this efficacy of the Stuxnet worm in destroying Iran’s Natanz nuclear facility, they have also observed that the existence of an air gap between the internet and the nuclear centrifuges necessitates human intervention.

Therefore, despite the increase in cyber capabilities, there will always be a requirement to have a human in the loop to deploy cyber capabilities. It is time to enhance cyber with special operations support.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.