The German Cyber and Information Domain Service as a Key Part of National Security Policy
Digitalization is the dominant cultural and social feature of the present age - it is the megatrend for the 21st century. Digitalization and virtually limitless networking are enabling enormous improvements and innovations. Processes and communication are made faster and more efficient. Life has become easier and more convenient in many ways. When is the next bus coming? Is it going to rain tonight? Quickly turn the heating down at home, from a smartphone. Technological progress is facilitating all aspects of everyday life and society.
Digitalization has become a priority issue in the German armed forces as well. Even today's weapons systems such as the Eurofighter or a warship are reliant on digital sensors, networks and computerized decision support systems. Logistics chains would be almost unmanageable without IT systems, and even the future infantryman will increasingly be a digitized sensor and effector.
The integration of cutting-edge IT into military planning and decision-making processes has a decisive impact on modern armed forces operations. It also increasingly determines command and control procedures as well as leadership culture.
Challenges of digitalization
Yet for all the benefits and achievements, there is another side to the coin: digitalization has created new dependencies and vulnerabilities. Many states and businesses regard risks from cyber space as one of, if not the largest threat in the years and decades ahead. Cyber attacks on states, critical infrastructure and private homes have long been a reality. Attacks happen every day, are automated or highly sophisticated, and ever more ambitious. Many of us vividly remember the impacts of the WannaCry and NotPetya malware, or the attack on the Berlin-Bonn Information Network (IVBB) at the end of 2017. States, businesses and private individuals are all targeted. For businesses, even low-threshold cyber attacks can cause damage costing billions. At the end of 2018, it became clear just how much our private lives could be affected, too. A school student with no formal IT training collected large amounts of personal data from various people who had not sufficiently protected their online privacy, and uploaded it on Twitter where it was publicly accessible.
Along with attacks from cyber space, activities in the information environment are also on the rise - such as fake news campaigns. These are deliberately aimed at provoking unrest. Inter- and intra-state conflicts are increasingly influenced by propaganda and disinformation. Information is becoming a core resource of the future.
These trends will intensify in both quality and quantity. Adequate protection is therefore of fundamental importance for state, economy and society. The state must ensure it can maintain its capacity to act while protecting and providing for the population. The capabilities of the Bundeswehr in the cyber and information domain can make a significant contribution in this regard.
Set-up of the Bundeswehr in the cyber and information domain
Ever since the 1990s, the Bundeswehr has devoted a lot of attention to IT security. For over 20 years, it has operated its own IT security organization with around 600 personnel. It places a particular emphasis on awareness of IT-related issues among its members. In response to the impacts of increasing digitalization, the new Cyber and Information Domain Service was set up in April 2017. It bundled existing units and has developed their relevant knowledge and expertise, and will continue to do so.
The new Service has a highly diverse portfolio of tasks. One focus of its activities is on protecting and operating the German armed forces' IT systems in Germany and abroad. Another is on strengthening and developing intelligence, surveillance and reconnaissance (ISR) and effects capabilities in the cyber and information space. This includes cyber operations such as infiltrating enemy IT networks, electronic warfare, and operational communication on deployments abroad. Geoinformation service staff support the whole range of Bundeswehr operations in mission accomplishment by providing all kinds of high-resolution, quality-assured digital geospatial information. In addition, the Cyber and Information Domain Service by exchanging information and cooperating with other national and international institutions contributes to national security provision and strengthens Germany's cyber security architecture.
The German Cyber and Information Domain Service Headquarters has already established its own situation centre for the cyber and information space domain. A valid situation picture, providing the basis for options for action and synergies, is generated by merging available situation reports from all areas relevant to the cyber and information domain. Analysts process different types of structured and unstructured data from a variety of sources. In the future, they will use artificial intelligence and big data methods. For example, correlating data from Bundeswehr IT systems with military intelligence as well as publicly available information from social networks could lead to conclusions being drawn relating to an increasing hybrid threat or a coordinated cyber attack. We make these analyses available to users in the Bundeswehr and other agencies. We have also recruited new specialists for the Bundeswehr Cyber Security Centre. The Cyber Operations Centre was established on April 1, 2018, and was followed a year later by the Bundeswehr Centre for Software Expertise on April 1, 2019. All of these activities have brought us a good step closer to achieving our self-imposed goal of shaping all aspects of the cyber and information domain in an integrated way.
Special features of the cyber and information domain
Since the 2016 Warsaw Summit, NATO has regarded cyber space as an independent theatre of operations - along with land, air, sea and space. In cyber space, armed forces can use special software to reconnoitre enemy systems, and take action against them. Specifically, for example, logistics chains can be interrupted, vital data for operations can be modified, and command and information systems can be disabled. In the German armed forces, we deliberately define this new military domain even more broadly than NATO to include the information space. Beyond technology, this is where information is perceived, interpreted and spread by humans. So-called "publicised opinion" is one of the important aspects that we focus on.
The cyber and information space has several special features compared to the other conventional theatres of operations. It is characterized by a high degree of complexity. Territoriality is complemented by virtuality. It cannot be divided into zones of action with clear geographical boundaries. The same applies to troop manoeuvres. It is certainly possible, however, to achieve physical effects in the cyber and information space, by all means. But the locus of impact of cyber and information space operations may be thousands of miles away from the source of activity. Time, too, has a different meaning. After all, in cyberspace, effects can be achieved over any distance with no time delay, and in real time.
The attribution of attacks is problematic. Technological possibilities allow activities to be disguised especially well. There are also many potential types of perpetrators and motives. Owing to the opportunities of digitalization, non-state actors by means of cyber attacks can achieve effects now that were previously the preserve of state actors. Digitalization has made hazard assessment much more complicated. It is always necessary to know: Who is attacking us and with what aim? In this context, the issue of attribution, with its technical, legal and political aspects, gains a special importance. In collective or even national defence scenarios, binding international rules - similar to those that apply to armed conflicts between states - must also be applied to the cyber and information space.
Consequences of digitalization Change in the form of military conflict
Increasing digitalization has important implications in terms of conceivable military scenarios. A future conflict scenario will be essentially characterised by hybridity, the waging of conflict in the digital realm, artificial intelligence, and autonomy. The intensity of actions may intentionally remain below the accepted threshold required to classify them as armed attacks. This reduces the probability of classic military confrontations between industrial nations, and makes hybrid forms of conflict more likely. Conventional military forces of sufficient quality and quantity still have to be kept ready, however, to ensure a credible deterrent.
Cyber and information space operations - either carried out autonomously or supportively - gain further importance. They are conceivable as first-hour operations, possibly even before "conventional forces" have been alerted. After all, inter- and intra-state conflicts are already being increasingly influenced by propaganda and disinformation. In the future, armed forces will need to be more sophisticated and more specialized. New thinking is needed for operations in the cyber and information space that form an independent area of operations, yet also provide support as part of classic military land, air or sea operations. We must develop capabilities for cyber and information space operations over the full spectrum, so that we can offer policymakers options for non-kinetic action.
Consequences for organization and processes
Increasing digitalization has an impact on all kinds of areas within the armed forces. At the same time, of course, the Bundeswehr tries to exploit the benefits of digitalization to the greatest possible extent. Apart from command and weapons systems, potential applications exist, for example, in personnel management, logistics, energy management and in producing situation pictures and forecasts.
Organization has to adapt to the requirements of digitalization. This is not about providing IT support for existing processes, but rather of adapting and optimizing processes based on the possibilities of digitalization. We need new strategies as an integrated national approach to the hybrid conflict scenario I described earlier. Do we need an adjustment of rules and powers at the national level to enable an adequate response to the "digital state of defence"?
Furthermore, the ethics of digital conflict must be discussed by society as a whole, and within the Bundeswehr. In my view, there is an absolute need to create binding international rules. The law of war needs to be adapted to modern forms of conflict. We need to find an international consensus on the application of key ethical terms, among others, such as "suffering" and "attack", to the cyber domain. For guidance, we should look to the ethical standards that have proven effective as a basis for existing international law. A good foundation has existed since 2017 in the form of the Tallinn Manual 2.0.
We must also consider ethical aspects, especially in relation to weapons systems. A responsible approach to new technologies is mandatory. Not everything that is technically possible should necessarily be implemented and legitimized. This also applies to the field of artificial intelligence.
Consequences for leadership, command and control procedures, training and "culture"
Command levels and command and control procedures have to be reviewed and adapted. In the future, a comprehensive situation picture and automated recommendations for action will increasingly coincide at higher levels. The issuing of orders and their implementation in hierarchies must be reconsidered against this backdrop. In general, we are confronted with the following questions: Are tools and processes from the past still right for today? Could modern tools such as Design Thinking offer alternative approaches?
Digitalization will also alter the profile of the military profession. We need a digital organizational culture in the armed forces. The cultivation of cyber awareness among all members of the Bundeswehr is of elementary importance, as is the development of a cyber security culture. The digital age calls for different skills than those required during the Cold War era. This has to be taken into account in leadership as well. We must allow and reflect on innovative thinking, and not suppress it under pressure to conform. Rapid cross-hierarchy communication must become an accepted and established practice. And of course, with regard to the recruitment process and career paths, the armed forces must be more flexible so that they can attract and retain urgently needed talent.
The Cyber and Information Domain Headquarters has already adjusted to the new circumstances. We see ourselves as a major driver of digitalization-related development in the Bundeswehr. Within our organisation, we explore new and innovative paths, implement faster processes - for example using special collaborative software - and encourage independent initiative. We do this by embarking on new procedures and principles in cooperation, which makes us a pioneer for the Bundeswehr as a whole.
Essential for protection against the challenges of digitalization Close national and international Cooperation
The internet has no natural boundaries. Effects and attacks can hit everyone: states, businesses and private individuals. Close national and international cooperation is therefore essential for effective protection against dangers from cyber space.
National cooperation is based on the German Federal Government's Cyber Security Strategy, which was adopted in 2016. It places responsibility for cyber security on the German Federal Ministry of the Interior. The 2016 White Paper states that defence aspects of the national cyber security architecture are originally tasks of the German Federal Ministry of Defence, and are constitutionally assigned to the Bundeswehr. It is the task of security and defence policy to ensure the territorial integrity and sovereignty of Germany and its allies.
Hybrid strategies use interfaces between responsibilities - e.g. between domestic and foreign security - to achieve their goals. Close cooperation and dialogue in the national setting are therefore extremely important. Back in 2011, the National Cyber Defence Centre was created under the guidance of the German Federal Office for Information Security. It serves as a forum for cooperation between government bodies in the cyber and information domain. The centre is currently being developed into an interministerial, operational institution involving all key stakeholders - a crucially important step to ensure Germany's future capacity to act in this field. It is imperative that internet service providers are involved too. The Cyber and Information Domain Service is making an active contribution to this process as a representative of the Bundeswehr. As the National Cyber Defence Centre develops, we could provide information from our new joint situation centre, for example.
The Cyber and Information Domain Service is already closely networked with all key authorities and government agencies. We have also entered into our first partnerships with academic and business institutions - for instance, there is a partnership with Deutsche Telekom, and an IT security alliance with the Fraunhofer Institute for Communication, Information Processing and Ergonomics. In both cases, the goals of cooperation are a general exchange of information and knowledge transfer, an exchange of personnel via reciprocal job shadowing, and the opening up and facilitation of mutual training and further education opportunities for IT professionals. In addition, the Cyber and Information Domain Service Headquarters is a member of the advisory board of the Cyber Security Cluster Bonn e.V., which was set up at the end of last year.
Close dialogue is essential at the international level too, since the cyber and information space is not a respecter of national boundaries. In the military sector, there is already very close bilateral cooperation, as well as at EU and NATO levels. Transfers of knowledge and expertise have now been established with corresponding NATO agencies, along with participation in joint forums. Joint exercises at strategic and operational levels take place at regular intervals.
Having discussed the various aspects, it becomes clear that digitalization has already had a significant impact on the Bundeswehr, and will continue to do so into the future. The associated challenges require new solutions and approaches in many areas. We must face up to these additional opportunities and resulting military scenarios, and prepare ourselves accordingly. Successful cyber defence is a strategic issue for government, business and society. One important requirement in this regard is to install binding international agreements that address the specific features and fast pace of the cyber and information space. Among the key aspects here are, not least, international law and ethics.
Only together can we guarantee resistance to threats from the cyber and information space - an essential requirement for the future of modern societies. The Cyber and Information Domain Service of the Bundeswehr will make a substantial contribution to this important national task, and assist with all resources available to it.
Ludwig Leinhos (born 1956) joined the Bundeswehr in 1975. After gaining a degree in electrical engineering, the Lieutenant General (Generalleutnant) in the German Air Force had assignments in intelligence gathering and reconnaissance /electronic warfare. During his military career, he took on various leadership roles in Germany and abroad, in the areas of command systems and IT planning & application. His positions included that of Director NATO Headquarters C3 Staff in Brussels. General Leinhos became the first Chief of the Cyber and Information Domain Service (Inspekteur Cyber- und Informationsraum, InspCIR) on April 1, 2017.
"There Is No Military Operation, No Military Conflict Without a Cyber Dimension Today"
Interview with Major General José Luis Triguero de la Torre