Skip to content

Newly declassified FOIA document discusses 2016 Obama order to fight ISIS in cyberspace

May 5, 2017

By Michael Martelle

Cyber Vault Highlights:
40+ Primary Sources Every Cyber Student Needs

A FOIA request filed by the National Security Archive’s Intelligence Analyst, Dr. Jeffrey Richelson, has won the partial release of documents on the US’s cyber offensive against the Islamic State, providing a valuable look into the integration of cyber-operations into multi-domain battle and global counter-terrorism.

In July 2016 the Washington Post reported that the United States Cyber Command had created a new unit to develop and use cyber weapons against the Islamic State, prompting Richelson to FOIA documents on the establishment of the unit – Joint Task Force (JTF) Ares. In response, US Strategic Command released partially redacted versions of Task Order 16-0063 and Fragmentary Orders 01 and 02, which were sent to related cyber commands in the US military to establish the task force.

These documents establish JTF Ares with the mission of developing and using malware and other cyber-tools to damage and destroy ISIL networks, computers, and mobile phones. They also give JTF Ares instructions to coordinate and deconflict with other commands, but do not place limits on pursuing and attacking ISIL networks and hardware globally.

The mission assigned to JTF Ares aligns with the fourth strategic goal in the Department of Defense’s Cyber Strategy to “build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict environment at all stages. […] If directed, DoD should be able to use cyber operations to disrupt an adversary’s command and control networks, military-related critical infrastructure, and weapons capabilities.”

The mission, difficult enough in isolation, is complicated significantly by related operations in the land, air, and sea domains. Thus, cyberspace operators must coordinate, or deconflict, not only with each other, but also with units acting in other domains as well as intelligence agencies. Effective deconfliction allows warfighters to work in concert with one another to weaken or destroy opponents. Ineffective deconfliction, however, results in a multi-domain campaign that is less than the sum of its parts. Thus, instructions are given to JTF Ares:

US Central Command and Special Operations Command:

As well as a name-redacted intelligence entity:

Keeping in mind the heavy need for deconflicting operations, it is notable that command and control of JTF Ares is given to the commander of Cyber Command (Admiral Rogers, also the head of the NSA) instead of Central Command or even Operation Inherent Resolve. This suggests that JTF Ares is meant to operate globally against ISIL. Without a geographic limit in place, and with ISIL fighters scattering globally as territory in Syria and Iraq is lost, the mission assigned to JTF Ares is reminiscent of the 2001 Authorization for the Use of Military Force in its potential for open-ended interpretation.

The control of Cyber Command over JTF Ares also highlights the importance of the NSA to the task force. While personnel for JTF Ares come from the cyber bodies of each service, they are required to meet NSA standards.

The leadership of Cyber Command (dual-hatted as head of the NSA), co-location with the NSA at Fort Meade, and emphasis on NSA standards underlines the close relationship between the NSA and Cyber Command as well as the blurring of the line between passive surveillance and active disruption in the cyber domain.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: