The following manual was released by the U.S. Army on February 12, 2014. The manual was first reported by Steven Aftergood of the Federation of American Scientists.
FM 3-38 Cyber Electromagnetic Activities
- 96 pages
- February 12, 2014
FM 3-38, Cyber Electromagnetic Activities, provides overarching doctrinal guidance and direction for conducting cyber electromagnetic activities (CEMA). This manual describes the importance of cyberspace and the electromagnetic spectrum (EMS) to Army forces and provides the tactics and procedures commanders and staffs use in planning, integrating, and synchronizing CEMA.
This manual provides the information necessary for Army forces to conduct CEMA that enable them to shape their operational environment and conduct unified land operations. It provides enough guidance for commanders and their staffs to develop innovative approaches to seize, retain, and exploit advantages throughout an operational environment. CEMA enable the Army to achieve desired effects in support of the commander’s objectives and intent.
The principal audience for FM 3-38 is all members of the profession of arms. Commanders and staffs of Army headquarters serving as joint task force or multinational headquarters should see applicable joint or multinational doctrine concerning cyberspace operations, electronic warfare (EW), and spectrum management operations (SMO). Trainers and educators throughout the Army will also use this manual.
…
CYBER ELECTROMAGNETIC ACTIVITIES DEFINED
1-1. Cyber electromagnetic activities are activities leveraged to seize, retain, and exploit an advantage over adversaries and enemies in both cyberspace and the electromagnetic spectrum, while simultaneously denying and degrading adversary and enemy use of the same and protecting the mission command system (ADRP 3-0). CEMA consist of cyberspace operations (CO), electronic warfare (EW), and spectrum management operations (SMO) (see figure 1-1 on page 1-2).1-2. Army forces conduct CEMA as a unified effort. Integration is the arrangement of military forces and their actions to create a force that operates by engaging as a whole (JP 1-02). Synchronization is the arrangement of military actions in time, space, and purpose to produce maximum relative combat power at a decisive place and time (JP 1-02). CEMA integrates and synchronizes the functions and capabilities of CO, EW, and SMO to produce complementary and reinforcing effects. Conducting these activities independently may detract from their efficient employment. If uncoordinated, these activities may result in conflicts and mutual interference between them and with other entities that use the electromagnetic spectrum (EMS). CO, EW, and SMO are synchronized to cause specific effects at decisive points to support the overall operation.
1-3. The CEMA element is responsible for planning, integrating, and synchronizing CO, EW, and SMO to support the commander’s mission and desired end state within cyberspace and the EMS. During execution the CEMA element is responsible for synchronizing CEMA to best facilitate mission accomplishment. (See chapter 2 for more information on the CEMA element.)
1-4. Cyberspace operations, EW, and SMO are essential to the conduct of unified land operations. While these activities differ in their employment and tactics, their functions and capabilities must be integrated and synchronized to maximize their support to unified land operations. The integration of these activities requires an understanding of the functions and capabilities being employed.
CYBERSPACE OPERATIONS
1-5. Cyberspace operations are the employment of cyberspace capabilities where the primary purpose is to achieve objectives in or through cyberspace (JP 3-0). Cyberspace operations consist of three functions: offensive cyberspace operations, defensive cyberspace operations, and Department of Defense information network operations (see chapter 3).
ELECTRONIC WARFARE
1-6. Electronic warfare is any military action involving the use of electromagnetic and directed energy to control the electromagnetic spectrum or to attack the enemy (JP 3-13.1). EW consists of three functions: electronic attack, electronic protection, and electronic warfare support. These functions are referred to as divisions in joint doctrine (see chapter 4).
SPECTRUM MANAGEMENT OPERATIONS
1-7. SMO are the interrelated functions of spectrum management, frequency assignment, host-nation coordination, and policy that enable the planning, management, and execution of operations within the electromagnetic operational environment during all phases of military operations. SMO are the management portions of electromagnetic spectrum operations (EMSO). EMSO also include electronic warfare (see chapter 5)
…
FUNCTIONS OF CYBERSPACE OPERATIONS
3-1. Army forces coordinate and integrate CO through CEMA. They do this to gain and maintain freedom of action in cyberspace and as required to achieve periods of cyberspace superiority.
3-2. Cyberspace superiority is the degree of dominance in cyberspace by one force that permits the secure, reliable conduct of operations by that force, and its related land, air, maritime, and space forces at a given time and place without prohibitive interference by an adversary (JP 1-02). Such interference is possible because large portions of cyberspace are not under the control of friendly forces. Cyberspace superiority establishes conditions describing friendly force freedom of action while denying this same freedom of action to enemy and adversary actors. Ultimately, Army forces conduct CO to create and achieve effects in support of the commander’s objectives and desired end state.
3-3. CO are categorized into three functions including offensive cyberspace operations (OCO), defensive cyberspace operations (DCO), and Department of Defense information network operations. These functions are described in joint doctrine as missions in cyberspace that require specific actions in cyberspace (see joint doctrine for CO). Figure 3-1 on page 3-2 depicts the three interdependent functions of CO.
OFFENSIVE CYBERSPACE OPERATIONS
3-4. Offensive cyberspace operations are cyberspace operations intended to project power by the application of force in or through cyberspace (JP 1-02). Army forces conduct OCO across the range of military operations by targeting enemy and hostile adversary activity and related capabilities in and through cyberspace. OCO are designed to support the commander’s objectives and intent consistent with applicable authorities and legal frameworks. (See paragraph 3-38 for additional information on authorities and other legal considerations.)
3-5. OCO are conducted in and through cyberspace where information technology infrastructures, along with the people and systems that use them, exist in an area of operations and pervade an operational environment. To varying degrees, host-nation populations, governments, security forces, businesses and other actors rely upon these infrastructures and supporting networks or systems. Given these conditions, OCO require deliberate coordination and integration to ensure desired effects (changes in behavior which do not suggest the ways or means those changes were created) are created and focused at the right place and time in support of the commander’s objectives.
3-6. Using OCO, commanders can mass effects through the employment of lethal and nonlethal actions leveraging all capabilities available to gain advantages in cyberspace that support objectives on land. For example, cyberspace capabilities and other information-related capabilities may be directed at an enemy weapons system consisting of the targeted platform and its operators. The cyberspace capability could create degrading effects on the platform while an information-related capability influences, disrupts, corrupts, or usurps the decisionmaking of the operator. (See FM 3-13 for additional information on inform and influence activities (IIA) and information-related capabilities.)
CYBERSPACE ATTACK
3-7. A cyberspace attack consists of actions that create various direct denial effects in cyberspace (for example, degradation, disruption, or destruction) and manipulation that leads to denial that is hidden or that manifests in the physical domains. For the Army, cyberspace attacks are a type of cyberspace operation employed primarily in support of OCO. Cyberspace attacks are primarily employed outside of LandWarNet, but they are coordinated and deconflicted inside of the Department of Defense information networks (DODIN). (See paragraph 3-24 for additional information on the DODIN.)
3-8. Army forces conduct or facilitate cyberspace attacks in support of OCO within designated areas of operation. For example, when employed as part of an offensive cyberspace operation, a cyberspace attack may be directed at information resident in, or in transit between, computers (including mobile phones and personal digital assistants) and computer networks used by an enemy or adversary. Enemy or adversary actors may be denied the ability to use resources or have their information resources used for friendly proposes as a result of a cyberspace attack. In every instance, commanders and staffs follow appropriate authorities and legal guidance. (See paragraph 3-38 for additional information on authorities and other legal considerations.)
3-9. Using specific portions of cyberspace and the electromagnetic spectrum (EMS) as primary pathways or avenues of approach, cyberspace attacks may employ capabilities such as tailored computer code in and through various network nodes such as servers, bridges, firewalls, sensors, protocols, operating systems, and hardware associated with computers or processors. Tailored computer code is only one example of a cyberspace capability (a device, computer program, or technique, including any combination of software, firmware, or hardware) designed to create an effect in or through cyberspace. The development and employment of tailored computer code represents the core and unique technical nature of CO capabilities. Computer code is designed to create specific effects, and when employed this code moves in the form of data packets in and through cyberspace across wired and wireless driven communication technology and systems. Cyberspace attacks must therefore be coordinated and integrated in support of the commander’s objectives and consistent with applicable assessment measures and indicators.
3-10. Cyberspace attack capabilities are employed to support maneuver operations by creating simultaneous and complementary effects. For example, a cyberspace attack capability may be employed in conjunction with electronic attack, offensive space control, fires, and information related capabilities to deceive, degrade, destroy, and disrupt a specific enemy integrated air defense system or enemy safe haven (see table 3-1 on page 3-4).