On the Digital Brink
This article, the first in a series on digital defense, will look at how the United States should bring tech experts and the innovative ideas they develop into the Department of Defense at an accelerated rate, and why those innovations should be shared with allies. It will be followed by stories on how safety science can inform the use of artificial intelligence in the military, and on how the Army’s 1941 Louisiana Maneuvers can be a model for virtual training of the armed forces today to face future conflicts, not past wars.
The world stands on the brink of a new way of war, as digital technology takes over the military just like it has taken over entire industries in the civilian sector — the retail business, financial services, and the media. Companies that have not embraced software are being leapfrogged and left behind. In the military this can be a matter of life or death. Both of the writers of this story have seen in our careers the consequences of relying on antiquated systems from past wars: soldiers reduced to using paper maps in combat in Afghanistan because they had no functioning digital mapping, servicemembers in Afghanistan blown up in vehicles lacking state-of-the-art protection, soldiers badly injured in Iraq by Islamic State drones dropping grenades on them because they lacked simple electronic jamming devices to stop them. It is not that the technologies to deal with these problems did not exist — all were available in the private sector. They simply didn’t exist in the military when and where they were needed. Nor is it just a question of updating technology. To be able to fight the wars of the future, the military should come to see itself as a software-enabled enterprise.
In Silicon Valley, the rapid advances in AI, machine learning, and robotics have projected private companies far ahead of the inflexible “programs of record” in the Department of Defense. Servicemembers often have more computing power in their personal smart phones than in their government-issued devices. Meanwhile, authoritarian regimes around the world buy, copy, or steal U.S. technology, routinely co-opt their own private companies to do military work, and have made the use of software integral to their way of war. America’s technological edge is being blunted. While Americans agonize over the ethical frameworks for kinetic attacks by autonomous weapons systems, the Chinese military has developed an ambitious strategy to paralyze the United States by attacking its reliance on complicated and often outdated information systems.
There has of course been some remarkable technological progress in the U.S. military. Take for example the F-35 Joint Strike Fighter. Its manufacturer, Lockheed Martin, boasts that the core processor in the F-35 — known as the “flying supercomputer” — can perform 400 billion operations per second. It is one of the most technologically sophisticated pieces of equipment in the U.S. military, completely reliant on software. But as Christian Brose points out in his recent book, The Kill Chain, the commercial company Nvidia makes mini-supercomputers for self-driving cars that do 320 trillion operations per second — 800 times faster than the best the U.S. military can do in its $100 million aircraft.
The United States has the best software in the world, but it is simply not making its way quickly enough into national defense. As Eric Schmidt, the co-founder of Schmidt Futures, former CEO of Google, former chair of the Defense Innovation Board, and a founding partner of Rebellion Defense, has observed, the Department of Defense does not have an innovation problem. Rather, it has “an innovation adoption problem.”
Recognizing this problem, former Secretary of Defense Ash Carter set up the Defense Digital Service in 2016 inside the Pentagon to build a bridge with Silicon Valley’s technologists. Nicknamed a “SWAT Team of Nerds,” the Defense Digital Service set out to bring experienced software engineers to Washington for two-year terms to seed tech ideas in the department. It has offered Pentagon planners some interesting lessons about operating in the digital world.
One of the Defense Digital Service’s first exploits was to launch the “Hack the Pentagon” initiative, the first-ever federal “bug bounty” program, in which 1,400 people signed up through the cyber security crowd-sourcing firm HackerOne to seek out security flaws in Department of Defense websites. Offering bounties to benign “ethical hackers” to find bugs in software is commonplace in the technology world, but until the Defense Digital Service was set up it was not something the Pentagon had considered — despite the fact that the Pentagon is constantly targeted by cyber attacks from all over the world. In fact, the Defense Digital Service didn’t even know if the idea of “hacking the Pentagon” was legal, and proceeded only with the top cover it had from Carter — and some urgent conversations with the Justice Department.
The program was launched on April 18, 2016. A hacker found the first vulnerability in 13 minutes, and after 24 days they had collectively found 138 vulnerabilities. The department paid out $75,000 to hackers as bounty, and it was declared a big success. The exercise affirmed in the most immediate way the value of bringing in outside tech expertise. It also highlighted the need to take risks — second nature to Silicon Valley entrepreneurs but often anathema to established procurement processes in the Pentagon. The former Army secretary, Eric Fanning, said that the bug bounty program proved “there are large numbers of technologists and innovators who want to make a contribution to our nation’s security, but lack a legal avenue to do so.” Congress took note and put it into legislation for other agencies across the U.S. government. The Department of Defense continues to run bug bounty programs, and has now carried out 10 separate events, including Hack the Air Force (four times) and Hack the Army (three times). Even faraway Singapore has come inquiring about using the same techniques to hunt for vulnerabilities in its Ministry of Defence systems.
The Defense Digital Service then sent a team to Afghanistan, where NATO advisers were struggling to stay in touch with their Afghan counterparts because of a software system called Advisor Network that was so outdated it didn’t even have a working search function. The system was due to get an update that would have taken up to two years. The Defense Digital Service reprogrammed it in 15 weeks. The service subsequently accelerated the development of the next-generation Global Positioning System using the commercial cloud, and helped to start the Air Force’s innovative software development factory, which they named Kessel Run. In Iraq, the Defense Digital Service designed small mobile devices to block insurgents’ drones carrying explosives. The team accomplished that in a matter of months using commercially available technology for a total cost of $100,000 — a fraction of the tens of millions of dollars spent unsuccessfully by contractors attempting to counter the same drone threat.
The Defense Digital Service continues to introduce innovative ideas to the Pentagon. Its 80 employees know they are not going to single-handedly change the way the Department of Defense, with 2 million civilian and uniformed employees, absorbs new digital technology. However, they have established a proof of concept for how technology from the private sector can be profitably injected into military applications. Perhaps more crucially, they have demonstrated how it is possible to get top-level talent from the tech sector to work in defense.
The Pentagon cannot match the compensation and stock option incentives of a Silicon Valley company. Even private defense startups, which can pay top-of-market salaries, have to overcome resistance in some engineers’ minds to working in the defense sector. The Defense Digital Service approach has been to reframe the mission, offering candidates the prospect of doing something that really matters to their country, while working on some of the most challenging and sophisticated problems in software development. “I’m never going to be able to pay people what they can get out in the private sector,” former Defense Secretary Carter admitted. “Their reward is to be part of something that matters a lot more than getting people to click on something or take pictures of themselves.”
In addition to bringing in outside tech expertise, another lesson is the need to maintain a high tempo in the digital world. The drone-blocking software in Iraq had to be regularly updated to match the new models of consumer drones that were being released onto the open market and appropriated by the Islamic State. A standard Department of Defense 24-month acquisition plan in the digital world will likely already be out of date by the time it is implemented. The technology industry iterates in months, not years.
As Tony Thomas, former commander of Special Operations Command and an adviser to Rebellion Defense, has pointed out, the military is being “out-cycled” by the speed of technological development in the private sector, and he described the technology used by special operations forces as “legacy systems whose sunset is almost upon us.” Unsurprisingly, Special Operations Command set up its own office to accelerate the acquisition of artificial intelligence and machine learning last summer.
The time it takes for new technology to degrade into a legacy system is inexorably shrinking. To keep up, ever more powerful software is required. Computers are infinitely better at many tasks than people. They are not perfect: Self-driving car algorithms have failed to identify pedestrians, leading to fatal crashes, and other algorithms have been shown to perpetuate biases introduced by human programmers. However, when it comes to processing data, humans cannot compete. Imagery analysts sifting through thousands of satellite or aerial photographs are more likely to miss the target — through attention fatigue — than a smart algorithm that never tires. Airmen copying and pasting details of air refueling operations between spreadsheets are more likely to make mistakes than a robust software system. Defense bureaucracies have staff wasting hours and hours doing jobs that AI algorithms, informed by lessons from civilian safety science (as Marianne Bellotti writes about in the second piece in this series), can do in seconds. Similarly, in the digital world, virtual reality simulations can be far more useful than real-world wargames in preparing troops for the battlefields of the future (as Jennifer McArdle writes about in the third).
Finally, the United States should do all it can to keep its allies abreast of advances in technology. The Western alliance has kept world peace for 75 years, enduring and ultimately prevailing in the Cold War with its existential nuclear threat. This required, and will continue to require, that free democracies can all communicate and operate jointly using compatible systems, while resisting hacking and spoofing by adversaries. In the United Kingdom, the Government Digital Service was originally set up to share digital systems and technology across the government. After seeing what the Defense Digital Service was introducing to the U.S. Department of Defense, the U.K. government realized the risks of their own Ministry of Defence falling too far behind in software development, to the point where it might no longer be able to communicate smoothly with the United States. The British side moved to instigate a U.K. Defence Digital Service organization to bring a digitally savvy culture into the military that could quickly implement some ideas from the United States.
Changing the military so that software can handle many of its problems is, admittedly, a far harder task than any other “market transformation.” It is different from optimizing food delivery or ensuring that you can watch streaming video anywhere in the world. Military leaders come from traditions with rich histories and deeply embedded cultures. Their mission has a unique sense of gravity: In the United States, the United Kingdom, and other democracies, they protect their citizens and their way of life using lethal force, all the time acting subject to democratic obligations. Authoritarian regimes in countries like China and Russia operate free of such obligations, not being fully accountable to their own populations.
As the world enters a new way of war in the digital age, it will be crucial for the United States and its allies to adopt the best technology available from their private companies, and stay one step ahead of their adversaries. Which means the Department of Defense needs to become the greatest software enterprise that there is.
Chris Lynch is the chief executive officer at Rebellion Defense, and from 2015 to 2019 he served as the founding director of the Defense Digital Service.
Oliver Lewis is a cofounder of Rebellion Defense, and former deputy director of the U.K. Government Digital Service.
Image: U.S. Navy