The Information Technology Counter-Revolution: Cheap, Disposable, and Decentralized
Almost three decades ago, a coterie of defense wonks proclaimed that the information revolution would transform military power. They were right. But three decades later, it is time for the American military to prepare for what’s next, not try to dominate a 90s-era information battlefield.
In 1996, Eliot Cohen wrote that the information technology revolution in military affairs (or IT-RMA) would create an “astounding and unprecedented ability to amass and evaluate enormous quantities of information about any given battle arena … and make near-instantaneous use of it.” For the IT-RMA visionaries, systems of sensors, data processing centers, and digital communication would provide America with the speed and decision advantage necessary for victory.
But the U.S. military never fully realized the IT-RMA, and now the revolution-reaction cycle has moved on. The very capabilities that propelled the IT-RMA have become troubling vulnerabilities, leaving Washington with the worst of both worlds — campaigns that are digitally dependent enough to be vulnerable to new information threats but not advanced enough to leverage the newest data technologies.
It would be a mistake for the United States to simply redouble its efforts to fully implement the IT-RMA. Instead, if the United States wants to regain its military edge in the post-IT-RMA world, it will need a new theory of victory. The goal is no longer speed and decision advantage but instead persistence and resilience. With this in mind, the military should focus on building decentralized networks, investing in tactics that decrease the economic cost of war, and developing weapons systems and tactics that gracefully degrade by gradually losing effectiveness instead of failing catastrophically.
The Information Technology Counter-Revolution
That the United States has struggled with implementing the IT-RMA has been well documented in congressional testimony and public discussions. Unfortunately, the solution that many have presented so far is to simply double up to catch up on the old IT-RMA by employing technologies like AI and centralized networks to maximize speed and information. A better approach begins with the realization that the United States has already missed its IT-RMA window.
Simply put, the counter-IT threat adapted faster to the IT revolution than the U.S. military. Many of the innovations envisioned by early IT-RMA advocates are now vulnerable to network failure, denial, and data manipulation. Offensive cyber capabilities, digitally enabled electromagnetic jamming, cable-cutting, and anti-satellite kinetic and non-kinetic measures all threaten the digital infrastructure central to the IT-RMA. Large hubs that store and process data are tempting first strike targets, while military data and its users are valuable targets for espionage and disinformation. U.S. operations and tactics — built for campaigns of decision advantage and information dominance — are not currently built to withstand the deliberate introduction of uncertainty via disinformation campaigns, the poisoning of data sources, or even attacks on the algorithms that undergird big data analysis.
Further, the move towards digital dependencies has created a capability/vulnerability paradox. The United States is both vulnerable to first strikes against its information infrastructure and also highly incentivized to use its IT-RMA capabilities to launch first strikes of its own. This dangerous, offense-dominant spiral is particularly of concern for U.S.-Chinese competition. China’s proximity to Taiwan or contested islands in the East or South China Sea means that a quick war disadvantages the United States, which would have to activate complicated logistical chains and deployments to counter a Chinese attack. Even in more asymmetric relationships, such as with Iran or North Korea, digital dependence leaves America’s conventional superiority vulnerable to opportunistic attacks on key network hubs. In an escalating crisis, a cornered adversary would have a dangerous incentive to target infrastructure like intelligence-processing centers or communications satellites with strategic implications for U.S. campaigns.
And perhaps this is where Washington never learned the real lesson from past military revolutions. Historians and political scientists have always argued that military innovation didn’t jump from one revolution to the next — instead the transition to new revolutions was a process of threat and counter-threat adaptation. This period of contestation is more the norm than the brief windows of punctuated equilibrium that showcase one military revolution’s dominance. Further, when revolutionary shifts in the military balance of power occur, they often come as a surprise to the existing hegemon, which is still caught up in the previous revolution it dominated.
Moving Beyond IT-RMA
What the U.S. military needs now is a new theory of victory for a world in which information, and the networks through which it flows, are threatened. For the IT-RMA advocates, victory is created through information technology by increasing situational awareness so that states can strike from further, respond to threats faster, and have more precise engagements. Consequently, investments in technology privilege efficiency and speed over security and resilience. And because information creates precision, this approach prioritizes the acquisition of a small number of expensive and elaborate weapons systems. According to this theory, networks that are centralized and optimized for efficiency, along with weapons systems that are not just data-enabled but data-dependent, can create campaigns that are short and decisive.
Alas, this version of network warfare is already antiquated and in need of an upgrade. The United States should invest instead in campaigns of resilience that slow down conflict and change the cost equation for its adversaries. In order to do this, the United States will have to privilege quantity over quality and decentralization over speed. What does this look like?
America’s response to the counter-IT RMA should start with a better understanding of how networks survive under threat. The networks envisioned in the golden years of the IT-RMA were centralized and streamlined, allowing panoply of users and platforms to access a few dense hubs in order to share and retrieve information. These networks relied on hubs to collect, store, and parse information from disparate sources, consolidating it with limited gateways between users. This kind of highly centralized network was optimized for efficiency, allowing for amalgamations of data to enable machine learning and AI, while decreasing redundancies and minimizing access points that could create cyber vulnerabilities.
However, despite the efficiencies created by highly centralized networks, studies of network robustness find that these types of networks may be less resilient — especially when large but scarce nodes are threatened. In contrast, networks with high density, small nodes, and multiple pathways are inherently resilient. Dense and small-node networks are therefore the least vulnerable to attack and least likely to create cascading effects when compromised. Unfortunately, they are also the most complex, meaning that they cost more to build and can be less efficient.
For the Department of Defense, what this means in practice is that networks should include more nodes and data transmission linkages, but should also have the ability to decompose into smaller, semi-autonomous networks with their own organic data collection and processing capabilities. When links to central nodes are attacked, these semi-autonomous networks should be able to function on their own while cheap, unmanned communications relays and back-up data processing centers patch broken links — all in the name of resilience and perseverance.
Cheap and Disposable
In order to build these dense and resilient networks, Washington will have to change the way in which it approaches the cost of warfare. Financial cost was largely absent from the discussions surrounding the original IT-RMA, which focused instead on the need to avoid casualties that would sap American public support for wars. IT-RMA solved the political will problem by using technology as a means of force protection. As a former Air Force general in charge of acquisitions declared in the early days of remotely piloted aircraft, “There may be such a thing as a cheap airplane, but there’s no such thing as a cheap American pilot.”
During the last two decades, America accepted these costs to keep its soldiers safe. But ignoring economic cost would quickly become a strategic vulnerability in any protracted conflict with a peer competitor. Campaigns built around the survival of scarce and expensive platforms, like today’s aircraft carriers or F-35s, become about defending these central nodes rather than achieving other more strategic objectives like recapturing territory. Even tactical-level weapons, like the Advanced Medium-Range Air-to-Air Missile, cost over a million dollars apiece. This is a remarkable price tag when combatting an air force like China’s with over 3,000 aircraft in its inventory. Indeed, the recent onslaught of cheap and numerous Hamas rockets against the expensive Israeli counter-rocket Iron Dome system demonstrates the power of cheap and numerous weapons against high-technology, high-cost systems.
In general, the United States needs to evaluate whether the utility of the technology that it is investing in outweighs the cost. There has been a tendency over the last decade to chase emerging technology, often by invoking the power of military revolutions, without evaluating how this new technology will change operational or strategic outcomes. This leads to high-expense technology that may provide tactical advantage, but that also creates extreme asymmetries of cost, thereby undermining strategic advantage. In campaigns of survival and persistence, the United States should invest in cheap and disposable technology in order to create mass and resiliency. This does not mean replacing expensive systems like aircraft carriers with swarms of cheap, off-the-shelf unmanned systems. Instead, it means complementing the inventory of exquisite and scarce systems with cheaper autonomous sensors, communications relays, munitions, and even missile-soaking platforms — all designed to create friction, slow down the adversary, and attack the certainty that underpins the first generation of network warfare.
Building Trust and Graceful Degradation
Finally, the IT-RMA is built upon the assumption that more information always leads to better outcomes. However, what we’ve seen over the last few years is that information can be weaponized and the proliferation of data sources combined with the manipulation of data can poison the reliability of the information that is so central to the IT-RMA. Effectively using information in warfare now requires not just the creation of large datasets, but the ability to interrogate them and make decisions in the face of uncertainty. This requires investments in both technical capabilities and human talent.
The Department of Defense cannot just invest in “hardened” systems designed to decrease access points. It should also invest in systems that can gracefully degrade in the face of information threats. Sometimes this will require systems that can switch between levels of autonomy. At other times, it will require investments in analog or paper processes that act as redundant back-ups so that operations can continue, albeit at lower effectiveness, when information networks are attacked.
The Department of Defense will also need to build human talent that can understand the assumptions built into AI and big data machines. Post-IT-RMA warfare will require soldiers, sailors, airmen, marines, and guardians to “get under the hood” of the data that their weapons rely on. They will need to troubleshoot data pipelines while in the fight and revert to low-tech options with the same confidence and capability as their pre-digital forefathers. In information security, practitioners often talk about “zero trust” — the idea that no user, hardware, or software is ever completely invulnerable to cyber intrusions. The Department of Defense is already moving to adopt zero-trust practices, but it should go further to also build trust between humans and their digitally enabled machines.
Victory in the post IT-RMA world is about resiliency and trust. The ability to persist over time, not simply to dominate in a moment, is what will ultimately deter adversaries from launching first strikes. IT-RMA theories of victory envisioned quick and overwhelming campaigns of long-range strikes. But such campaigns are rare. Moreover, the IT-RMA said little about what comes after the first volleys of a conflict. In a hypothetical conflict with a country like China, the United States is most likely to succeed if it can bear the economic and political costs over time.
Military revolutions were never just about chasing the next technology. They were always about experimentation and response. It’s time for the United States to adapt to the counter revolution, not simply update to the newest version of an already antiquated system.
Jacquelyn Schneider, Ph.D., is a Hoover Fellow at Stanford University, an affiliate at Stanford’s Center for International Security and Cooperation, and a non-resident fellow at the Naval War College’s Cyber and Innovation Policy Institute. Follow her on twitter @jackiegschneid.
Julia Macdonald, Ph.D., is a research professor at the University of Denver’s Korbel School of International Studies. Follow her on twitter @jumacdo.