The United States has officially defined “expeditionary cyberspace operations,” which involve a physical dimension to cyberattacks. This means that an actual human gains physical access to a piece of computing infrastructure as part of the attack. The definition is part of a revised version of Joint Publication 3-12 Cyberspace Operations, which was published in December 2022 and is only available to those with DoD common access cards.
Expeditionary cyberspace operations are necessary when remote access to a target is not possible or preferable and close proximity is required. These operations are key to addressing the challenge of closed networks and other systems that are virtually isolated. Expeditionary COs can be more regionally and tactically focused and can include units of the CMF or special operations forces. If direct access to the target is unavailable or undesired, sometimes a similar or partial effect can be created by indirect access using a related target that has higher-order effects on the desired target.
The ability to conduct expeditionary cyberspace operations allows for faster adaptation to rapidly changing needs and allows threats that initially manifest only in one area of responsibility to be mitigated globally in near real time. Some cyberspace capabilities that support this activity may need to be forward-deployed or used in multiple AORs simultaneously. In time-critical situations, they may be made available via reachback. This might involve augmentation or deployment of cyberspace capabilities to forces already forward or require expeditionary CO by deployment of a fully equipped team of personnel and capabilities.
The ability to conduct expeditionary cyberspace operations is a crucial element of national security policy. It allows for faster adaptation to changing needs and enables threats to be mitigated in near real time. The joint publication defines expeditionary cyberspace operations as those that require the deployment of cyberspace forces within the physical domains. These operations are often more regionally and tactically focused and can include units of the CMF or special operations forces. If direct access to the target is unavailable or undesired, sometimes a similar or partial effect can be created by indirect access using a related target that has higher-order effects on the desired target.