1. Introduction

Cyber sovereignty for a nation is of a high priority due to information being a strategic resource. Denial of Service (DOS) attacks will hamper telecommunication, industry, economy, government and the military. Cybersecurity for a nation is important to ensure for the safety of a nation's critical infrastructure and to ensure that information based processes are not compromised. A nation has to maintain its cyber sovereignty by protecting itself from a cyber-onslaught by an adversary nation, cyber terrorism and cyber-crime. The status quo for a nation is to maintain cyber peace both internally and with its allies. The military has an objective to protect and defend against a cyber-attack from an adversary nation and to launch offensive cyber-attacks in times of war. This is to gain a comparative and sizable initiative within the battle space to ensure own forces freedom of action and eventual victory.

In many academic papers and books, "cyber warfare" with respect to the military has been associated within the realm of the Information Warfare (IW) domain, broadly seen as the fifth dimension of warfare that takes place inside the info sphere (Lonsdale 2004), (Welsh 2014). The definition of cyber warfare however, has been widely discussed; and for the purpose of this paper the definition that will be used is as defined by security expert Richard A. Clarke: "Actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption" (Clarke & Knake 2010).

A widely accepted definition of the term "cyber warrior: is not available yet. For the purpose of this paper the definition by Technopedia & Janssen is used: their definition defines a cyber warrior as an expert who engages in cyber warfare, whether for personal reasons or out of patriotic or religious belief. cyber warriors' roles differ but they will mainly defend computer and information system or attack other computers and information systems through hacking (Technopedia & Janssen).

Non-state actors are also classified as cyber armies. They are hired by governments, militaries, or the private sector and receive a financial fee for such actions (Carafano 2013). For the purpose of this study a cyber army will consist of cyber warriors including military and non-state actors.

This paper focuses on the conceptual understanding of a cyber army within a military force and a high level structure will be proposed for a cyber army. In Section 2, an overview of cyber armies is given. Some examples from the history of attacks by cyber armies and non-state actors are made visible and the types of cyber targets are depicted (Section 3). Section 4 discusses the challenges of integrating non-state actors in military cyber armies. The authors compare three different nations and describe, on a high level, their approach and military missions in Section 4. A high level structure with the authors' approach to training and recruitment of cyber warriors is discussed in Section 6. Furthermore, the benefits of having a cyber army within a military force are discussed as well as how national security and strategic advantage can be achieved by a nation using a cyber army.

2. Background of cyber army

For this paper it is important to understand the generations of warfare as discussed by (Lind, Nightengale, Schmitt, Joseph, & Wilson 1989) First Generation: The tactics of line and column i.e., the line with maximum fire power wins; Second Generation: Based on fire and movement i.e., massed firepower replaced mass manpower; Third generation: Based on maneuver rather than attrition i.e., non-linear conflict, outwitting the enemy; and Fourth Generation: Includes the whole of the enemies society, not just the military i.e., this leans towards a terrorism and guerrilla ideology where one does not know who or where the enemy is. With this in mind, from a conventional point of view, an urban and guerrilla style of combat will be needed with a high dependency of reliable intelligence for militaries to act quickly against an enemy by means of speed, initiative, flexibility, and the use of pre-emptive strikes deep in the enemy's heartland. "Today's military commander must have an understanding of his cyber footprint that is every bit as sophisticated as his knowledge of the terrain, the forces at his disposal and the makeup of the enemy." (Carafano 2013).

2.1 How cyber armies assist military forces

Military forces exist to protect the sovereignty and integrity of a nation including its civil society against an adversary nation state whose intentions are malevolent. The generations of warfare and militaries have evolved and have made extensive use of technology to implement and adapt different ways, means and ends to achieve the military intention which is directly in line with the nation states' political objective according to the theory of warfare from Clausewitz theory of Trinity (Bassford & Villacres 1995). This theory is based on the following tendencies: emotion - violence and hatred are related to the blind natural force within humans; chance is the creative spirit that provides the possibility of victory, for violence or political gain as a political instrument. These tendencies are interlinked within each other and are focused on the people, the military and the government. The passions that are to be kindled in war must already be inherent in the people. (Bassford & Villacres 1995). If these passions are broken down in a nation state, the nation state will be brought into chaos and mayhem. Adapting Clausewitz's statement that "War is an act of force to compel our enemy to do our will", cyber war will be to destroy, deny access, exploit a nations critical infrastructure resulting in the disabling of command and control between government, people and the military and hence impose one's will on the adversary state. This can also be done by using parallel warfare and simultaneous striking at the military, people and government so as to achieve the desired result (Sharma 2010). Many nations depend extensively on technology for communication and it is a necessity for the military and the government. Denying communication to a nation will indirectly sever the unity of a nation.

A military cyber army is a highly skilled information technology group of soldiers i.e., "cyber warriors" who have a vast understanding of cyber skills, are able to defend military and strategic government critical infrastructure, and can launch cyber-attacks. Cyber defence in the military includes a defensive role that ensures that the military and government computer networks are secured and neither are compromised via internal or external threats. The offensive role includes the proactive and reactive launch of offensive cyber-attacks using cyber weapons against adversaries, to destroy, exploit, corrupt, or collect information for intelligence. A cyber army's mission is to fulfill these roles for the military. The cyber army could give the decisive edge on the battlefield with regards to information collection, hardening of technology, and communication computer systems within the military and government cyberspace to execute cyber defence and launch cyber offensive attacks against an adversary nation.

2.2 Cyber armies' strategic value to a nation state

A cyber army will be able to add value to a nation state by aiding in establishing strategic direction with regards to the development of cyber policy and cyber strategy. It will have the capability to effectively safeguard national critical infrastructures, and to execute and contribute to the national cyber threat analyses. Cyber armies will also be able to aid in securing the national cyber space to ensure cyber peace. Cyber armies will develop cyber weapons and capability to react quickly to cyber threats and execute proactive cyber policing of the incoming and outgoing data within military and government networks and develop cyber-attack prediction portfolios.

2.3 Legality of cyber armies

The legitimacy for nation states to have a cyber army in their military is justified due to the threat of the global explosion of cyber space. A nation state has the right to protect itself and defend itself from another nation state if attacked via a cyber-attack. The biggest problem is to determine when a cyber-attack will change into war and how to establish attribution: who the aggressor was. Detailed planning to launch a cyber-attack against a nation state is vital, thus the collection of information is critical and the convergence to intelligence is vital. Cyber armies must be seen as legitimate within a nation states' strategic military arsenal in which control and defence of a nation's cyber infrastructure can be safe guarded against malicious intent. Research and development and offensive capabilities are also fundamental within a cyber army.

The Tallinn Manual on International Law applicable to Cyber Warfare (Schmitt 2013) was initialised by the NATO Cooperative Cyber Defence Centre of Excellence via a group of legal experts. This manual has currently not been adopted internationally. The manual pertains exclusively to Cyber Warfare and includes the law of armed conflict, rules of engagement and the Geneva conventions that most nations adhere to in times of conflict and military intervention. There are 95 rules that range from sovereignty, jurisdiction and control to the use of force, self defence, attacks, espionage, blockades and zones, as well as objects that are indispensable to the survival of the civilian population. The manual emphasises cyber to cyber operations as well as both international and non-international armed cyber conflict; when to launch a cyber-attack on a nation's critical infrastructure or to target an enemy's command and control system. This manual does not discuss a kinetic attack to cyber-attack i.e., precision bombing on a cyber centre (Schmitt 2013). There has, however, been a call for nations to adopt a common universal law and understanding on what the rules should be to conduct cyber operations against other nations. Although most nation states have not adopted a universal cyber law yet, they have implemented cyber policies and internal cyber laws within their nations.

2.4 Cyber army operations

A logical deduction on how cyber armies operate in general is that there needs to be a target or an objective, strategically identified, of which the attack or defensive target tree is drafted with contingencies. Techniques, Tactics and Procedures (TTPs) are then used to collect information by means of various software tools, or techniques i.e., phishing and spear phishing attacks, Advanced Persistent Threats (APTs) or rouge applications or patches are deployed. From there, cyber weapons are deployed stealthily so as to execute the desired effect i.e., a zero day exploits, malicious code etc. After the desired effect is reached, cyber weapons can be destroyed or reused, if not detected. When detected, re-planning and development of an alternative attack or a defensive target tree is to be appreciated, or else revert to a contingency. Thereafter, the cyber operation is complete.

3. Non state actor cyber armies

Non-state actors (independent hackers) launch cyber offence and defensive actions. They are hired by governments, military forces, or the private sector for such actions and receive a financial fee (Carafano 2013). Non-state actors fight for their beliefs or financial gain and execute attacks independently against nations or private organisations as a cyber army outside of the military or government's authority. Non-state actors do not necessarily follow the same methods to identify the target as the TTP used by the military and are also often more trusted by Internet users (Rattray & Healey 2011).

3.1 Examples of cyber-armies of non-state actors

The most prominent cyber armies of non-state actors currently active are discussed by Sameer Siddiqui (Siddiqui 2013). Some of them are:

* Pakistan Cyber Army (PCA): A small but very talented army.

* Bangladesh Cyber Army: An army that hacked the Central Bureau of Investigation of India and several websites from schools and the media.

* 3xp1r3 Cyber Army: A Bangladesh group focusing on the United States (US) defaced websites by including the following message: "Protest against the Shit Movie 'Innocence of Muslims' created by U.S. agencies".

* K9 Network Cyber Army: This is one of the smallest but most dangerous cyber-armies. It focuses on defacing USA websites and porn websites.

* Indishell: India has also developed its own cyber army (non-state actors) to counteract the numerous attacks by Pakistan and Bangladesh. It is a collection of the best hackers, using ordinary IT equipment. They are the most secretive cyber gangs ever formed in the history of the internet.

* MI6 Hackers Team: A United Kingdom (UK) based team that has some of the best hackers in the world. They hacked the Al-Qaeda website and replaced the bomb-making recipe with cupcake recipes.

* Team Poison: The Child of ZCompany Hacking Crew, a gang consisting of less than 10 people was founded in 2008 by a 16 year old hacker. This cyber gang is one of the most notorious gangs in the history of internet.

* Anonymous: They originated from the 4chan image board website and describe themselves as "an internet gathering" with "a very loose and decentralized command structure that operates on ideas rather than directives". Anonymous has member who strongly oppose Internet censorship and surveillance. They were awarded as the most influential group by Time magazine. The DDoS attacks by Anonymous are performed by using Low Orbit Ion Cannon software, which users willingly download. This download sends stress signals to the destination directed by Anonymous. One of their biggest attacks is "OpIsrael". Anonymous protested what they called the "barbaric, brutal and despicable treatment of the Palestinian people by the Israel".

* Israeli hack teams: They were on the news for hacking anonymous websites and hurting members of Anonymous. Hackers operating under the name of "Israeli Elite" broke into websites in Pakistan and installed images of Israeli Defence Force soldiers and the Israeli flag.

Others as mentioned by Time Magazine (July 21, 2014) includes Exodus Intelligence (US), Vupen (based in the south of France), Revuln in Malta; Netragard in the US, and Telus in Canada. Also mentioned is EndGame, iDefence, TippingPoint, and NSS Labs (Grossman 2014).

4. Holistic comparison between three military cyber-armies in the world

4.1 United States cyber command

The US Cyber Command's sole mission is the defence of cyberspace, outside the traditional battlefields of land, sea, air and space. They will attempt to find, and when necessary, neutralise cyber-attacks to defend military computer networks (Ventre 2013). This will be executed by means of the defensive approach by the Information Assurance (IA) grouping, which in the U.S. military is regarded as an information operation that protects and defends information systems by ensuring availability, integrity, authentication, confidentiality and non-repudiation with methods of protection, detection and reaction. IA is made up of computer security and communication security, also known as "INFOSEC". Communication security "COMSEC" also includes cryptography. The Offensive approach namely Computer Network Attack (CNA) is to disrupt, prohibit access to, deteriorate, destroy and steal information contained in computers, carried by computer networks or targeting computer networks (Ventre 2013). The U.S. Cyber command has an estimated 88 169 cybersecurity experts currently which are divided within the armed forces. (Joshi 2013). The functional component of the U.S. Cyber Command at Fort Meade includes Plans, coordinates, integrates, synchronises, and conducts activities to:

* direct the operations and defence of specified Department of Defence (DOD) information networks and;

* prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to their adversaries (U. S. Strategic Command 2014).

US Cyber Command is composed of several service components as well as units from military services that will provide joint services to Cyber Command. The cyber command is under direct strategic command of the Joint Chiefs of Staff (Space and Naval Warfare Systems Command & Van Houten 2010). The higher level structure is given in Figure 1. Cyber mission forces include three types of teams: National Mission Teams, Combat Mission Teams and Cyber Protection Teams.

In addition, the US Government also makes use of non-state actors, for example companies such as Endgame, Exodus, Vupen and NSS labs supply information on vulnerabilities. According to information released by the Edward Snowden leaks, the NSA budget at that stage included $25 million for covert purchases of software (Grossman 2014).

4.2 China

China's approach in the 1990s was to control information flow in the cyber space (which has not changed significantly until present) and is different from the USA or western world's approach which favours attack and destruction (Ventre 2013). This led to "The Great Firewall of China" (another name is Project Golden Shield) which is a concept of monitoring and filtering every packet of data, URL filtering and so on, that enters and exits China's national cyber infrastructure. This started in 1998 and became operational in November 2003 (Pingp 2011) China currently has approximately 125 000 cyber security experts consisting of 30 000 regular troops of the Chinese People's Liberation Army (PLA), 60 000 specialists from various universities, research institutes and states enterprises, and 35 000 militia, i.e. non-state players (Joshi 2013).

The PLA cyber command is situated in the PLA General Staff department which is the most senior PLA department. The GSD 3rd Department has it focus on signal intelligence, foreign languages and defence information systems with an approximate personnel of 125 000 which is divided into 12 bureau's and three research institutes in 16 regions. The Communist Party of China (CPC) (government) already tasked the PLA to execute cyber espionage and data theft around the world (The Mandiant Intelligence Center 2013). Unit 61398 is under command of the 2nd Bureau, which is tasked with computer network operations, targeting organisations that are primarily English. Attacks that have been suspected to come from China lead to a quote from the Chinese Defence Ministry in January 2013: "It is unprofessional and groundless to accuse the Chinese military of launching cyber-attacks without conclusive evidence". Although there is no assurance whether or not the CPC or the PLA has knowledge of attacks, is clear that China do have a cyber army capability and a number of cyber warriors and cyber weapon capabilities.

4.3 India

India's approach to cyber warfare is to make use of a national register; named the National Security Database (NSD) that focuses on the capture and registration of trained IT and cyber security specialists in India. This expertise register for "white hackers" can be used by the Indian military to recruit when needed for execution of cyber operations with a small cyber military component that manages and plans cyber actions for the military. It is illegal to hack in India so it is not clear what the military will do if the Indian cyber sovereignty was compromised (Ventre 2013).

India's approach as a nation is to have a massively strong defensive computer network and it has a number of Cyber Emergency response teams (CERTs) to stop rouge hackers, non-state actors or other cyber-armies from penetrating the Indian cyber space. The Indian military has drafted a doctrine which is currently in place with regards to cyber operations. However, it is currently more reactive to cyber-attacks than having a proactive approach to cyber operations (Ventre 2013). The Department of Electronic and Information Technology DEITy has decided to recruit 4 446 cybersecurity experts for the operating and maintenance of the Indian cybersecurity infrastructure. DEITy consists of various other departments and of these posts 1887 posts will go to the Indian armed forces (Joshi 2013). Currently India only has 556 security experts. Although the Indian cyber army structure is not known, the authors drafted a possible structure as shown in Figure 3.

4.4 Challenges with integrating non-state actors into military cyber armies

Not all non-state actors engage in irregular warfare in cyber space but governments may profitably borrow insights and methods from irregular warfare and counter insurgency (Rattray & Healey 2011). The use of nonstate actors can be seen as an opportunity or quick fix for a military to gain a cyber army, but can be risky and a costly business (Carafano 2013). Some of the challenges with using non-state actors as part of a military cyber operation can be trust issues. Non-state actors perform attacks not only for financial gain, but also for retaliation or revenge depending on their beliefs, and patriotism. There are different options: non-state actors can be limited to the support the home front or can have a more direct role as combatants in the irregular Warfare Approach (Rattray & Healey 2011).

Another consideration is the full dependence of military forces on non-state actors for assistance as opposed to the military being able to skill and maintain cyber experts for years to come using outsourcing only as a possible short term solution. These are the questions nations have to decide upon. A possible solution is to set up a reliable trusted network of non-state actors. Within the guidelines of a military culture, non-state actors should have the same will and beliefs of the nation state, so that there is an understanding of the end state or the intention of the military force of this nation state. A suggested occupational dispensation for their skills and cyber knowledge could be a solution, however, this will be costly.

Hackers, including people that have previous misdemeanors and criminal records, are currently been recruited in different countries. However, there are challenges especially in the U.S. Defence Force with regard to the vetting (security clearance) of cyber warriors which has become a challenge. The challenge for military cyber armies is to achieve a standard or level of education and skills similar to that of the hacker. This is because most of the time a hacker is self-taught, with a passion to prove to other hackers that he/she can execute a hack, thereby gaining self-status. Skill levels within the educational systems globally will have to adapt their standards to facilitate these qualities for cyber defence. Implementation of curriculum will be a challenge due to the ever-changing technology, but a basic hack guideline on what is required for cyber defence and cyber offence is to be drafted. This will also be contained within different nations due to the fact that military cyber capabilities will be kept secret.

5. Proposed structures for African cyber armies

The concept of an integrated approach in having a cyber army within the African military is to be seen as a strategic asset of a nation. The dimensions for the African military have been to maintain and safeguard the territorial sovereignty of the nation state namely its land, sea, air, space and now (info sphere) cyber space. The modern day battle field has now shifted to a view of precision bombing and minimal casualties, especially civilians so as to have the desired result but with minimal loss of life and damage to property. Integrating conventional forces with a cyber army, will allow for the defensive and offensive cyber capability to enhance conventional forces. In addition, a cyber army will add to the intelligence component by means of collecting relevant information for situational awareness to decision makers on the battle field. Military and government information infrastructure can be protected from attacks and if necessary, adversary nation state critical infrastructure and information based processes can be attacked by the cyber offensive army. Exercises done by cyber red and blue teams (red being the penetration or attack team and blue being the defensive team) will also have a positive impact within a nation state as this will ensure that computer networks are healthy. If a nation state's red and blue teams can penetrate their own systems, there is a possibility that an adversary nation will also be able to do it. An examples of such exercises in NATO is the cyber war games named Exercises Locked Shield (NATO Cooperative Cyber Defence Centre of Excellence 2014). An integrated approach for the establishment of a cyber army for African Countries is reflected in in Figure 4.

5.1 Considerations for forming a African cyber army

The following considerations are to be taken into account when forming a cyber army:

* Cyber threat to the nation and vulnerability analysis.

* Cyber defensive and offensive policy, strategy and legislation.

* Cyber readiness of the nation state.

* Connectivity and cyber space of a nation.

* Cyber skill levels and cyber researchers.

* Cyber educational level in secondary and tertiary facilities.

* Cyber weapon development and funding.

* Co-operation between the security cluster and judicial departments, buy in and top cover from government.

* Recruitment of possible external and internal specialists, and the holistic profile of people to be recruited.

With the above in mind there is a need for government support on strategic level to ensure one understanding of what is expected of a cyber army as well as its mandate, role and functions.

5.2 Proposed roles and functions of an African cyber army

The role of the cyber army for an African nation will be the protection of cyber sovereignty of the nation state, specifically for the protection of the military, government and civilian cyber infrastructure. The functions of the cyber army will be:

* Policy, strategy, doctrine and governance of cyber army.

* Establishment of a centralised cyber command capability.

* Ability to research and develop within the cyber environment.

* Building offensive and defensive cyber capabilities.

* Execute encryption and crypto analysis.

* Sustainment of the cyber command capabilities, planning, coordination and execution of cyber operations (offensive and defensive).

* Liaison between role-players from the cybersecurity cluster.

* Intelligence collection and analysis in the cyber domain.

* Employment of cyber warriors.

* Training and capacity building of cyber warriors.

* Collaboration with external cyber specialists.

These functions will allow for a cyber army to have direction and purpose within a military organisation. A proposed high-level structure for a cyber army is depicted in Figure 5.

The African cyber army must be under strategic military command to comply with the fundamental composition and elements of a cyber army to ensure strategic direction. Cyber defence will be a huge investment for African nations due to the necessity to develop defensive technologies and offensive cyber weapons. The cyber operations centre component must have the following elements:

* the defensive component which must be able to execute cyber defence within the military and government and that is linked to a cybersecurity policy and the national cyber defence infrastructure;

* the offensive component is a valuable military resource used as a platform to launch cyber offensive operations; and

* encryption and crypto analysis are vital to secure the military and governments incoming and outgoing classified information.

The cyber intelligence component is vital for the collection and analysis of the cyber space to provide a view on the cyber threats and vulnerabilities against a African nation state. The International Monetary Fund (IMF) reported in 2013 that here is a ICT skills shortage internationally as well as in Africa (Tredger 2013). This lack in information security skills in Africa was confirmed by Gartner in 2014 (Shetty 2014). The Employment and Skills Group (ESG) report indicated that there is a problematic shortage of more than 25% of cybersecurity Skills throughout all the sectors (Oltsik 2014). Rand Corporation indicated that the nationwide shortage of cybersecurity professionals particularly within the US federal government (which does not offer salaries as high as the private sector) creates risks for national and homeland security in the US (Libicki 2014). Research by the authors indicates that this is also the case in Africa. It is thus essential to make use of non-state actors as part of a cyber army due to the lack of information security skills in Africa.

5.3 Benefits and strategic advantage of an African cyber army

A cyber army (Cyber Command) for an African nation state will be an extension of the nation's military power to close the gap of the fifth dimension the Info sphere. It will enhance the defending and protection of the technological realm and the cyber space of the nation, and be able to offensively fend off a cyber-onslaught from an adversary nation. The strategic benefit will be the safeguarding of the nation's national cyber sovereignty and the ability to retaliate against cyber attacks. It will aid in the economical upliftment of the nation due to a safe national cyber space, home grown technological development in cyber defence and offensive cyber weapons.

6. Conclusion

Cyber armies will have a significant role to play within the fourth generation of military warfare and development in today's modern day era of warfare. CIA official Cofer Black stated at the Black Hat conference in Las Vegas 2011 that "You had the Cold War, the global war on terrorism... now you have the Code War", and added "The Stuxnet attack is the Rubicon of our future" (Chapman 2011). The concept of a cyber command with its defensive, offensive and research and development capabilities will allow for military networks as well as strategic government networks to be defended and protected against a cyber-attack. The collection of information will be vital for commanders to have situational awareness within the battle field. From a national intelligence perspective, reliable data is needed which can be verified and utilised effectively.

A cyber army for African countries will be an asset to a military force due to the tremendous advancements in technology within the battle space. Cyber warfare is a reality and it will gain a strategic advantage for any nation that has cyber skills, structures, and cyber weapon research and development in place. The African cyber armies will be able to defend and attack adversaries from the tactical level right through to the national strategically level. However, international cyber law is also to be kept in mind when launching offensive cyber-attacks. Nation states need to come to a resolution in which there should be a cyber-treaty signed in order to pursue cyber peace globally.

The resources from which a cyber army can recruit candidates will be challenging and there is a need for cyber education to be implemented from primary to tertiary level with a specialised cybersecurity Centre of Excellence to be established. The recruitment and profiling of non-state actors will need to be clarified and understood within a military context with regards to the security clearance and utilisation thereof. Cyber warfare is a reality and it is important that there is a cyber army implemented in the African states military with a mandate to execute defensive and offensive actions. A cyber army will ensure that the surfaces and gaps in the cyber space are contained for African nation states to be able to ensure cyber sovereignty. Thus the recommendation is that African nation states need to invest in enabling a cyber army in a military so as to gain a favourable advantage on the battle field and to have a strong defensive national cyber space. Quoted "Cyber is a key enabler of Information Warfare and unlocks Pandora's Box on the battle field" (Wilhelm 2012).