Asynchronous Warfare, Part 2: Strategy and Phases

Asynchronous Warfare, Part 2: Strategy and Phases

By Dr. Dennis Prange, edited by Andy Norton

NOTE: This is part 2 of a 4-part series on Asynchronous Warfare. Please watch for other segments over the next several weeks.

In part 1 of this blog series, we described the roots of the cyberwar that we’re already fighting, which lie in proven, historic conventional warfare tactics that give the advantage to what appears to be an underpowered enemy. In today’s post, we describe the strategy behind asynchronous warfare usage and the three phases of protracted conflict that lead to ultimate victory.

Asynchronous Warfare Strategy

A well-executed asynchronous warfare strategy, as applied to conventional warfare, breaks into the enemy’s OODA-Loop on all four levels of military theory: tactical, operational, strategic, and grand strategic.

Tactical: Through a system of decentralized (localized) command and control, the insurgents are regularly better informed and much more flexible than the conventional defenders with their cumbersome hierarchical organization and can choose time and place of encounters. This, in theory, can also work in reverse, where the defenders are the ones applying asynchronous strategy and it’s the attackers who rely on conventional methods.

Operational: For the same reason, the insurgents easily avoid large troop concentrations. Preparations for big unit operations never go unnoticed, involve many people potentially leaking information and their intentions are usually easy to grasp. While the conventional actor, therefore, tries to orient himself regarding the positions where insurgents are to be expected, they have usually already changed positions.

Strategic: Asynchronous warfare replaces the conventional focus on active destruction through concentrated firepower with permanent attrition of the enemy. It shifts the key segment of war from the (often idealized idea) of a decisive battle to a much longer phase of constant disintegration, to “death by a thousand cuts.” This, however, means that the corpus of causal mechanisms in military theory has to be transformed from a principle of effectiveness (greater firepower) to one that pays premium attention to efficiency (relatively better cost-benefit ratio).1 This mosaic approach to conflict in the cybersphere prompted the NSA deputy director George Barnes to recently state that rather than one, devastating cyberattack, there has been a “slow drip” of “continual theft of intellectual property from our industries.”2

The loveliest trick of the Devil is to persuade you that he does not exist!” Charles Baudelaire

Grand strategic: The major challenge from the perspective of Western grand strategic thought when facing an asynchronous warfare strategy lies in the adaptation of the concept of threat. Because from a Western perspective, war (and therefore a perception of existential threat) really only begins with large-scale physical destruction and – especially important in liberal political thought – with people dying in unusually large numbers. Liberalism tends to pigeonhole other, lesser forms of political aggression into the rubric of criminal offenses. This, however, is a recipe for disaster in an asynchronous conflict whose general aim it is to avoid large scale operations and instead destroy the function of the political system3 while operating “below the threshold level of war.”4 The decisive phases of a protracted or asynchronous war, in other words, often take place long before Western analysts would recognize an existential threat.

Instead of measuring threats in terms of potential deaths, therefore, the more reasonable way to measure them would be the degree to which systemic function is impeded – that is, whether an attacked system is still able to function properly. Given that the orderly function of our societal systems and subsystems is the core requirement for the stability of our complex societies, the collapse of these systems can lead to chaotic circumstances (and then potentially to the death of many).

A Three-Phased Approach

Any stable geopolitical state is based on trust between the government and the citizens on whose resources and compliance the state depends. In a nutshell, asynchronous warfare strategy is structured in three phases, all of which combine physical and perceptional means to destroy this trust. Each phase exploits specific vulnerabilities of the attacked and thereby prepares the “battlefield” for the next phase long before it actually materializes. Each phase also is a fallback position in case the actions on a certain level are unsuccessful.

We start by describing each phase as it works in a physical war where the goal is to take control of a geographic area. In parts 3 and 4 of this blog series, we will see how this strategy and these three phases work in cyber warfare.

First Phase: Subversion of Political Trust

In the first phase, the aim is to identify disaffected groups that oftentimes can be found on the political fringes of society.5 The actual political positions of these groups are mostly unimportant, relevant is only their potential for mobilization against the current order. Agitation specialists are sent to these groups, whose purpose is to further mentally separate their members from the state.6 If the agitation proves successful, these groups are used to establish cells of a nascent covert insurgent infrastructure7, providing in-country intelligence, personnel, and material resources for the attacking side.

Once the infrastructure is sufficiently settled, the first public actions are planned and executed. Their aim is to spread doubts about the government in an increasingly larger share of the population. For that end, political discord – which can be found lying dormant in any society – is fostered and intensified by occupying topics of general interest. The main interest is to depict the government as unjust and illegitimate.

The next step is to identify persons and institutions that symbolize the power of the attacked political entity. Preferred targets are politicians and members of the security apparatus and their respective agencies. By harming them, the attackers demonstrate to the public that the authorities are incapable of protecting even these beacons of their government.

Second Phase: Bleeding The Enemy White

In the wake of the first successful operations, the ranks of the insurgents swell and even more, operations can be executed. In due course, the attacker starts a plethora of violent incidents. They metastasize like a cancer in the territory of the defender who usually is quickly overwhelmed by the requirement to secure so many objects and areas at the same time. Attack operations are carefully planned to make sure that the attacked are outnumbered and that reinforcements for the defenders arrive only after the fight is over. Again, timing is a crucial element: if the defender would be able to prepare for the attack, the lightly equipped attackers would not stand a chance.

Since the defender cannot position troops everywhere at the same time, sooner or later he finds himself in a real dilemma: if he tries to defend against all possible attacks, his forces are overstretched and he can defend nothing effectively. If he abstains from defending his symbols of power, in contrast, he highlights his helplessness and loses the trust and compliance of its citizens (or stakeholders) in its capability to protect them. As a consequence, a defender usually concentrates his forces in the more relevant areas of his territory, especially the capital, thereby exposing less critical areas of his territory to the enemy, which quickly begins to fill the void and establish overt control of the area. The attacker now can start to set up more conventional forces with better training and equipment that carry a heavier punch.

For the defender, a vicious cycle starts: ever heavier equipped formations of the attacker can take hold of increasingly more symbolic assets, forcing the defender to further concentrate his forces around his symbolic core. As a consequence, the attacker can seize increasingly bigger parts of the defended territory. He can also start to mount more intensive attacks to actively deplete the ranks of security forces and to shatter their morale. Sooner or later, the resources of the defender begin to dwindle, as does the trust of the population in his eventual victory. Citizens will start to wonder if it would not be wise to come to an arrangement with the attacker – the defender loses his political power and thereby access to the resources of the population.

Third Phase: Coup De Grace

The main – as a matter of fact, the only – application of large-scale conventional warfare is in phase III when the attacker is completing the takeover of the country or territory being attacked. However, in a protracted war the third phase only begins when the attrition of the defender is already so profound that he does not stand a real chance of winning anymore. The conventional fighting is only intended to wear down the remnants of his armed forces and to finish the war as quickly as possible.

NEXT: Part 3 – Asynchronous Warfare 2.0: How these strategies and phases apply to cyberwarfare.

Download the entire Asynchronous Warfare white paper, which includes all 4 parts of this blog post series.



1 Oral evidence: Russia: Implications for UK Defence and Security, HC 763, House of Commons Defence Committee, 1 March 2016,;


3 Barno, David and Bensahel, Nora: Fighting and Winning in the “Grey Zone”, War On The Rocks, 19 May 2015,

4; Charles Baudelaire, “The Generous Gambler”

5 Rick Noack: The European Parties accused of being influenced by Russia, The Washington Post, 17 November 2017,; Alina Polyakova, Markos Kounalakis, Antonis Klapsis, Luigi Sergio Germani, Jacopo Iacoboni, Francisco
de Borja Lasheras, and Nicolás de Pedro: The Kremlin’s Trojan Horses, Atlantic Council Eurasia Center, November 2017,; Ronald Brownstein: Putin and the Populists, The Atlantic, 6 January 2017,

6 According to the glossary of information security terms of the Russian General Staff Military Academy, agitation is understood as influencing people or groups of people on an emotional level with the aim of prompting them to conduct specific actions. Dictionary of terms and definitions in the field of information security, Russian General Staff Military Academy, 2nd Edition, Moscow Voyeninform, 2008, p. 6.

7 Jeffrey V. Dickey; Thomas B. Everett; Zane M. Galvach; Matthew J. Mesko; Anton V. Soltis: Russian political warfare: origin, evolution, and application, Naval Postgraduate School, Monterey, June 2015, p. 24-5,

Dr. Bjoern Dennis Prange

Dr. Bjoern Dennis Prange

In his role as Research Fellow and Analyst at various think tanks he has briefed many senior members of staff on Capitol Hill on transatlantic political affairs, security policy, applied research desiderates on questions of strategic vulnerabilities in the cyber realm, conducting international corporate investigations, He is the Deputy District Chair for the Foreign and Defense Policy, Munich Working Group, and a member of the German Council on Foreign Relations (DGAP), German Atlantic Society (DAG), and the Clausewitz Network for Strategic Studies. Dr. Prange completed his thesis “The War of Organizations – An Exploration of the Influence of Organization on the Success of Armed Forces in Hybrid Warfare.”The thesis provides a framework for methodically analyzing strategic security threats for large organizations that are faced with decentralized, highly adaptable aggressors.
Dr. Bjoern Dennis Prange
Andy Norton

Andy Norton

Andy has been involved in cyber security best practice for over 20 years, specializing in establishing emerging security technologies at Symantec, Cisco and FireEye. In that time, he has presented threat and intelligence briefings for both Bush and Obama administrations, The Cabinet office, the Foreign and Commonwealth office, SWIFT, Swiss National Bank, Prudential Regulation Authority, the Bank of England, The Hong Kong Monetary Authority and NASA. Returning to Europe from Asia in 2011, he has spent the past 5 years helping many of the FTSE 250 companies measure, manage and respond to cyber incidents.
Andy Norton