Computer network operations

Last updated

Computer network operations (CNO) is a broad term that has both military and civilian application. Conventional wisdom is that information is power, and more and more of the information necessary to make decisions is digitized and conveyed over an ever-expanding network of computers and other electronic devices. Computer network operations are deliberate actions taken to leverage and optimize these networks to improve human endeavor and enterprise or, in warfare, to gain information superiority and deny the enemy this enabling capability.

Contents

In the military domain

Within the United States military domain, CNO is considered one of five core capabilities under Information Operations (IO) Information Warfare. The other capabilities are Psychological Operations (PSYOP), Military Deception (MILDEC), Operations Security (OPSEC) and Electronic Warfare (EW). Other national military organizations may use different designations.

Computer Network Operations, in concert with electronic warfare (EW), is used primarily to disrupt, disable, degrade or deceive an enemy's command and control, thereby crippling the enemy's ability to make effective and timely decisions, while simultaneously protecting and preserving friendly command and control.

Types of military CNO

According to Joint Pub 3-13, CNO consists of computer network attack (CNA), computer network defense (CND) and computer network exploitation (CNE). [1]

See also

Related Research Articles

Electronic warfare (EW) is any action involving the use of the electromagnetic spectrum or directed energy to control the spectrum, attack an enemy, or impede enemy assaults. The purpose of electronic warfare is to deny the opponent the advantage of—and ensure friendly unimpeded access to—the EM spectrum. EW can be applied from air, sea, land, and/or space by crewed and uncrewed systems and can target communication, radar, or other military and civilian assets.

Information warfare (IW) is a concept involving the battlespace use and management of information and communication technology (ICT) in pursuit of a competitive advantage over an opponent. Information warfare is the manipulation of information trusted by a target without the target's awareness so that the target will make decisions against their interest but in the interest of the one conducting information warfare. As a result, it is not clear when information warfare begins, ends, and how strong or destructive it is. Information warfare may involve the collection of tactical information, assurance(s) that one's information is valid, spreading of propaganda or disinformation to demoralize or manipulate the enemy and the public, undermining the quality of the opposing force's information and denial of information-collection opportunities to opposing forces. Information warfare is closely linked to psychological warfare.

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

<span class="mw-page-title-main">NetOps</span>

NetOps is defined as the operational framework consisting of three essential tasks, Situational Awareness (SA), and Command & Control (C2) that the Commander (CDR) of US Strategic Command (USSTRATCOM), in coordination with DoD and Global NetOps Community, employs to operate, manage and defend the Global Information Grid (GIG) to ensure information superiority for the United States.

Joint Task Force-Global Network Operations (JTF-GNO) was a subordinate command of United States Strategic Command whose mission was to: direct the operation and defense of the Global Information Grid (GIG) across strategic, operational, and tactical boundaries in support of the US Department of Defense's full spectrum of war fighting, intelligence, and business operations.

<span class="mw-page-title-main">Cyberwarfare</span> Use of digital attacks against a nation

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

<span class="mw-page-title-main">U.S. critical infrastructure protection</span>

In the U.S., critical infrastructure protection (CIP) is a concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or the nation. The American Presidential directive PDD-63 of May 1998 set up a national program of "Critical Infrastructure Protection". In 2014 the NIST Cybersecurity Framework was published after further presidential directives.

<span class="mw-page-title-main">Command and control</span> Military exercise of authority by a commanding officer over assigned forces

Command and control is a "set of organizational and technical attributes and processes ... [that] employs human, physical, and information resources to solve problems and accomplish missions" to achieve the goals of an organization or enterprise, according to a 2015 definition by military scientists Marius Vassiliou, David S. Alberts, and Jonathan R. Agre. The term often refers to a military system.

Proactive cyber defence means acting in anticipation to oppose an attack through cyber and cognitive domains. Proactive cyber defence can be understood as options between offensive and defensive measures. It includes interdicting, disrupting or deterring an attack or a threat's preparation to attack, either pre-emptively or in self-defence. Common methods include cyber deception, attribution, threat hunting and adversarial pursuit. The mission of the pre-emptive and proactive operations is to conduct aggressive interception and disruption activities against an adversary using: psychological operations, managed information dissemination, precision targeting, information warfare operations, computer network exploitation, and other active threat reduction measures. The proactive defense strategy is meant to improve information collection by stimulating reactions of the threat agents and to provide strike options as well as to enhance operational preparation of the real or virtual battlespace. Proactive cyber defence can be a measure for detecting and obtaining information before a cyber attack, or it can also be impending cyber operation and be determining the origin of an operation that involves launching a pre-emptive, preventive, or cyber counter-operation.

<span class="mw-page-title-main">United States Cyber Command</span> Unified combatant command of the United States Armed Forces responsible for cyber operations

United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD's cyber expertise.

Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

Informatized warfare of China is the implementation of information warfare (IW) within the People's Liberation Army (PLA) and other organizations affiliated or controlled by the Chinese Communist Party (CCP). Laid out in the Chinese Defence White Paper of 2008, informatized warfare includes the utilization of information-based weapons and forces, including battlefield management systems, precision-strike capabilities, and technology-assisted command and control (C4ISR). However, some media and analyst report also uses the term to describe the political and espionage effort from the Chinese state.

Information Operations is a category of direct and indirect support operations for the United States Military. By definition in Joint Publication 3-13, "IO are described as the integrated employment of electronic warfare (EW), computer network operations (CNO), psychological operations (PSYOP), military deception (MILDEC), and operations security (OPSEC), in concert with specified supporting and related capabilities, to influence, disrupt, corrupt or usurp adversarial human and automated decision making while protecting our own." Information Operations (IO) are actions taken to affect adversary information and information systems while defending one's own information and information systems. In the U.S. Navy, information operations are often supervised by a Navy Information Operations Command (NIOC), for example in the United States Tenth Fleet which has several NIOCs.

<span class="mw-page-title-main">Cyberattack</span> Attack on a computer system

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).

<span class="mw-page-title-main">Counter-IED efforts</span>

Counter-IED efforts are done primarily by military and law enforcement with the assistance of the diplomatic and financial communities. It involves a comprehensive approach of countering the threat networks that employ improvised explosive devices (IEDs), defeating the devices themselves, and training others. Counter-IED, or C-IED, is usually part of a broader counter-terrorism, counter-insurgency, or law enforcement effort. Because IEDs are a subset of a number of forms of asymmetric warfare used by insurgents and terrorists, C-IED activities are principally against adversaries and not only against IEDs. C-IED treats the IED as a systemic problem and aims to defeat the IED threat networks themselves.

The term kill chain is a military concept which identifies the structure of an attack. It consists of:

<span class="mw-page-title-main">Sentry Eagle</span>

Sentry Eagle, the National Initiative Protection Program, is a compartmented program of the National Security Agency's (NSA) Central Security Service (CSS) and the US Strategic Command Joint Functional Component Command - Network Warfare (JFCC-NW). Its existence was revealed during the 2013 global surveillance disclosure by Edward Snowden.

The Fourth Department (4PLA) of the Chinese People's Liberation Army Joint Staff Department (JSD) is also known as the Electronic Countermeasures and Radar Department.

<span class="mw-page-title-main">151st Theater Information Operations Group</span> Military unit

The 151st Theater Information Operations Group, or 151st TIOG, is an Information Operations formation of the United States Army Reserve, headquartered at Fort Totten, New York. Founded in 2009, the 151st TIOG is the only Theater Information Operations Group in the U.S. Army Reserve. It is composed mostly of Army Reserve Soldiers in two battalions based out of Parks Reserve Forces Training Area, Fort George G. Meade, and Fort Totten. The current commander is Colonel Marlene Markotan, who assumed command in July 2019.

The Third Department (3PLA) of the People's Liberation Army Joint Staff Department is responsible for China's military computer network operations (CNO) and signals intelligence (SIGINT) operations. It is the Chinese equivalent of the United States' National Security Agency or British GCHQ.

References