Student Text Flashcards
National Security Strategy (NSS)
The highest level of strategic planning
What document is the National Defense Strategy derived from?
National Security Strategy (NSS)
What is the legal foundation for the National Security Strategy?
Goldwater-Nichols Act of 1986
National Defense Strategy (NDS)
Establishes overarching defense objectives that guide DoD security activities and provide direction for National Military Strategy (classified)
What are the two main goals of the NDS?
- To restore America’s competitive edge by blocking global rivals Russia and China from challenging the U.S. and our allies
- To keep those rivals from throwing the current national order out of balance
What are the three lines of effort in the NDS?
- Build a more lethal force
- Strengthen alliances and find new partners
- Reform the Department
National Military Strategy (NMS)
Briefly outlines the strategic aims of the armed services and describes ways and means to achieve the military objectives
What is the NMS’s chief source of guidance?
National Security Strategy
What are the NMS mission areas?
- Respond to threats
- Deter strategic attack (and proliferation of WMD)
- Deter conventional attack
- Assure allies and partners
- Compete below the level of armed conflict (with a military dimension)
National Cyberspace Policy
Prevent of minimize disruptions to critical information infrastructure and, thereby, protect the people, economy, essential human and government services, and national security of the United States
National Military Strategy for Cyberspace Operations (NMS-CO)
Comprehensive strategic approach for using cyberspace operations to assure US military strategic superiority in the domain.
Joint Publication 3-12, Cyberspace Operations
Joint doctrine to govern activities and performance of the military in joint cyberspace operation and provide considerations for military interaction with governmental and non-governmental agencies, multinational forces, and other inter-organizational partners.
What document provides military guidance for the exercise of authority by Combatant Commanders (CCDRs) and other joint force commanders (JFC)?
Joint Publication 3-12, Cyberspace Operations
Air Force Doctrine Document 3-12, Cyberspace Operations
Air Force’s foundational doctrine publication for Air Force operations in, through, and from the cyberspace domain.
Air Force Policy Directive 17-12, Cyberspace Operations
Establishes Air Force policy for planning and executing Air Force and joint cyberspace operations. Also states the responsibilities of MAJCOMs, direct reporting units (DRU), field operating agencies (FOA), and others
Combatant Command (COCOM)
Non-transferable command authority of a combatant commander (CCDR) to perform those functions of command over assigned forces involving organizing and employing commands and forces, assigning tasks, designation objectives, and giving authoritative direction over all aspects of military operations, joint training, and logistics to accomplish the mission assigned to the command.
Administrative Control (ADCON)
The direction or exercise of authority over subordinate or other organizations with respect to administration and support
Operational Control (OPCON)
The authority to perform those functions of command over subordinate forces involving organizing and employing commands and forces, assigning tasks, designating objectives, and giving authoritative direction necessary to accomplish the mission.
Can operational control be delegated?
Yes
Tactical Control (TACON)
The authority over forces that is limited to the detailed direction and control of movements or maneuvers within the operational area necessary to accomplish missions or tasks assigned.
What control level provides sufficient authority for controlling and directing the application of force?
Tactical Control
Support
A command authority that aids, protects, complements, or sustains another force.
Which command authority cannot be delegated?
Combatant Command
What are the categories of support that a CCDR may direct over assigned forces?
General, mutual, direct, close
General Support
Support given to the supported force as a whole.
Mutual Support
Support which units render each other against an enemy because of their assigned tasks, their position relative to each other and to the enemy, and their inherent capabilities.
Direct Support
A mission requiring a force to support another specific force and authorizing it to answer directly to the supported force’s request for assistance.
Close Support
That action of the supporting force against targets or objectives that are sufficiently near the supported force as to require detailed integration or coordination of the supporting action with the fire, movement, or other actions of the supported force.
Department of Defense Information Network (DODIN)
The DODIN is the globally interconnected, end-to-end set of information capabilities; associated processes; and personnel for collecting, processing, storing, disseminating, and managing information on demand to warfighters, policy makers, and support personnel. The large, overarching network that all other DoD networks traverse.
What is the new name for the Global Information Grid (GIG)?
DoD Information Network (DODIN)
Cyber Mission Force
A Cyber Mission Force (CMF) consisting of 133 Cyber Mission Teams, Joint Forces Headquarters-Cyber (JFHQ-C), and a Cyber National Mission Force created to be USCYBERCOM’s action arm in and through the cyberspace domain.
Why was the Cyber Force created?
To carry out the DoD’s three cyberspace mission areas:
- Secure, Operate, and Defend the DODIN
- Defend the Nation against cyberspace attack
- Provide CCMD support
What lines of operation does the CMF carry out it’s mission through?
- DODIN Operations
- Defensive Cyberspace Operations (DCO)
- Offensive Cyberspace Operations (OCO)
What are the CMF subordinate commands?
- Cyber National Mission Force (CNMF)
- Cyber Protection Force (CPF)
- Cyber Combat Mission Force (CCMF)
What are the teams within the CMF?
- National Mission Teams (NMTs)
- National Support Teams (NSTs)
- National Cyber Protection Teams (National CPTs)
- DODIN Cyber Protection Teams (DODIN CPTs)
- Combatant Command Cyber Protection Teams (CCMD CPTs)
- Service Cyber Protection Teams (Service CPTs)
- Combat Mission Teams (CMTs)
- Combat Support Teams (CSTs)
Cyber National Mission Force (CNMF)
Plans, directs, and synchronized full-spectrum cyberspace operations to be prepared to defend the U.S. homeland and vital interests from disruptive or destructive cyberspace attacks of significant consequence. Aligns with the DoD’s second cyberspace mission area.
What is the mission of the Cyber National Mission Force HQ (CNMF-HQ)?
The CNMF-HQ’s mission is to direct and synchronize full spectrum cyberspace operations to, on order, deter, disrupt, and if necessary, defeat adversary cyberspace actors in order to defend the DODIN, US critical infrastructure/key resources, and the nation.
What responsibilities does the commander of CNMF-HQ have?
- Exercise OPCON for the NMTs, NSTs, and national CPTs to accomplish assigned mission.
- Conduct joint tactical planning in support of CNMF missions and direct tactical operations from planning through execution.
- Synchronize CNMF maneuvers, fires, and effects in support of assigned missions, and conduct mission deconfliction with Joint Task Force Headquarters (JTF-HQ) and other organizations.
- Synchronize CNMF intelligence operations, including intelligence oversight and the collection, production, and dissemination of intelligence in support of cyberspace intelligence, surveillance, and reconnaissance (ISR) with appropriate agencies.
- Coordinate CNMF-HQ support functions (personnel, logistics, facility requirements, budget) with USCYBERCOM, NSA, service, and functional components; direct CNMF training, exercises, and readiness requirements.
What teams are under the Cyber National Mission Force?
National Mission Teams (NMTs) and National Support Teams (NSTs)
What is the role of National Mission Teams (NMTs)?
They are aligned against a specific cyberspace threat
What is the role of National Support Teams (NSTs)?
They provide specialized technical, analytic, and planning support to NMTs.
What is the mission of CPTs?
Their mission is to enable a supported commander’s mission capabilities and in supporting infrastructure by conducting survey, secure, protect, and recover missions to prepare local cyberspace defenders to sustain an advanced cyberspace defense posture and to defend the supported commander’s critical assets and Cyberspace Key Terrain (C-KT). They also do hunt missions to determine if a compromise has taken place
Cyber Protection Forces (CPF)
Contains 68 Cyber Protection Teams
Joint Force Headquarters-DoDIN (JFHQ-DODIN)
Provides unity of command and unity of effort to secure, operate, and defend the DODIN and operates as a C2 headquarters in line with joint doctrine.
CDRUSSTRATCOM
Directive authority for cyberspace operations over all DOD agencies; this directive authority was delegated to the commander of JFHQ-DODIN.
DODIN CPTs
These CPTs conduct their mission on DODIN systems and networks in support of DISA and customers of the DODIN. DODIN CPTs are directed by JFHQ-DODIN
MAJCOM CPTs
Assigned to specific MAJCOMs in support of the respective missions. MAJCOM CPTs are directed by the MAJCOM they are aligned under.
National CPTs
Although N-CPTs fall under the Cyber Protection Force, operationally, they report directly to CNMF-HQ. These teams perform the CPT mission, but within the AOR of CNMF. This includes U.S. critical infrastructure/key terrain (CI/KR) and national interests.
Service CPTs
These teams are aligned to a particular military branch to support the missions within that service. An example of a potential Air Force Service CPT mission would be conducting the hunt mission for a National Air Operations Center (NAOC).
Cyberspace Combat Mission Force (CCMF)
The cyber combat mission force’s (CCMF) mission aligns with DOD’s third cyberspace mission area, which is CCMD support. They provide integrated cyberspace capabilities to support military operations and contingency plans. This subordinate command is where OCOs are carried out. The Combat Mission Force is directed by JFHQ-C
Joint Force Headquarters – Cyber (JFHQ-C)
JFHQ-C comprises the four distinct services cyberspace headquarters, who have responsibility over a specific Area of Responsibility (AOR):
Army Cyber Command (ARCYBER)
-U.S. Central Command (USCENTCOM)
-U.S. Africa Command (USAFRICOM)
-U.S. Northern Command (USNORTHCOM)
U.S. Fleet Cyber Command (FLTCYBER)
-U.S. Indo-Pacific Command (USINDOPACOM)
-U.S. Southern Command (USSOUTHCOM)
Marine Corps Forces Cyberspace Command (MARFORCYBER)
-U.S. Special Operations Command (USSOCOM)
Air Forces Cyber (AFCYBER)
-U.S. European Command (USEUCOM)
-U.S. Strategic Command (USSTRATCOM)
-U.S. Transportation Command (USTRANSCOM)
What are the commands under Army Cyber Command?
- US Central Command
- US Africa Command
- US Northern Command
What commands are under US Fleet Cyber Command?
- US Indo-Pacific Command
- US Southern Command
What commands are under Marine Corps Forces Cyber Command?
US Special Operations Command
What commands are under Air Forces Cyber
- US European Command
- US Strategic Command
- US Transportation Command
What are the distinct services cyberspace headquarters JFHQ-C is comprised of?
- Army Cyber Command
- US Fleet Cyber Command
- Marine Corps Forces Cyberspace Command
- Air Forces Cyber
What does JFHQ-C support?
The geographic and functional CCMDs across the globe. They execute OPCON over the Combat Mission Teams (CMTs) and Combat Support Teams (CSTs), which are aligned to specific target sets within their respective CCMDs.
Combat Mission Teams (CMTs)
CMTs are tactical units constituted and designated by the USCYBERCOM commander and operate at the tactical level of authority. Each team’s mission is to conduct planned operations in support of CCMD contingency plans, crisis action plans, or other CCMD validated requirements for cyberspace effects.
Combat Support Teams (CSTs)
The mission of the CMT and CST is to develop and employ offensive cyberspace capabilities to achieve, or directly support the achievement of CCMD objectives while being integrated, synchronized and/or de-conflicted with operations in other domains.
What are the CMF Mission areas?
- Defend the nation against cyberspace attack
- Secure, Operate, and Defend the DODIN
- Provide CCMD Support
Defend the Nation Against Cyberspace Attack
The purpose of this defensive measure is to blunt an attack and prevent the destruction of property or the loss of life.
Who owns and operates over 90 percent of all the networks and infrastructure of cyberspace in America and is the first line of defense?
The private sector
What is one of the most important steps for improving the United States overall cybersecurity posture?
Get private companies to prioritize the networks and data they must protect and invest in improving their cybersecurity
Secure, Operate, and Defend the DODIN
Secure, operate, and defend the DODIN. The DOD must be able to secure its own networks against attack and recover quickly if security measures fail.
What constitute the vest majority of the DoD’s operations in cyberspace?
Network defense
What constitutes most of the DODs operations in cyberspace?
Network defense operations
Provide CCMD Support
Provide integrated cyberspace capabilities to support military operations and contingency plans. There may be times when the president or the SecDef determine that it would be appropriate for the military to conduct cyberspace operations, in coordination with other US government agencies as appropriate, to deter or defeat strategic threats in other domains
What type of cyber space operation will be conducted in support of military operations and contingency plans?
OCOs
DODIN Operations (DODIN Ops)
DODIN Ops include designing, building, configuring, securing, operating, maintaining, and sustaining the information environment that we rely on for operations.
Offensive Cyberspace Operations (OCO)
Offensive Cyberspace Operations (OCO) are intended to project power by the application of force in and through cyberspace.
Defensive Cyberspace Operations (DCO)
Defensive cyberspace operations are passive and active cyberspace defense activities that allow us to outmaneuver an adversary and protect critical infrastructure
What two categories can DCO be divided into?
Internal Defensive Measures (DCO-IDM) and Responsive Actions (DCO-RA)
Defensive Cyber Operations-Internal Defensive Measures
Hunting on friendly cyber terrain for threats that evade our security and directing appropriate internal responses. Detect, defend, analyze, and stop threats and vulnerabilities.
Defensive Cyberspace Operations-Responsive Actions
Less about defending against a threat, and more-so about going after the threat. NMTs are the sole entity who conduct DCO-RAs
Cyber Operational Preparation of the Environment (OPE)
Non-intelligence enabling activities conducted to plan and prepare for potential follow-on military cyber operations.
Cyber Intelligence, Surveillance, and Reconnaissance (ISR)
Activities in cyberspace conducted to gather intelligence that may be required to support future operations, including OCO or DCO.
What are Information Operations?
The integrated employment, during military operations, of information-related capabilities (IRC) in concert with other Lines of Operation (LOO) to influence, disrupt, corrupt, or usurp the decision-making of adversaries and potential adversaries while protecting our own.
What is the purpose of information operations?
To affect adversary and potential adversary decision making with the intent to ultimately affect their behavior in ways that help achieve friendly objectives.
Information Environment (In regards to IO)
The aggregate of individuals, organizations, and systems that collect, process, disseminate, or act on information.
What are the three dimensions of IO?
The physical dimension, information dimension, and cognitive dimension
Physical Dimension
Command and control systems, key decision makers, and supporting infrastructure that enable individuals and organizations to create effects.
Information Dimension
Specifies where and how information is collected, processed, stored, disseminated, and protected.
Cognitive Dimension
The minds of those who transmit, receive, and respond to or act on information. It refers to information processing, perception, judgment, and decision making by individuals or groups.
Information Assurance
The process of processing, storing, and transmitting the right information to the right people at the right time. Protection of the confidentiality, integrity, availability, authenticity, and non-repudiation of user data.
Confidentiality
A security measure which protects against who is able to access specific data. In other words, only those who need access receive access, and those who do not need access are denied access.
Integrity
Protection of information from unauthorized modification. The goal is to ensure that the information is accurate and complete throughout its entire lifespan.
Authentication
Authentication involves ensuring those who have access to information, are who they say they are.
Availability
Refers to reliable access of information when an authorized individual needs access.
Non-Repudiation
Assurance that someone with access to your organizations information system cannot deny having completed an action within the system, as there should be methods in place to prove that they did make said action.
Wing Cybersecurity Officer (WCO)
The WCO addresses all cybersecurity requirements on the base for IT under the control of the base communications squadron/flight, including IT of tenant units unless formal agreements exist.
Information Assurance Officer (IAO)
The IAO is the unit-level position that acts as the single liaison between the organization and the WCO for all Computer Security (COMPUSEC) matters under the IA program.
Special Security Officer (SSO)
Responsible for the security management, operation, implementation, use and dissemination of all types of SCI material within his/her respective organization.
Information System/COMSEC Users
The users of these systems and/or material are responsible for knowing the required safeguards, and using them in accordance with their assigned duties.
What is OPSEC?
Reduce the vulnerability of missions by eliminating or reducing successful adversary collection and exploitation of critical information. It’s most import characteristic is that it is a process.
Critical Information
CI is the specific facts about friendly intentions, capabilities, and activities needed by adversaries to plan and act effectively to disrupt or deny friendly mission accomplishment.
What are the five distinct actions of the OPSEC process?
Identify critical information, analyze threats, analyze vulnerabilities, assess risk, and apply countermeasures.
What are the components of assessment of risk?
- Possible OPSEC countermeasures for each vulnerability are identified.
- Estimate the impact to operations with implementing each possible OPSEC countermeasure versus the potential harmful effects on mission accomplishment of an adversary’s exploitation of a particular vulnerability
- Select specific OPSEC countermeasures for execution based upon a risk assessment
What are the AFSC prefixes specific to 1B4X1?
T and U
What does the T prefix indicate?
Identifies enlisted Airmen who are serving in, qualified to serve in, or receiving training to qualify to serve in formal training instructor positions
What does the U prefix indicate?
Identifies enlisted Airmen who are serving in, qualified to serve in, or receiving formal training to qualify to serve in positions requiring information operations (IO) expertise and knowledge.
What are the related enlisted career fields?
- Cyber System Operations (3D0X2)
- Cyber Transport Systems (3D1X2)
- Operations Intelligence (1N0X1)
- Fusion Analyst (1N4X1A)
What are the related officer career fields?
- Warfighter Communication Operations (17DXX)
- Network Operations (17DXA)
- Expeditionary Communications Operations (17DXB)
- Cyber Effects Operations (17SXX)
- Offensive Cyberspace Operations (17SXA)
- Defensive Cyberspace Operations (17SXB)
- Intelligence Officer (14NX)
Cyber System Operations (3D0X2)
Installs, supports and maintains server operating systems or other computer systems and the software applications pertinent to its operation, while also ensuring current defensive mechanisms are in place
Cyber Transport Systems (3D1X2)
Deploys, sustains, troubleshoots, and repairs standard voice, data, and video network infrastructure systems, internet protocol detection systems and cryptographic equipment
Operations Intelligence (1N0X1)
Analyzes multiple sources of information in developing, evaluating, and disseminating intelligence on potential threats to U.S. and allied forces
Fusion Analyst (1N4X1A)
Analyzes, disseminates, and exploits intelligence derived from target network communications
Network Operations (17DXA)
Operates, secures, configures, designs, maintains, sustains, and extends cyberspace infrastructure; provides and employs cyberspace capabilities; and leads DODIN operations missions.
Expeditionary Communications Operations (17DXB)
Engineers, builds, operates, secures, and extends cyberspace infrastructure; provides and employs cyberspace capabilities and leads DODIN operations missions in deployed, austere, and hostile environments.
Offensive Cyberspace Operations (17SXA)
Operates cyberspace and intelligence platforms and weapons systems, takes actions to gain access to cyber terrain, exploits adversary networks, and commands crews to hold Joint Force Commander-relevant targets at risk, at will, via cyberspace attack and cyberspace exploitation actions.
Defensive Cyberspace Operations (17SXB)
Operates defensive cyberspace platforms and weapon systems, takes cyberspace defense actions on assigned cyber terrain, and commands crews to assure cyber-reliant missions and defend against adversary exploitation.
Intelligence Officer (14NX)
Officer’s responsibilities include performing and managing intelligence functions and activities to support United States and allied forces.
How many pay grades is the GS system broken into?
15
How many steps is the GS system broken into?
10
16th Air Force
AFCYBER, under Air Combat Command, Joint base San Antonio-Lackland, Texas
What wings fall under the 16th Air Force?
67th Cyberspace Wing and the 688th Cyberspace Wing
616th Operations Center
Receives orders and tasks from U.S. Cyber Command and, in turn, tasks 16th AF subordinate units to perform a wide range of cyber missions in support of Air Force and joint force commanders. The 616th OC operates the Cyber Command and Control Mission System (C3MS)weapon system.
67th Cyberspace Wing
- Joint base San Antonio-Lackland
- Air Force’s newest combat wing
- AFCYBER’s execution arm
- CVA/H weapon system
- 4 groups, 26 units, 7 locations
What are the four groups in the 67th Cyberspace Operations Wing?
- 67th Cyberspace Operations Group
- 318th Cyberspace Operations Group
- 567th Cyberspace Operations Group
- 867th Cyberspace Operations Group
67th Cyberspace Operations Group
- JBSA-Lackland
- Network operations and planning
- 5 squadrons
What squadrons are in the 67th Cyberspace Operations Group?
- 91st COS
- 305th COS
- 352nd COS
- 375th COS
- 390th COS
318th Cyberspace Operations Group
- JBSA Lackland
- Develop and test
- 4 squadrons
What squadrons are in the 318th Cyberspace Operations Group?
- 39th Information Operations Squadron
- 90th COS
- 318th Range Squadron
- 346th Test Squadron
567th Cyberspace Operations Group
- Scott AFB
- Plans and executes cyberspace operations
- Defense
- 4 squadrons
What squadrons are in the 567th Cyberspace Operations Group?
- 92nd COS
- 834th COS
- 835th COS
- 837th COS
867th Cyberspace Operations Group
- Newest
- OCOs
- Defensive capabilities to CNMF
- 4 squadrons
What squadrons does the 867th COG consist of?
- 315th COS
- 341st COS
- 833rd COS
- 836th COS
688th Cyberspace Wing
- JBSA Lackland
- 2 notable groups
What are the notable groups of the 688th Cyberspace Wing
- 26th COG
- 690th COG
26th Cyberspace Operations Group
- JBSA Lackland
- 3 squadrons
What squadrons are in the 26th COG?
- 26th Network Operations Squadron
- 33rd Network Warfare Squadron
- 68th Network Warfare Squadron
690th Cyber Operations Group
- JBSA Lackland
- 4 squadrons
What squadrons are in the 690th COG?
- 83rd NOS
- 561st NOS
- 690th COS
- 691st COS
7th Intelligence Squadron
- Fort Meade
- Supports NSA
35th Intelligence Squadron
- JBSA Lackland
- ISR for cyber
Title 10 - Armed Forces
Outlines the roll of armed forces in the United States Code. Provides the legal basis
Subtitles to Title 10
Subtitle A - General Military Law, including the Uniform Code of Military Justice (UCMJ)
Subtitle B - Army
Subtitle C - Navy and Marine Corps
Subtitle D - Air Force and Space Force
Subtitle E - Reserve Components
Title 15 - Commerce and Trade
Covers National Institute of Standards and Technology (NIST) and the cybersecurity responsibilities and cybersecurity programs it runs.
Chapters in Title 15 related to Cyber
Chapter 7 - National Institute of Standards and Technology (NIST)
Chapter 22 - Trademarks
Chapter 23 - Dissemination of Technical, Scientific, and Engineering Information
Chapter 63 - Technology Innovation
Chapter 100 - Cyber Security Research and Development
Chapters in Title 17 - Copyrights related to cyber
Chapter 2 - Copyright Ownership and Transfer
Chapter 3 - Duration of Copyright
Chapter 5 - Copyright Infringement and Remedies
Chapter 7 - Copyright Office
Chapter 10 - Digital Audio Recording Devices and Media
Title 18 - Crimes and Criminal Procedure
Enforcement of law within the United States
Title 18 sections related to cyber
- Computer fraud
- Wire fraud
- Communication lines
- The Federal Wiretap Act
- Stored Communications Act
- Pen Registers and Trap/Trace
Title 32 - National Guard
Describes the role of the National Guard, can be activated in 3 circumstances
Under what circumstances can the National Guard be Activated?
- State Active Duty
- Title 32 Full-time National Guard Duty
- Federal Duty
Title 50 - War and National Defense
Governs the conduct of war, national security, and defense related activities.
UCMJ Article 123
Offenses concerning Government computers
Executive Orders
Written, signed, and published directive from the President of the United States that manages operations of the federal government. EOs numbered consecutively, so they may be referenced by their assigned number, or their topic.
E.O. 13800
-Report to the President on Federal IT Modernization
-Support to Critical Infrastructure at Greatest Risk
-Supporting Transparency in the Marketplace
-Resilience Against Botnets and Other Automated, Distributed Threats
-Assessment of Electricity Disruption Incident Response Capabilities
-American Cybersecurity Workforce Developme
Intellectual Property (IP)
Intellectual property is an intangible property (an asset with value) resulting from human intellect, which can be protected by law.
Copyrights
A copyright is the exclusive right granted under Title 17, U.S.C., to the owner of an original work to reproduce and to distribute copies or phone records, to make derivative works, and to perform or display certain types of the works publicly.
Trademarks
A trademark is a word, name, symbol, or device that is used in trade with goods to indicate the source of the goods and to distinguish them from the goods of others
Patents
This excludes others from making, using, offering for sale, or selling an invention.
Trade Secrets
Trade secrets consist of information such as a formula, pattern, compilation, program, device, method, technique, or process.
Rules of Engagement (ROEs)
ROE are Our Rules – how we want to operate.
ROE Purposes
To provide standing guidance during “peacetime”
To control the transition from “peacetime” to “conflict”
To control combat operations during conflicts
Port Scanning
A basic method for gathering information about devices on a network, such as IP, Operating System (OS), services, open ports, etc.
Sniffers
Sniffers are devices or software that monitors traffic, in real-time, on a network, and has the ability to read what is in that traffic
Forensics Tools
Forensic tools are tools used, typically by incident responders, to deep dive into a computer system to uncover information on that system.
Ethical Hacking
An ethical hacker is one who attacks a computer system or network in an attempt to gain information and access in the same way a real hacker would attempt.
Unethical Hacking
Unethical hackers, also called black hat hackers, conduct many unethical acts when they hack.
How do you determine if use of a computer was ethical?
- Prohibited use – adversely reflects on DOD where use interferes with employee or office productivity or where use is to conduct outside commercial activity.
- Authorized use – does not interfere with the performance of official duties, it is of reasonable duration or frequency, it serves a legitimate government interest, and it does not reflect adversely on DOD.
- Official use – performance of work associated with your day-to-day responsibilities and performance of only official duties on official time.
Cyber Ethics 10 Commandments
- Do not use a computer to harm other people.
- Do not interfere with other people’s computer work.
- Do not snoop around in other people’s computer files.
- Do not use a computer to steal.
- Do not use a computer to bear false witness.
- Do not copy or use proprietary software for which you have not paid.
- Do not use other people’s computer resources without authorization or proper compensation.
- Do not appropriate other people’s intellectual output.
- Think about the social consequences of the program you are writing or the system you are designing.
- Always use a computer in ways that insure consideration and respect for your fellow humans.
System Monitoring
Users of the DODIN and/or Air Force Information Network (AFIN) must consent to monitoring before they can be authorized on the networks.
PII
-Social Security Number
-Date of Birth
-Address
-Phone Number
-Etc.
HIPAA
The DoD also specifically protects health information through two DoD regulations. The first is DoD 6025.18-R, DoD Health Information Privacy. The second is DoD 8580.02-R, DoD Health Information Security.
Privileged Communications
The DoD also protects the communications by and with its attorneys and chaplains and mental health professionals, as well as information associated with certain safety investigations
Treaties
A treaty is a formally concluded and ratified agreement between two or more countries
International Law
International Law consists of rules and principles governing the relations and dealings of nations with each other, as well as the relations between states and individuals, and relations between international organizations
The Convention on Cybercrime (2001)
Also known as the Budapest Convention, this was the first international agreement aimed at reducing computer-related crime by harmonizing national laws, improving investigative techniques, and increasing international cooperation.
2015 G-20 Summit
All leaders agreed that international law applies to state conduct in cyberspace and leaders committed that their state would abide by norms of responsible behavior in cyberspace. Additionally, each state agreed that no country should conduct or support cyber-enabled theft of intellectual property.
United Nations Convention against Transnational Organized Crime
This treaty, also known as the Palermo Convention, obligates state parties to enact domestic criminal offenses that target organized criminal groups and to adopt new frameworks for extradition, mutual legal assistance, and law enforcement cooperation
