SECRET HEADQUARTERS UNITED STATES FOIA review completed on 4 January 2018 Portions of this document no longer meet the classi cation standards of EU 13526 Section 1 4 As such I am downgrading speci c portion- marked paragraphs as Partial classi cation downgrade executed by DANIEL L KARBLER Major General US Army Chief of Staff U S Strategic Command STRATEGIC COMMAND INTENTIONALLY BLANK 11 SECRET HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 681 13 6500 28 February 2008 USSTRATCOM CONPLAN 8039-08 U Table of Contents U CONTENTS Letter of Transmittal Security Instructions Classi cation Guidance Plan Summary Terms of Reference Base Plan Situation Mission Statement Execution Administration 83 Logistics Command Control ANNEX A Task Organization ANNEX Intelligence ANNEX Operations ANNEX Public Affairs ANNEX Command Relationships ANNEX Command Control Communications 85 Computer Systems ANNEX Space Operations ANNEX Special Technical Operations ANNEX Interagency Collaboration ANNEX Space Control Target Folders ANNEX - Distribution 111 I INTENTIONALLY BLANK 1V 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 SECRET HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 USSTRATCOM CONPLAN 8039 08 U Letter of Transmittal U SEE DISTRIBUTION Annex Z 1 U CDRUSSTRATCOM CONPLAN 8039-08 which provides for Cyberspace Operations is attached 2 U CONPLAN 8039-08 accomplishes the following W Ful lls the W1 Sec 1 4m Sec 1 4 a U Establishes a common context providing linkages among operations in and through cyberspace and operations in all environments U Identi es threats and prioritizes planning efforts I it provides a methodology for Sec 1 7 e U Provides a framework for structuring pre-planned authorities to execute tasks that generate desired effects in support of national objectives 3 U Elements of this plan were coordinated with Service Components Functional Components and supporting agencies during preparation 4 U Upon approval CDRUSSTRATCOM CONPLAN 8039-08 supersedes previous versions of CDRUSSTRATCOM CONPLAN 8039 5 U File this letter in front of the plan FOR THE COMMANDER Sit sn'ecl MARK H OWEN Brigadier General USAF Director Plans and Policy 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 INTENTIONALLY BLANK 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 681 13-6500 28 February 2008 USSTRATCOM CONPLAN 8039 08 U Security Instructions Record of Changes U U Plan Title 1 U The long title of this plan is CDRUSSTRATCOM CONPLAN 8039- 08 CYBERSPACE OPERATIONS U 2 U The short title of this plan is CDRUSSTRATCOM CONPLAN 8039- 08 U 3 U This document is classi ed SECRET TO USA AUS and GBR to protect information revealing operational plans of US military forces CDRUSSTRATCOM CONPLAN 8039-08 must be disseminated only to those agencies and personnel whose of cial duties speci cally require knowledge of the plan including those required to develop supporting plans 4 U This document contains information affecting the national defense of the United States within the meaning of the Espionage Laws title 18 United States Code sections 793 and 794 The transmission or revelation of information contained herein in any manner to an unauthorized person is prohibited by law 5 U Reproduction of this document is authorized for of cial use only in accordance with guidelines for reproduction of classi ed material outlined in Department of Defense DOD 5200 1-R Information Security Program RECORD OF CHANGES Date of Date Posted Change Change Number Copy Posted By Number V11 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 INTENTIONALLY BLANK 200 201 202 203 204 205 206 207 208 SECRET HEADQUARTERS U S STRATEGIC COMMAND AIR FORCE BASE NE 68113 6500 28 February 2008 USSTRATCOM CONPLAN 8039-08 U Classi cation Guidance U SUBJECT PROTECTION REQUIRED DURING REQUIRING COA EXEC- POST PROTECTION UTION IMPLEMEN- MENT PLANNING TATION U Plan Short Title U Plan Long Title U Cyberspace Terminology REL REL REL REL U Threat Information REL REL REL REL U Concept of Operations U Classi cation Guide REL U Communications effectiveness sustainability and limitations U Command Arrangements and REL REL REL REL agreements U Rules of Engagement ROE U Assigned Areas of Operation and boundaries U Key planning assumptions REL REL REL REL U Operational constraints REL REL REL 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 INTENTIONALLY BLANK 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 27 1 272 273 274 275 276 SECRET HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AFB NE 68113 6500 28 February 2008 USSTRATCOM CONPLAN 8039 08 U Executive Summary U 1 Situation a General Commander US Strategic Command CDRUSSTRATCOM CONPLAN 8039 CYBERSPACE OPERATIONS responds to Contingech Planning Guidance FY 05 and CJCSI 31 I Sec 1 4 a I CONPLAN 8039 also responds to draft Guidance for Employment of the Forces 08 GEF and draft Joint Strategic Capabilities Plan FY 08 The plan provides a concept for Sec 1 4 a Further CONPLAN 8039 provides cyberspace planners with a basis Sec 1 4 a The plan's success hinges on close coordination among all Combatant Comm anders Sec 1 4 a I 14 3 operations To facilitate and expedite planning the plan conso idates existing roles responsibilities authorities and rules of engagement from existing policy and guidance which require CDRUSSTRATCOM coordinate with affected DOD components In short the Sec 14 8 a close working relationship with the interagency is critical throughout all phases of planning and execution as thellbl Sec 14 3 I Sec 1 4 a b Sec 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 SEC-REF The prosperiw and security of our nation relv on Sec 1 4 a In Shor wxlig c 1 4 security environment CONPLAN 8039 supports the National Defense Strategyr bv providing f9Area of Concern CDRUSSTRATCOM has no geographic area of responsibilitv AOR for normal operations Sec 1 4 a area of interest A01 for military operations is global particularly involving operations that transcend GCC boundaries CDRUSSTRATCOM will work in full partnership with geographic combatant commanders Sec 1 4 a CDRUSSTRATCOM must be prepared to support operations as directed by the President and Secretary of Defense SECDEF as well as to support other combatant commanders under CONPLAN Sec 1 4 a Scope CONPLAN 8039 I Sec 14 CONPLAN 8039 -- - - Sec 1 215 -- WW For mmSec 1 4 a Inot currently covered in ICONPLAN 8039 provides a framework for planning Sec 1 4 a Sec 1 4 a 5 11 Sec 1 4 a ieffort among USSTRATCOM components is collaboratively developed with SEC-REF xii 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 SECRET the GCCS ensures unitv of purpose with Sec 1 4 a 1 Sec 1 7 e I The Purpose ofISFil 42ml is to provide national leadershin bxl 39 14 8 mm Sec 1 4 a Sec 1 4 a Dep I Government Use Sec 1 4 a Sec 1 4 a Comprehensive and Sec 1 4 a I combatant commands and interagency partners C Sec 1 4 a Iencompass a 1 4 a bx1 8ec1-4ta luso policy and re ects combatant command collaboration These appendices translatelTle 39 14 3 I I Thev also translate 5X1 Sec 1 4 a Depending on the level of planning mu Sec 1 4 a reulrements I W1 39 and assessments of risk and effects U Friendly Forces 1 U Center of Gravity For the purposes of CONPLAN 8039 COG analysis will cover ability to conduct SEC-REF 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 414 SEC-REF Operations in and through cyberspace The US utilizes Sec 1 7 e 2 U Strength and Composition CDRUSSTRATCOM has Combatant Command Command Authority COCOM for forces delineated in Forces for Uni ed Commands FY 2006 and Global Force management Guidance FY 2005 CDRUSSTRATCOM will plan with all forces reasonably deemed essential to meet objectives SW-15W Le a1 Considerations CONPLAN 8039 contemplates military actionsi W1 Sec 14 a Sec 1 4 a of US law including the US Constitution applicable US statutes executive orders and regulatio LOAC and applicable ROE Sec 1 4 a 2 Mission a Purpose This concept plan provides a Sec 1 4 a ' b 1lsew4 a I In order to accomplish this CONPLAN 8039 will per orm following four functions 1 U Provide context for a common planning structure by establishing linkages among cyberspace operations and operations in all environments 2 WW Provide methods to mm Sec 1 4 a 3 SECRET Iroles and responsibilities from existing guidance Sec 1 4 a 4 U Describe operations and defense of the Global Information Grid b Mission Statement Commander US Strategic Command 30 1 590 14 8 Sec 1 4 a support of national and military - -- Sec 1 4 a NoteCONPLAN 8039 is designed to Sec 1 7 e CONPLAN 8039 SO eve a structure for pre-planned authorities 2 S Sec 1 4 a Sec 1 4 a 3 8 W1 Sec 1 4m Sec 1 4 a 456 3 S Execution 457 458 a U Commander's Intent 1 4 59 Sec 1 7 e I 460 three scenarios 46 1 462 U When CDRUSSTRATCOM is the supported commander for 463 planning within the context of other STRATCOM plans 464 I In this case 465 Sec 1 7 e 466 467 468 2 U When CDRUSSTRATCOM is a supporting commander for 469 another combatant commander effects and supporting 470 activities in support of other plans will be derived via the 471 applicable combatant commander plan For timing and tempo 472 of operations assigned forces will follow the 473 phasing or planned construct resident in that plan 474 475 3 U When CDRUSSTRATCOM is the supported commander 476 CONPLAN 477 maxi Sec 1 7 e I 478 479 b Concept of Operations This CONPLAN employs the JP 50901-49 480 Iin and 481 through cyberSpace As necessary and when required 482 USSTRATCOM will modify 483 re ect the concept of Operations The followin aragraphs 484 describe general activities that relate to These 485 descriptions are general in nature and may or may not apply to all 486 I CONPLAN 8039 describes the 4 87 Sec 1 4 essential that CONPLAN Ibe utilized 495 in concert with Geographic Combatant Commander GCC 496 campaign plans CONPLAN 8039 provides planning structure and 497 context but is not intended to 498 Sec 1 4 a 499 CONPLAN 8039 is intended to serve as a tool for 500 developing executable OPLANs and EXORDS For planning 501 purposes the nstruct below allows for the systematic SECRET xvi SECRET 502 arrangement of activities and tasks in a logical and anticipated 503 sequence Some activities from a given 14 a 504 mm Sec 1 4 a I 505 506 1 I 507 Sec 1 4 a 508 509 510 I When CONPLAN 51 Sec 14 8 5 12 5 1 3 514 2 WHWW 515 Sec 1 4 519 When CONPLAN 520 W Sec We Jboth cyber and 521 non cyber are available for planners to quickly bundle into 522 COAs to present to decision makers 523 524 3 Sec 1 4 a 525 Baseline Planning and 527 Options fodmeec 14 8 528 I are developed and elded as directed533 bunSec 1 4 537 achieve Speci ed obiectives b 1 sec1l4 a Wi 539 540 541 542 5 Re1 to USA AUS 543 Sec 1 4 a 544 545 546 547 SEC-REF XVII SECRET 548 549 6 Rel to USA AUS 550 Sec 1 4 U Administration 85 Logistics 559 560 a U Concept of Support Security logistics personnel and 561 administrative support will be furnished by supporting commands 562 in accordance with service directives command arrangement 563 agreements CAAs memoranda of understanding MOU Task 564 Force TF operating instructions and the logistics concept for 565 support operations outlined in CDRUSSTRATCOM plans and 566 directives 567 568 5 U Command 85 Control Service cyberspace operations Command 569 Control C2 structure as it applies to USSTRATCOM and its 570 components 33 17 9 57 1 Sec 1 7 e I 572 differently See Annex for C2 speci cs regarding organizational 573 structure I 574 for command relationships by scenario 575 576 577 XV111 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 6 10 611 612 613 614 615 616 617 618 619 620 621 622 623 SEC-REF HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AFB NE 68113 6500 28 February 2008 Terms of Reference U CDR USSTRATCOM CONPLAN 8039-08 1 U Terms of Reference Because of the relative newness of this warfare area and due to a lack of consensus regarding terminology failures in communication regarding cyberspace are common The terms phrases and gures below are intended to provide a usable readily available and common vocabulary for the cyberspace planner This listing is not intended to be all-inclusive or doctrinal but rather to identify and reference doctrine Where available and to provide an explanation and common context for other terms used throughout this document U Access Sufficient I Sec 1 7 e I the purposes of CONPLAN 8039 attacks Sec 1 7 e Sec 1 7 3 Sec 1 7 e 1_7 e Sec 1 7 9 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 66 662 663 664 665 666 667 668 669 Sec 1 7 e I I Sec 1 7 e combination of such effects 0 MW Sec 1 7 e Sec 1 7 e 0 m1 Sec 1 7 e I adversely affected U Computer Network Defense Response Actions CND-RAS or RAs RAs are deliberate authorized measures or activities that protect and defend DOD computer systems and networks under attack or targeted for attack by adversary computer systems networks RAs extend layered defense-in depth capabilities and increase DOD's ability to withstand adversary attacks Objectives for using RAs include Sec 1 7 e EMU Sec 1 7 e I EMU Sec 1 7 e Sec 1 7 e U Computer Network Operations CNO Comprised of computer network attack CNA computer network defense CND and related computer network exploitation enabling operations CNE JP 3 13 Note that for the purposes of CONPLAN 8039 Computer Network Operations and its subcategories are considered as Sec SECRET XX 670 Sec 1 7 e 671 672 673 674 U Computer Network Attack CNA Actions taken through 675 the use of computer networks to disrupt deny degrade or 676 destroy information resident in computers and computer 677 networks or the computers and networks themselves U Computer Network Defense CND Actions taken to 681 protect monitor analyze detect and respond to 682 unauthorized activity within Department of Defense 683 information systems and computer networks J 6 0 684 685 0 U Computer Network Exploitation CNE Enabling 686 operations and intelligence collection capabilities conducted 687 through the use of computer networks to gather data from 688 target or adversary automated information systems or 689 networks JP 3 13 690 691 U Cross Domain Solution An information assurance solution 692 that provides the ability to manually and or automatically access 693 and or transfer between two or more differing security domains 694 CJCSI 6211 02b DISN Policy Responsibilities and Processes 695 696 U Cyber Adjective form of cyberspace Used as a modi er to 697 create appropriate cyberspace related terms cyber attack cyber 698 defense cyber weapon etc 699 700 U Sec 1 7 712 713 U Cyber Attack Weapon Characterization The process of 714 determining and documenting the effect producing mechanisms 715 and assurance factors of cyber attack weapons Characterization SECRET xxi SECREI 716 includes aspects of CNA technical assurance evaluation 717 Operational Test and Evaluation risk protection 718 assessments and other screening processes The operational risk 719 assessment of employing or releasing an offensive or defensive 720 cyber weapon shall include risk factors addressing safety which 721 can also be global and public and security loss of a weapon or 722 exposure of a leading edge capability Answers the question 723 What do I need to know about this weapon before I can use it 724 Sec 17 9 725 726 7 2'7 S loam Sec 1 4 a 1 728 Sec 1 4 The extent to which the cyber 734 Sec 1 7 e 735 736 737 The manner in which a 738 Sec 17 combination of one or more 745 b 1 Sec 17 1 7 9 -- 752 753 754 Sec 1 7 XXII 762 763 Sec 1 7 e 764 765 766 767 768 769 770 771 772 773 774 775 776 777 The process of taking 785 U Cyber Capability A capability device weapon tool 786 computer program or technique including any combination of 787 software rmware and hardware designed speci cally to create an 788 effect in or through cyberspace Not all cyber capabilities are 789 weapons or potential weapons 790 791 to USA AUS 792 Sec 1 4 a 793 794 795 796 797 798 799 mm Sec 1 4 a 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 83 1 832 833 834 835 836 837 838 839 840 841 Sec 1 4 8 U CyberSpace working de nition A domain characterized by the use of electronics and the electromagnetic spectrum to store modify and exchange data via networked systems and associated physical infrastructures working de nition from NMS-CO U 391519 Cyberspace Defense The goal of cyberspace defensive operations is to preserve the intended purpose and Operating capabilities of a given network or system Cyberspace defense is accomplished by a layered defense in-depth posture with mutually supporting elements of digital electronic and physical protection Critical infrastructure protection Information Assurance and Computer Network Defense efforts all contribute to a robust defensive posture Because of the extensive interconnections amongst networked systems this variety of efforts supports protection of mission critical hardware and software switching nodes communications pathways and data integrity not only for critical Department of Defense networks but also for portions of US allied and civilian networks U Cyberspace Domain For the purposes of CONPLAN 8039 cyberspace is a domain using electronics and the electromagnetic spectrum to store modify and exchange data via networked systems and associated physical infrastructures Per the NMS CO working de nition of cyberspace XXIV y rs pa 3 Iobal lnforr'nzsitior'i Grid 3 Adversary Cyberspace Ad erssr ri lhtaly Lerspace Interests in De U Figure 1 Cyberspace domain - Terrain 842 843 0 U US Military Cyberspace This is the area in Figure 844 delineated by the label Department of Defense Networks 85 845 Global Information Grid The GIG is as de ned in Joint 846 Publication JP 1-02 The GIG supports all DOD national 847 security and related intelligence activities missions and 848 functions strategic operational and tactical in war and in 849 peace DOD Networks span the full range from tactical 850 battle eld data netwOrks to networked strategic control 851 systems '852 853 U US Cyberspace This is the area in Figure 1 delineated 854 by the label Government Cyberspace Per the 2004 855 National Response Plan all nationally owned cyberspace 856 that resides outside of the DOD GIG is in this category and 857 falls under the Department of Homeland Security DHS for 858 protection DHS responsibilities are detailed in the National 859 Response Plan NRP 2004 This includes both U S owned 860 and other US government networks across the full range of 861 the interagency 862 863 0 U US Interests in Cyberspace This is the area in Figure 864 delineated by the label Interests in Cyberspace 865 Networks and systems within this area are owned and 866 operated by a variety of commercial civil and other entities 867 however the impact of their operation is of speci c interest 868 for the maintenance of national business operations This 869 category includes systems such as I039 Sec 13 I SEC-REF XXV 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 915 SECRET mm Sec 1 7 e and utility networks l nancial commerce U Other Cyberspace This is the area in Figure delineated by the label Other Cyberspace and Associated Infrastructure The vast majority of cyberspace lies within this region Included are the full spectrum of World Wide Web accessible applications and services as well as the necessary global infrastructure to support communication and processing of the data ow that enables cyberspace Adversary Cyberspace This is the area in Figure 1 delineated by the label Adversary vaersoace Included are those portions of cvbersnace Sec 1 4 a U Adversary Military Cyberspace This is the area in Figure delineated bv the label Adversarv Militarv vaersnace Sec 1 7 3 0 S 5 ts QUS GER 8039 14 6 Sec 1 4 a ICom rised of I May requi IC mprised ofNlay Comprised of SECRET xxvi 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 Sec 1 4 a Unclassi ed Sec 1 7 9 Figure 2 U Cyberspace U Cyberspace elements For the purpose of CONPLAN 8039 there are four elements that comprise military use of cyberspace Purpose Infrastructure Electromagnetic Spectrum and Data Arranging the elements of cyberspace into a cyber triangle see Figure 3 below helps to clarify the four separate but related aspects of cyberspace systems After determining the desired objectives effects and actions planners can use the triangle as a Sec 1 7 e Sec 17 3 I Analysis of the cyber triangle can also guide the search for critical vulnerabilities 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 95 1 952 953 954 955 956 957 958 959 SEC-REF UNCLASSIFIED 4 Electroma netic Spectrum MS Figure 3 U Cyberspace Elements The Cyber Triangle 0 U Purpose This central element represents the reason that an actor uses cyberspace to further his objectives If an adversary doesn't see the value in using cyberspace to further his objectives hostile to the United States his cyberSpace capability the rest of the cyber triangle is not relevant Sec 1 7 9 0 U Infrastructure For the purposes of this plan infrastructure includes the global information infrastructure as de ned in JP 1 02 see below as well as Sec 1 7 e U Electromagnetic Spectrum EMS EMS refers to the range of frequencies of electromagnetic radiation from zero to in nity It can be measured in cycles per second or wavelength in centimeters and includes radio waves microwaves and all forms of radiated energy 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 99 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 SEC-REF 0 U Data Representation of facts concepts or instructions in a formalized manner suitable for communication interpretation or processing by humans or automatic means JP 1 02 For the purposes of this plan data refers to any such information that can be created stored modi ed or exchanged via networked systems and associated infrastructure as given in the U Cyberspace Operations Actions taken in and extending through cyberspace transcending Computer Network Operations CNO Cyberspace Operations broadly include the following objectives 0 Sec 1 4 a 1 4 a Sec 1 4 a I Sec 1 4 a - I U Cyberspace Superiority The degree of dominance in cyberspace of one force over another that permits the conduct of operations by the former and its related air land sea and space forces at a given time and place without prohibitive interference by the opposing force Adapted from JP 3-13 3 14 3 30 Information Space and Air Superiority U Cyber Warfare Direct creation of effects in and through cyberspace in support of a combatant commander s military objectives Comprises operations conducted to guarantee friendly forces freedom of action in cyberspace while denying opposing forces effective use of cyberspace U Data Representation of facts concepts or instructions in a formalized manner suitable for communication interpretation or processing by humans or by automatic means Any representations such as characters or analog quantities to which meaning is or might be assigned JP 1-02 0 For the purposes of CONPLAN 8039 data refers to any information consistent with the above de nition which can be created stored modi ed or exchanged via networked systems and associated infrastructure SEC-REF xxix 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 SECRET U Deny To degrade disrupt or destroy access to operation of or availability of a target by a speci ed level for a speci ed time Denial is concerned with preventing adversary use of resources U Degrade a function of amount To deny access to or operation of a target to a level represented as a percentage of capacity Level of degradation must be speci ed If a speci c time is required it can be speci ed otherwise start and stop-time are assumed to be indeterminate U Destroy To permanently completely and irreparany deny access to or operation of a target Destruction is the denial effect where time and amount are both maximized U Digital Protection Actions taken in cyberspace to protect defend monitor analyze detect and respond to unauthorized network activity It encompasses the concepts of Computer Network Defense CND Information Assurance 1A and Response Actions RAs U Disrupt a function of time To completely but temporarily deny access to or operation of a target for a period represented as a function of time A desired start and stop time are normally specified Disruption can be considered a special case of degradation where the degradation level selected is 100% U Effects Assessment The timely and accurate evaluation of effects resulting from the application of lethal or nonlethal force against a military objective Effect assessment can be applied to the employment of all types of weapon systems air ground naval special forces and cyber weapon systems throughout the range of military operations 031 1 Sec 17 9 responsibility with required inputs and coordination from the operators Effects assessment is composed of physical effect assessment functional effect assessment and target system assessment Note Battle Damage Assessment BDA is a speci c type of effects assessment for damage effects Adapted from the JP 1 02 de nition of BDA U Electronic Protection Division of electronic warfare involving actions taken to protect personnel facilities and equipment from any effect of friendly or enemy use of the electromagnetic spectrum that degrades neutralizes or destroys friendly combat capability JP 3- 13 1 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 SECRET U Friendly Cyberspace Those portions of cyberspace used controlled and or maintained by entities understood to be non- hostile to the US its allies or coalition partners For instance the GIG our military data links and critical US cyber infrastructure are examples of friendly cyberspace U Global Information Grid GIG The globally interconnected end to end set of information capabilities associated processes and personnel for collecting processing storing disseminating and managing information on demand to war ghters policy makers and support personnel The Global Information Grid includes owned and leased communications and computing systems and services software including applications data security services other associated services and National Security Systems Also called GIG JP 6 0 U Global Information Infrastructure GII The worldwide interconnection of communications networks computers databases and consumer electronics that make vast amounts of information available to users The global information infrastructure encompasses a wide range of equipment including cameras scanners keyboards facsimile machines computers switches compact disks video and audio tape cable wire satellites ber-optic transmission lines networks of all types televisions monitors printers and much more The friendly and adversary personnel who make decisions and handle the transmitted information constitute a critical component of the global information infrastructure Also called GII JP 3-13 U HVAC Heating Ventilation and Air Conditioning An acronym used to describe equipment used to control the temperature and humidity of an enclosed space HVAC systems are critical for the ef cient operation of computer and network equipment to maintain their operating environment within required speci cations U Infrastructure For the purposes of CONPLAN 8039 infrastructure is the superset of systems including the G11 see above Sec 1 7 e I Sec U Intended Cyber Effect A sorting of cyber capabilities into broad operational categories based on the outcomes they were designed to create These categories are used to guide capability SECRET 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 SECRET selection decisions Answers the question What kind of capability is this Speci cally Denial degrade disrupt or destroy access to operation quality of service or availability of target resources processes and or data Sec 1 7 e 0 Command and Control provide operator control of deployed cyber capabilities 0 Information Data Collection obtain targeting information about targets or target environments 0 Access establish unauthorized access to a target 0 Enabling provide resources or create conditions that support the use of other capabilities 1 ltb 1 Sec 1 7 e I U Lethal Causing death or permanent injuries to personnel U Malware Software designed to in ltrate or damage a computer system without the owner s informed consent It is a combination of the words malicious and software The expression is a general term used by computer professionals to mean a variety of forms of hostile intrusive or annoying software or program code Sec 1 MN Sec 1 7 e U Mis re The failure of a weapon to take its designed action failure of a primer prOpelling charge transmitter emitter computer software or other munitions component to properly function wholly or in part Note adapted from the JP 1-02 de nition of mis re SEC-REF 1141 U Nonkinetic Refers to actions which do not use forces of 1142 dynamic motion and or energy upon material bodies See 1 143 Sec 1 7 e I 1 144 1145 U Nonlethal Neutralizing or incapacitating a target Without 1 146 causing death or permanent injury to personnel Nonlethal refers 1147 to being relatively reversible and is not required to have zero 1 148 probability of causing fatalities or permanent injuries 1 149 1150 Re1 to USA AUS GBR 14 8 1 1151 mm Sec 14 173 1174 U Physical protection Preservation of the effectiveness and 1175 survivability of mission-related military and nonmilitary 1176 equipment facilities and infrastructure deployed or located Within 1 177 or outside the boundaries of a given area Adapted from JP 3 0 1 178 1179 U Probability of Effect PE The chance of a speci c functional or 1180 behavioral impact on a target given a weapon action 1 18 1 1182 U Response Actions RA See Computer Network Defense 1183 Response Actions above 1 184 1 18 5 U Sec 1 7 e I 1186 acronym used to which are used to SEC-REF 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 mm Sec 1 7 e accessible internet U Target State The condition of a target described with reSpect to a military objective or set of objectives U Targeted Vulnerability An exploitable weakness in the target required by a speci c weapon 0 Objective Vulnerability A vulnerability whose exploitation directly accomplishes part or all of an actual military objective 0 Access Vulnerability A vulnerability whose exploitation allows access to an objective vulnerability U Weapon Action The effect-producing mechanisms or functions initiated by a weapon when triggered the weapon actions of a kinetic weapon are blast heat fragmentation Ilb 1 59 1713 I Sec 1 7 e U Weapon Effect A direct or indirect intended or unintended outcome of a weapon action In warfare the actions of a weapon are employed to create intended effects typically to the functional capabilities of a material or personnel target or to the behavior of individuals 0 Direct Effect An outcome that is immediately caused by the weapon s action Also known as a rst order effect 0 Indirect Effect An outcome that cascades from one or more direct effects the outcome may be several degrees away from the direct effect but the direct effect must be the proximate cause of the eventual outcome Also known as second order effects third order effects etc 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 SEC-REF HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 USSTRATCOM CONPLAN 8039 08 U Base Plan U 1 References a U 3122 030 Joint Operation Planning and Execution System J OPES Volume 11 Planning Formats and Guidance Current as of 17 August 2007 U 3122 01 Joint Operation Planning and Execution System JOPES Volume I Planning Policies and Procedures 29 sep 06 Current as of 6 December 2007 U CJCSI 3110 01F Joint Strategic Capabilities Plan TS 1 Sep 06 U Joint Pub 1 Doctrine for the Armed Forces of the United States 14 May 2007 U Uni ed Command Plan UCP S 5 May 06 U Defense Planning Guidance DPG FY 2004 2009 S May 02 U CDRUSSTRATCOM Implementation Plan IPLAN for assuming the Computer Network Defense CND Mission 14 May 99 U Draft Strategic Guidance Statement for Computer Network Operations S 24 Apr 06 U Computer Network Attack Implementation Plan S NF 26 Jan 00 U Computer Network Attack Concept of Operations S 30 Jun 00 U Delegation of Disclosure Authority Letter National Disclosure Policy Committee Case No 6005-00 Multiple Countries S 7 Jun 00 U National Intelligence Estimate NIE 2004 0 1HC I Cyber Threats to the United States Information Infrastructure S NF 15 Mar 04 SEC-REF 1 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 SECRET m U DODD 0-8530 1 Computer Network Defense CND 8 Jan 01 I1 U 3113 01A Series Theater Engagement Planning 31 May 00 current as of 25 May 05 - U CJCSI 3121 01B Standing Rules of Engagement Standing Rules for the Use of Force for US Forces S 13 Jun 05 Current as of 5 July 2007 U APPENDIX 12 TO ANNEX OPERATIONS JTF GNO OPORD 05-01 Global Network Operations INFORMATION OPERATIONS CONDITION INFOCON EXECUTION PROCEDURES C Rel USA AUS CAN NZL 22 May 06 U DODD Support to Computer Network Defense 9 Mar 01 U CJCS Homeland Security HLS Standing Execution Order USA CAN 1619502 OCT 01 U CJ CS Strategic Plan National Military Strategy Plan for the War on Terrorism Revision 3 TS 032000Z Jan 2002 U Computer Network Defense CND Response Actions RA Concept of Operations S Draft as of 6 May 04 U Guidance for Computer Network Defense CND Response Actions RA Memorandum Signed by We 26 Feb 03 U Contingency Planning Guidance CPG 2005 TS U National Security Systems as de ned in section 5142 of the Clinger-Cohen Act of 1996 U National Military Strategy for Cyberspace Operations S 1 1 Dec 06 U Quadrennial Defense Review S 6 Feb 2006 U SECDEF Memorandum Assignment and Delegation of Authority to Director Defense Information Systems Agency DISA 18 Jun 04 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 aa bb CC dd ee ff 88- hh ii 11 mm SEC-REF U ASD SCI Memorandum DOD Guidance for Computer Network Defense Response Actions U 26 Feb 03 to USA AUS GBR I Sec 1 4 a U Horizontal Command and Control C2 Integration HC2I Concept of Operations CONOPS S Rel USA AUS CAN NZL 20 Dec 05 U JTF-GNO OPORD 03-02 Reconnaissance and Surveillance and Computer Network Defense U FOUO 25 Mar 04 U 6510 01 Defense in Depth Information Assurance IA and Computer Network Defense CND 25 Mar 03 Including Mar 06 Current as of 14 Aug 2006 U JTF-GNO OPORD 05 01 Global Network Operations U U USSTRATCOM Planning Order PLANORD for Ongoing Computer Network Intrusion Activities S Rel USA AUS GBR 17 Oct 2005 U Ampli cation to JFCC NW PLANORD S Re1 USA AUS GBR 09 Mar 06 U USSTRATCOM Joint Concept of Operations for Global Information Grid NETOPS 4 Aug 06 U Forces for Uni ed Commands Memorandum FY06 S 13 Jan 06 U Trilateral Memorandum of Agreement among the Department of Defense the Justice Department and the Intelligence Community Regarding Computer Network Attack and Computer Network Exploitation Activities DOD-JD-IC MOA S FS NF 9 May 07 U Joint Task Force Global Network Operations Implementing Directive 5 Aug 05 U Joint Functional Component Command Network Warfare Implementing Directive 20 Jan 05 SECRET 3 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 SECRET nn U USSTRATCOM Network Warfare CONOP s Re1 USA AUS GBR May 2006 00 U I HS 7 Jul 04 pp U 2003 National Strategy for Securing Cyberspace NS-SC qq U 2003 National Strategy for the Physical Protection of Critical Infrastructure and Key Assets Feb 03 rr U 2004 National Response Plan NRP Dec 04 ss U Joint Publication 3-13 Information Operations 13 Feb 06 tt U Joint Publication 1 02 Department of Defense Dictionary of Military and Associated Terms 12 April 2001 As Amended Through 20 March 2006 uu U The Law of Armed Con ict composed of International Agreements to which the United States is a party and Customary International Law binding on the United States W U United States Code Title 10 Armed Forces W U United States Code Title 18 Crimes and Criminal Procedure xx U United States Code Title 50 War and National Defense yy U United States Code Title 32 National Defense 22 U SECDEF Delegation of Authority to Appoint the Person Serving as Director National Security Agency DIRNSA as Commander Joint Functional Component Command for Network Warfare JFCC NW S 20 Jan 05 U Designation of the Director Defense Information Systems Agency DISA as Commander Joint Task Force-Global Network Operations JTF-GNO 17 Nov 05 U FCC for Space Implementation Directive U FOUO 19 Jul 06 U JFCC for Global Strike Integration GSI Implementation Directive 19 Jul 06 SEC-REF 4 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 SECRET U FCC IMD Implementation Directive U 22 Jan 05 U FCC ISR Implementation Directive U 24 Jan 05 U Strategic Command Directive 527-1 DOD Information Operations Condition INFOCON System Procedures U FOUO 27 Jan 06 U U 3122 07A IJSTO Supplement to Joint Operation Planning and Execution System J OPES S Rel USA AUS CAN GBR 20 Oct 06 U Information Operations Roadmap S 30 Oct 03 U Doctrine for Joint Operation Planning JP 5-0 26 Dec 06 U U Sec 1 7 e updated semiannually S SI NF lfor CONPLAN 8039 U Joint Publication 3 0 Joint Operations 17 Sep 06 111 U W Sec 1 7 e I b 1 Sec11 eSep 06 U Rev 1 Draft 2007 Requirements for Generating Documentation Reviewing and Approving Vulnerability Data U Deterrence Operations Joint Operating Concept 1 9 Jul 06 000 U Joint Publication 6 0 Joint Communications System 20 Mar 06 U CJCSI 5810 010 Implementation of the DOD Law of War Program 31 Jan 07 Operational Concept for Cyberspace OCC DRAFT 2008 S Sec 1 4 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1 U Situation a b U General 1 U This is the United States Strategic Command USSTRATCOM Concept Plan CONPLAN 8039 for Cyberspace Operations CO The strategic goal of CONPLAN 8039 is to ensure US military freedom of action in cyberspace and to be able to deny adversary freedom of action in cyberspace To achieve this goal 17 9 I - cyberspace when directed Additionally the plan calls on Sec 1 7 e This plan is prepared and submitted in accordance with requirements detailed in references a and b and supports the national interests outlined in references 0 through bq H 157mg The prosperity and security of our nation rely on cyberspace to achieve and maintain strategic advantage and strengthen the instruments of national power 3 U The scope of CONPLAN 8039 spans from peacetime through war ghting in and through cyberspace It does not direct but must be able Sec 1 7 e U Areas of Concern For the purposes of CONPLAN 8039 cyberspace is a domain using electronics and the electromagnetic spectrum to store modify and exchange data via networked systems and associated physical infrastructures per reference x Treating cyberspace as a domain see Terms of Reference provides the cyber-terrain where 8039 operations will take place Areas of concern per reference are SECRET 6 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 C d 1 W SECRET Sec 1 4 a this Ian is considered to be I 14 3 as described in the Terms of Reference see Figure Terms of Sec 1 4 a Sec 1 4 a by operations in cyberspace see the Terms of Reference for more detailed discussion on the elements of cyberspace 2 U Operational Area 0A The potential operational area for this plan is the entire cyberspace domain The transregmal global nature of cyberspacellWU133 17 9 I operational area can 59 land 1 wherever the Commander is directed to advance and defend US interests in and through cyberspace The operational area of the plan consists of both the Sec 1 7 e and Ias established by EXORD For more information on cyber engagement criterion see Concept of Operations below Mission execution for CONPLAN 8039 objective driven effects-based and may be impacted from any of Sec 1 7 e I Sec 1 7 e see Figure 1 Terms of Reference For detailed discussion on each sub area see the 8039 Terms of Reference U Effects in cyberspace Effects in cyberspace can be generated by in uencing some or all of its elements the constructs that support these elements or its intended purpose See the Terms of Reference for detailed discussion on the elements of cyberspace cyberspace triangle I Commander USSTRATCOM will utilize 59 Sec 1 4 a I Willsedlraiie in Annex A Appendix 3 as de ned in the Terms of Reference are presented in Annex C IDOD must retain Sec 1 4 a SEC-RESP 7 1 546 Sec 1-4 a 1547 1548 1549 1550 1551 1 552 1 to USA AUS GBR 1553 1554 W See Figure 4 below 1555 1556 1 S Rel to USA AUS GER 1557 mm Sec 1 4 a 1558 MM Sec 1 4 a 1559 1560 Rel to USA AUS GBR I IN- 1561 MN Sec MW 1562 1563 1564 to USA AUS GBR 1 565 Sec 1 4 a 1566 1567 1568 Sec 1 4 a Figure 4 S to USA AUS GBR 020 1 Sec 1 4 a 1 569 1 570 1 571 13 U Qperational See Sec 1 7 e 1572 Sec 17 6 1573 1 574 2 U Critical Factors 1575 1 576 U Strategic 1577 - 1578 Sec mm 1 579 Sec 1 4 a 1 580 SECRET 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 Sec 1 4 a Sec 1 4 a capabilities can be kas described in the Terms of I These Sec 1 4 a Reference Sec 1 4 a I iUltirnately the goal of cyber Flo warfare is Sec 1 4 a Figure 3 Terms of Reference and Figure 5 below Sec 1 4 a Fi Rel to USA AUS GBR re 5 Sec 1 4 a 1 1 4 WHHU 6 3 In order to affect any element of cvberspace the Sec 1 4 a More detailed discussions on SECRET 9 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 SECRET W1 33 are found in Annex C More Sec 1 4 a detailed discussions covering can be found 1n Annexes 85 C 9 U Defensive considerations Optimally actors attempt to gain and maintain con dence in their use 1 Sec 1 7 e listed above Operational planners Sec 1 7 e I Generally as systems become larger and more complex there are more opportunities to exploit 5 U The following rules apply to this methodology 1 U Primacy of purpose The focus of attack on any cyberspace system is to affect that system's intended W Sec We Q U Cascading effects Multiple attacks on varying elements can have cumulative effects and even a single attack can have cascading effects in through and outside of the cyberspace domain s Re1 to USA AUs GBR Sec 1 4 a U Operational 17 3 Sec 1 7 e 3 U Courses of Action 7 Re EBW General bers ace threats are not limited W1 Sec 1-4 a Sec 1 4 a 10 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 Sec 1 4 a I bll113901-4m IThe general Sec 1 4 a 39 14 8 Iwith respect to their effort The Sec 1 4 a Sec 1 4 a However those potential adversaries who DJU jbec 1 415 Strategic Obiectives The principal strategic objectives of an adversarv s offensive CVber operations Sec 1 4 a I Sec 1 4 a - - Thls act1v1ty may fall 1nto more than one category See Annex for a detailed discussion of adversary capabilities and general courses of action erational Ob ectives I sec 17 3 operational-level objectives f U Friendly Forces 1 U Center of Gravity COQI WEI-136W Strategic For the purposes of CONPLAN 8039 COG analysis will cover Sec 1 4 a Sec 1 4 a and critical capabilities based on analysis conducted per ref bk 1 U Leadership Represents those individuals within DOD who can in uence critical missions and processes within cyberspace Senior Leadership includes the President of the United States POT US the SECDEF and those subordinate of cers appointed by POTUS and SECDEF SECRET 11 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 SEC-REF I10 U Population In this context is the aggregate of the US residents and their will to pursue national objectives and support leadership loo U Fielded Forces Are those DOD forces organizations who conduct military operations within cyberspace Figure 6 below illustrates relationships between critical capabilities as crucial enablers for COGSSec 1 4 a Figure 6 Friendly Center of Gravity U Operational See Annex for friendly operational-level COG analysis 2 U Critical Factors U Strategic 1 Friendly Critical Capabilities CCs The US utilizes cyberspace to enable the following functional critical capabilities ref Sec 1 4 a Sec 1 4 a see Terms of Reference tor cyberspace elements 2 WW Friendl Critical Vulnerabilities CVs Friendl CVs are Sec 1 4 a U Operational More detailed blue force operational critical factor analysis will be conducted in Annex C SECRET 12 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 g SECRET 3 U Composition Friendly forces consist of combatant commands allies services and agencies Outside of DOD the Computer Emergency Response Teams CERTs and the DHS law enforcement agencies LEAs and counterintelligence CI organizations collectively provide manage and maintain cyberspace command control communications computers and intelligence C41 systems for the USG W W 1 S Sec 1 4 a 2 Wei 159W Adversaries are and will Sec 1 4 a 3 U Sec 1 7 e I Sec 13 Iadversary s Objective 5 I Sec 1_7 e w- 6 Methods will be developed that can Sec 1 4 a 7 U Working relationships will exist with military and civilian Law Enforcement Agencies and Counterintelligence organizations to facilitate identi cation and apprehension of persons responsible for attacks and or intrusions on DOD computers and DOD computer networks of the GIG 8 Si The United States I ICYberspace operations 9 U Planning and conduct of cyberspace operations requires the integration of other elements of national power 13 1774 h U Limitations 1775 1776 1 U Constraints 1777 1778 U Combatant commands will coordinate their planning with 1779 CDRUSSTRATCOM 1780 1781 U CDRUSSTRATCOM will coordinate planning with other 1782 combatant commanders 1783 1784 S Rel to USA AUS I 1785 bx 1 Sec W3 1786 1787 1788 1789 mmsec 14 8 must be in compliance with US law and 1790 DOD Policy 179 1 1792 1W Restraint Don 1793 mm Sec 1 4 a 1794 1795 1796 1797 i U Legal Considerations 1798 1799 1 1800 militarv 1 80 1 b 1 Sec 1 4 a 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 2 Mission CDRUSSTRATCOM plans and 18 1 5 directs integrated DOD operations in and through cyberspace Sec 1 4 1816 CONPLAN 8039 contemplates 14 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 3 U Execution a Concept of Operations 1 Puggose The purpose of this plan is to provide a framework for cyberspace planning and to develop a structure for pre-planned authorities to conduct operations in and through cyberspace Additionally this plan b 1 Sec 1 4 a 2 U Method The plan will U Describe the operation and defense of the GIG U Provide the context for a common planning structure 0 U Develop a system of RAS and Cyber Engagement Criteria for execution of pre-planned activities and authorities U Clarify global vs regional roles and responsibilities and lays out coordination methods and instructions 3 End-state At the end state the US Sec 1 4 a - 14 8 Per refs and x CONPLAN 8039 will support the following termination criterion that support this end-state S Rel to USA AUS Fb 1 Sec 1 4 a I Rel to USA AUS GER W1 Sec 1 4 3 b 1 SeC 1 4 a C Rel to USA AUS I Sec 1 4 a I S Rel to USA AUS Rel to USA AUS I Sec 1 4 a - I SECRET 15 SECRET 1866 1867 WEI-56W Cyberspace capabilities provide 1868 Sec 1 4 a 1869 1870 1871 Re1 to USA AUS 1872 1873 1874 to USA AUS 7 1875 Sec 1 4 a 1876 1877 U Adversaries are deterred from establishing or employing 1878 offensive capabilities against US interests in cyberspace 1879 1880 U Adversaries who jeopardize US interests in cyberspace 1881 are defeated 1882 1883 U DOD is postured to support homeland security critical 1884 infrastructure protection and provide civil support 1885 1886 U US allies and coalition partners have freedom of action 1887 to operate in cyberspace 1888 1889 b WW General 1890 1891 1 U Common Context In order to accomplish its UCP mandated 1892 cyberspace mission outlined in ref e CON PLAN 8039 1893 establishes a common context with regard to cyberspace 1894 domain for military areas of operation and activities This 1895 common context is established through the planning construct 1896 and the contents of the Terms of Reference 1897 1898 2 U Identify Threats and Prioritize Planning Efforts 1899 1900 190 1902 plan Combatant commanders who deviate from the 1903 Elm Sec 17 6 will provide rationale to 1904 CJ CS before developing courses of action 1905 1906 The United Sates information infrastructure is 1907 Sec 1 4 a 1908 1909 1910 19 1 1 16 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 Sec 1 4 a C SW I W1 Sec 1 4 8 JRapid Changes in technology the integration of telecommunications and computer I Sec 14 3 3 U Plan CONPLAN 8039 will provide the methodology for cyberspace Sec 1 7 e W Actors Broadly characterized as follows excerpted and summarized from the National Institute of Standards and Technology NIST 800-82 1 U National Governments Foreign Intelligence Services Characterized by sophisticated well funded programs to develop cyber tools capable of causing a full spectrum of effects from propaganda and low-level nuisance web page defacement to pervasive espionage to widespread long duration damage to US critical interests and infrastructures SECRET 17 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 Sec 1 4 a mm sec the tollowmg to mm Sec tats Scenarios no lo lO l SEC-REF U Terrorists Characterized by a desire to destroy incapacitate or exploit critical infrastructures in order to threaten national security cause mass casualties weaken the US economy and damage public morale and con dence Terrorists' cyber efforts are less sophisticated than nation states but are increasingly dangerous and effective as their technical sophistication increases U Criminal groups International organized crime and industrial espionage is less directly threatening to US security interests due to a focus on pro t motive Nonetheless this category of actors presents a threat due to their ability to hire develop and retain sophisticated talent and tools U Hacktivists Hacktivists form a small foreign population of politically active hackers that includes individuals and groups with anti US motives They pose a medium-level threat of carrying out an isolated but damaging attack Most hacktivist groups appear bent on propaganda rather than damage to critical infrastructures Their primary goal is to support political agendas with sub goals of propaganda and causing damage to achieve notoriety for their cause U Hackers This category includes a wide variety of sub categories including Phishers Spamers Spyware Malware Authors Script Kiddies and professional Black Hats In general the large majority of hackers do not have suf cient talent to threaten dif cult targets such as critical US and defense systems Nonetheless the large global population of hackers poses a relatively high threat of disruptions in a variety of networks and systems with potential for property damage and loss of life As the hacker population grows so does the likelihood of an exceptionally skilled lucky or malicious hacker attempting and succeeding in an extremely damaging attack - Scenarios 030 1 Sec 1 4 a I lspeci c SEC-REF 18 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 I10 SEC-REF I ref Planning support to applicable USSTRATCOM CONPLANS OPLANS 03 1 Sec 1-4 a I etc Rel to USA AUS I Sec 1 4 a C U Objectives an 1 Ito U For the purposes of this plan CONPLAN 8039 will use the I derived from refs c e h and x a 18-min Sec 1 4 a 1 This also includes coordination 59 1-4 a I and the Sec 1 4 a I in securing US cyberspace in support of the respective Combatant Commanders DWI Sec 14 8 3 mm Sec 1 4 a I Sec 1 4 U CONPLAN 8039 will support objectives and operations based on a When CDRUSSTRATCOM is the supported commander in response to a cyber threat CONPLAN 8039 will provide the means to mm Sec 1 4 a 19 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 SECREF W When CDRUSSTRATCOM is the supported commander for erations in and through cvberspace mm 33 I I Icyber effects will be based on W1 Sec '1 WW When CDRUSSTRATCOM is supporting commander to other Combatant Commanders will rovide su - orting cyber effects CONPLAN 8039 Sec 1 4 a This also includes coordination 1- BC a I For timing and tempo of operations USSTRATCOM assigned cyber forces will follow the supported commander or agency's planned construct W In order to successfully execute operations in and through cyberspace supported combatant Sec lobiectives and hm Sec 14 8 20 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 Sec 1 7 e Lm WWEim I 11 6 1 2 U U S 1 3 U US 1 4 U us 1 5 U US 1 6 U U S Sec 1 7 e 2 1 to USA AUS GBR Sec 1 4 a 2 2 to USA AUS GBR 2 3 to USA AUS GBR 2 4 to USA AUS GBR 2 5 to USA AUS GBR 2 6 to USA AUS GBR Sec 1 7 e to 3 2 to USA AUS GBR 3 3 Sf Rel to USA AUS GBR 3 4 to USA AUS GBR 3 5 to USA AUS GBR 3 6 to USA AUS GBR ction Example to USA AUS Sec 1-4 a U Attack adversary critical vulnerabilities in cyberspace U Defend critical vulnerabilities through implementation of cyberspace defense-in-depth measures Figure 7 W Synopsis of key CONPLAN 8039 execution concepts 111 W Sec 14 a planners will consider Sec 1 4 a 21 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 SEC-REF 121 Sec 1 4 a When planning in support of other plans planners Sec 1 4 a as de ned in ref 0 131 W 1415' I When Sec 1 4 a U Per ref bi the supported commander plans joint Operations based on analysis of national strategic objectives and development of theater objectives supported Sec 17 9 I Sec 1 7 e - U Planning 1 Planning will consider all Sec 1 4 a and COA development bx 1 Sec 1 4 a 1 4 Speci c mission analysis and COA development 14 8 Sec 1 4 Further information on 1 3691 46 land COA develo ment can be found in Annex and Sec 1 4 a Upon request for CONPLAN 8039 support USSTRATCOM will collaborate with Sec 1 4 a services agencies C As should be included in the planning process for coordination and decon iction 3 USSTRATCOM may request Sec 1 4 a I SEC-REF 22 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 SEC-REF Sec 1 4 a Ito support objectives In instances where another CCDR supported CDRUSSTRATCOM will facilitate this coordination USSTRATCOM will work with the Of ce of the Secretary of Defens Staff to Sec 1 4 a OSD and Joint W Sec 1 4 a I Sec 1 4 a Sec 1 4 a land will be approved via the EXORD that authorizes the supported operation or a separate EXORD if needed The criteria Sec 1 4 a see Figure 8 below will be dependent upon Sec 1 4 a Figure 8 S Rel ta Semiafj Note 1 mm Sec 1 4 a Reference pan be found in the Terms of Note 2 Authorities listed are onlv exemplarv in nature Anv Sec 1 4 a Note 3 Large indicates 15N1JSecl-4 a Sec 1 4 a A need to use SEC-REF 23 Sec 1 4 a 2175 2176 2177 a Wme Sec 1 4 a A more 2 178 Sec 1 4 a 2179 2180 2181 2182 2 1 83 2184 2 1 85 2186 The planning effort must address the need fee 1 2187 that supports the 2188 access development of desired 39 14 8 I 2189 2190 W 219 1 39 1 not normallv 2 Sec I 2193 2194 2195 2 196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 mm Sec 14 6 Mn I 2207 mm Sec mm lsee Terms of Reference 2208 These de nitions will be used when making 2209 Sec 1 4 a I I 2210 W 33 14 8 'thin the purview of CONPLAN 8039 The 22 1 1 robablel'W Sec 14 8 2212 2213 2214 2215 Authorities The level of authori is enerally 22 1 6 Sec 1 7 e 2217 engagement 17 3 I wi11 normally 2218 be associated I 2219 E N lsec 13 9 I Independent of the scale of the SEC-REF 24 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 SEC-REF cyber engagement criteria I W1 39 1-7 e mu Sec 1 7 e The engagement criteria which encompasses the 35791-49 I I m Sec We will be delineated in the applicable EXORD Within that EXORD Sec 1 4 a 4 W 90139014611 8039 will support of assigne objectives U General 1 Upon plan approval and appropriate authorities granted via EXORD CONPLAN 8039 will be used to 1-403 Sec 1 4 a 901590149 IOperations will be coordinated with Combatant Commanders during the planning and execution phase to mitigate functional mission 5 impact 2 874% On order CONPLAN 8039 I Sec 1 4 a 14 5 'Iand other numbered plans 3999- vaerspace desired effects 1 This plan will de ne the range of effects in cyberspace by usingI b 1 Sec 1 7 e I Terms of Reference 2 I87 3 REL To assist planners in buildin see Te 8 of 25 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 SECREF lbefore a FC must seek additional authorities CONPLAN 8039 will use them as one of the components of I Sec 1 4 a lavailable to the JFC but onlv by receiving speci c permission from the Sec 1 4 a I I U _Iin cyberspace In order to in cyberSpace USSTRATCOM 1 Sec 11 6 I These capabilities are all employed in support of the FC Sec 1 4 a W recomizes there are 1' 1_4 a I For prospective supported and supporting commands USSTRATCOM has assigned component focal points for CONPLAN 8039 Iin and through cyberspace In each Sec 14 8 Speci c details outlining these supporting concepts and how each USSTRATCOM component 8039 can be found in Annex C Ito Sec 1 4 a Sec 1 4 a i I This is accomplished by comparing Sec 1 4 a A 26 2312 2313 2314 2315 2316 2317 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 SEC-REF Sec 1 4 a lshoul be Viewe as a way to planner must rst understand thellb'lmSec and then hm Sec 14 3 - Io Sec 1 4 a I Planners ould recommend thelwx S c I types that I 1 4930mmanders should ensure that thesellbm 39 b 1 5ec 1 4 a I mm necessary to to achieve the commander s objective Again it is important to emphasize I In some cases it may be Sec 1 4 a 5 U Operations As in the physical domains bm Sec 17 9 Sec 1 7 e discussion and terminology can be found in the Terms of Reference This need for increasing Sec 1 7 e I usually require supplemental I Exemplar supplemental ROE outside of ref 0 are detailed in Annex J Example Supplemental ROE I Sec 1 7 e I Su ortin Command USSTRATCOM will normally 39 las the supporting commander to other USSTRATCOM will follow construct de ned by the supported commander or activity and employ cyber forces and execute operations in support of plan objectives General discussion on USSTRATCOM cyberspace support is found in applicable USSTRATCOM supporting CONPLANs More detailed handling of these activities will be captured in Annex Sec 1 7 e I SEC-REF 27 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 SEC-REF U Supported Command When CDRUSSTRATCOM is C designated the supported commander against cyber threat actors CONPLAN 8039 will use We outlined in ref bi See 39390 17 9 Sec 1 but the process is Situation dependent and commanders lave the exibility to employ or recommend any appropriate approved responses at any time Sec 1 4 a 1-403 Iallows military commanders to develop Sec 1 4 Process Typically Sec l1 4 a Sec 1 4 a S c 1 4 a Sec 1 4 a Sec 1 4 a I If existing accesses to the are suf cient Sec 1-4 a IN Risk Relationship When considering requesting or authorizing sfbb nanders should balance thelEm Sec 1 4 a Sec 1 4 a relationship between I commanders should I authority tol Sec 1 4 a Emmet MM generally granted through an EXORD When CDRUSSTRATCOM is the supported commander this authority maybe delegated to the JFCC NW Commander SECREF 28 00 Authorities IAW ref 0 the 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 W bmsec 14 3 I See Figure 9 SEC-REF Further discussion of Sec 1-4 a Sec 1 4 a below for a summary Sec 1 4 a discussed below Each of thelu ' Sec 14 8 Sec 1 4 a Sec 1 4 a Figure 9 S Re1 to USA AUS GBR Sec 1 4 a EXAMPLE Re1 to USA AUS I Commander's Intent Support US government efforts Sec 1 4 3 29 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 2439 2440 2441 2442 2443 2444 2445 2446 Sec 1 4 a WW Sec 1 4 a mm Sec 1 4 a Sec 1 4 a Sec '1 4 a COOperatlon even w1th1n the context 01 the cyberspace mission area Sec 1 4 a mm U Sec 1 7 6 general Sec 1 7 e IT he following are Sec 13 9 mm Sec 30 Sec 1 7 e I 2 1 Rel to USA AUS Sec 1 4 a 2 1 1 Rel to USA AUS Sec 1 4 a Sec 1 4 a 2 1 2 S Rel to USA AUS Sec 1 4 a 2 1 3 IRel to USA AUS Sec 1 4 a USA AUS Sec 1 4 a 2 2 1 Rel to USA AUS Sec 1 4 a Sec 1 4 a SFC 14 3 Sec 1 4 a 2 2 2 Rel to USA AUS Sec 1 4 USA AUS Sec 1 4 a 2 3 1 Rel to USA AUS Sec Sec 1 4 a W1 Sec 2 3 2 S fRel to SA AUS Sec 1 4 a Sec 1 4 a 2-3-3 s Re1 to USA AUS 2 4 Rel to USA AUS Sec 1 4 a Sec 1 4 a Sec 1 4 a Sf'c f kaj 2 4 2 Rel to USA AUS Sec 1 4 a Sec 1 4 a 2 4 3 fRel to USA AUS 33 Sec 1 4 a SEC-REF 31 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462 SECRET 2 5 Rel to USA AUS Sec 1 4 a 2 5 1 Re1 to USA AUS Sec 1 4 a SEE 2 5 2 Rel to USA AUS Sec 1 4 a Sec 1 4 a 2 5 3 Re1 to USA AUS Sec 1 4 a 2 6 Rel to USA AUS Sec 14 3 Sec 1 4 a 2-6-1 Re1 to USA AUS Sec 1 4 a Sec 1 4 a Sec 1 5 3 2 6 2 Sf Rel to USA AUS Sec 1 4 a m0 Sec 1 4 a 2 6 3 to USA AUS Sec 1 4 a Sec 1 7 e 3 1 Rel to USA AUS b 1 Sec1 a 3 2 Rel to USA AUSUSA AUS Sec 14 a Sec 1 4 a 3 4 Rel to USA AUS Sec 1 4 a 3 5 lSi iRel to USA AUS GBR M1 Sec 14 3 Sec 1 4 a 3 6 Rel to USA AUS Sec 1 4 a Figure 10 Re1 to USA AUS i Rel to USA AUS 1 4 a Sec 1 4 a a 19 1 Sec 1 4 a Normall the JFC mm Sec 14 8 39 1- Bherations and authorities in 39 14 3 I I I Sec 1 4 a Sec 1 4 a Therefore 8 ecial circumstance SEC-REF 32 7 2463 2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 SEC-REF W accomplishment In order to it sectm I the JFC is normallvl b 1 Se 1 4 a Sec 1 4 a 2 Rel to USA AUS GBR Sec 1 4 a 5 U Execution Speci c details on how cyber forces will execute their mission will be covered in Annex and in Sec 1 7 e l9 Execution activities are identi ed Wei tow Sec 1 4 a IThese are activities that are Sec 1 4 a Sec 1 4 11 9 S Rel to USA AUS I Sec 1 4 a IQ - Rel to USA AUS sec 1_4 a WW 33 2508 2509 2510 2511 2512 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535 2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 2552 2553 SEC-REF 6 Cyber forces will Sec 1 4 a I I Also other domain_ 14 3 _ operations in and throu bers ace eci c details on how 0 ber Sec 1 4 8 WSW us 1A8 the cvber campaign progresses the supported FC must Sec 1 4 a I Refer to the Executive Summary b 1 8ec 1 4 a and Sec 1 4 a UHEJM Sec 1 7 e 1 Se Sec 1 4 a hm Sec 14 8 Ithe JFC can prioritize defense readiness based on likely addition the FC canm1 se 1i4 a I I Ibased 0 increased Operational requirements for US cyberspace to function A method to describe this is See Figure 8 above to - 1 1 WW may use Sec 1 4 a Sec 1 4 a I SECRET 34 2554 2555 2556 2557 2558 2559 2560 2561 2562 2563 2564 2565 2566 2567 2568 2569 '2570 2571 2572 2573 2574 2575 2576 2577 2578 2579 2580 2581 2582 2583 2584 2585 2586 2587 2588 2589 2590 2591 2592 2593 2594 2595 2596 2597 2598 2599 Speci c details on will be covered in Annex As outlined above CDRUSSTRATCOM can be the designated supported or supporting commander for operations in and through cyberSpace I a W Supported Commander As the supported commander CDRUSSTRATCOM will 1 W Determinelwwsec14 3 Sec 1 4 a attain the objective 21 Highlight the Sec 1 4 a 31 13999 Io emphasize the desired end state Some cvberspace om Sec 1 7 9 41 F999 Provide guidance on his objectives desired Sec U Supporting Commander As the supporting commander CDRUSSTRATCOM will assist the supported FC to accomplish the above tasks from a cyberspace perspective as required General discussion on USSTRATCOM cyberspace support is found in applicable USSTRATCOM supporting CONPLANS Speci c details on USSTRATCOM cyberspace operational support will be provided in Sec 1 7 e I 030 1 Sec 1 4 a I SEC-REF 35 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 2632 2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 2643 2644 2645 SECRET U Commander's Intent I mm Sec 1 7 e establish maintain normal operations of the DOD Sec 1 7 e I hm Sec 11 6 IN Unwmsec We loperations are characterized by Sec I Iphase in that it is largely characterized speci cally supportl USec 1 7 e Sec U I IThat sections lists general Operational Ile 390 17 9 I Sec 1 7 e SUpport I action in cyberspace and support to other 0 erations through cyberspace will be covered in I mu Sec W M Sec 1 4 a bmSec We I Normanv the JFC 1M8 Therefore special circumstance and authorities 1'fl iixlust be provided in order to Sec 1 4 a I s Re1 to USA AUs 130 1 Sec 1 4 a - 36 2646 Sec 1 4 a 2647 2648 2649 2650 9 Re1 to USA AUS 26 5 1 I mm Sec 1 4 a 2652 2653 2654 2655 5 U Execution Seebove 2656 2657 - A See 2658 2659 2660 1 4 a 2661 2662 14 5 The bers ace lanner should 2663 consider WT 2664 then crafting 2665 options for the commander 2666 2667 S Re1 to USA AUS 2668 2669 Commander's Intent Prepare 2670 b 1 Sec 1 4 a 267 1 2672 2673 2674 2675 2676 2677 2678 2679 2 U Timing operations in and through 2680 cyberspacelmm 39 13 9 2681 to expand friendly freedom of action in bers ace 2682 continue while the 2683 Iwith the intent 2684 of resolving the crisis at the earliest opportunitv The 2685 supported - 2686 Sec 1 7 e 2687 2688 2689 2690 269 1 37 2692 2693 2694 2695 2696 2697 2698 2699 2700 2701 2702 2703 2704 2705 2706 2707 2708 2709 2710 2711 2712 2713 2714 2715 2716 2717 2718 2719 2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733 2734 2735 2736 2737 SECRET across through the DOD GIG Sec 1 7 e IQ 1U Objectives and Sec 1 7 e Sec 1 7 e I43 W M Sec 1 4 a Sec 1 4 a $13 Normally the FC will consider 1 Sec 1 4 a 1 Sec 1 4 a Sec 1 4 a lThe FC is normally focused on bx 1 Sec 1 4 a Sec 1 4 a IO The FC will consider using Sec 1 4 a Sec 1 4 a U m I and will be less concerned with 9 WW See Sec 1 4 a I - - operations Imusec 14 3 I The Cyberspace planner must consider Sec 1 4 a Rel to USA Aus GER if attributed in when crafting options for the commander U Commander's Intent Sec 38 2738 2739 2740 2741 2742 2743 2744 2745 2746 2747 2748 2749 2750 2751 2752 2753 2754 2755 2756 2757 2758 2759 2760 2761 2762 2763 2764 2765 2766 2767 2768 2769 2770 2771 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 I0 I-D- SEC-REF cyberspace In addition USSTRATCOM ma be called upon to Sec 1 7 e Sec 1 U Sec 13 9 Sec 1 7 e FC will not norma11y1 33 17 9 111 Fth supported FC will consider progressing to Sec 1 7 e U Obiectives and WW Sec 1 7 e Sec 1 7 e W E Rel to USA AUS GBR I Sec 1 4 a Re1 to USA AUS GBR Sec 1 4 a 9 Rel to USA AUS GBR Sec 1 4 a 39 2784 2785 2786 2787 2788 2789 2790 2791 2792 2793 2794 2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 2805 2806 2807 2808 2809 2810 2811 2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 1 SEC-REF U Execution I See bxn Sec 1 4 a I to USA AUS I Sec 1 4 a S Rel to USA AUS I 1 Ito U Commander's Intent Sec 1 7 e U Timing Thel k x' Sec 17 9 s typically characterized by a change Sec I Sec 1 7 9 mm Sec 1 7m Ito ensure that the situation leading to the original crisis does not reoccur and or its effects are mitigated Throughout this segment the FC continuously assesses the impact of current cyberspace operations Emsec 13 9 Sec 1 7 e U Objectives and 33 17 9 I W1 Sec 1 7 e I U Risk Sec 1 4 a I b 1 3ec 1 4 a I Normally 4o 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869 2870 2871 2872 2873 2874 SECRET the JFC is I En order to I lthe JFC is normallv more focused Sec 1 4 a 9 In order to minimizelwl Sec 4 a in Sec 1 4 a 5 U Execution See Wuwmwecmm Sec 1 4 a I Sec 1 4 a Sec 1 4 a operations The planner must consider Sec 1 4 S Rel to USA AUS I Commander s Intent Provide su ort as a licable Sec 1 7 e 'Wll'sec 191 pf cyberspace systems and or infrastructure as directed U Timing Iis predominately characterized by cyberspace The goal is for cyberspace forces Sec 1 7 e 41 2875 2876 2877 2878 LU Obiectives 2379 Sec 1 7 e 2880 2881 a U gigs 2882 2883 a 51 Re1 to USA AUs GER 2 2884 2885 2886 2887 2888 2889 2890 2891 9 I 2893 14 3 I the FC is normally more focused 2894 on Sec 14 3 2895 Sec 1 4 a - 2896 2897 2898 2899 9 WW Sec 1 4 a 2900 In order to minimize 399148 2901 M0 Sec 1 4 a 2902 2903 2904 U Execution 2905 2906 9 WW W1 Sec 14 8 See 2907 - 2908 2909 1 Sec 14 8 2910 I The 291 1 cyberspace planner must I 2912 - 29 13 29 1 4 2915 c c U Tasks 2916 2917 1 HO USSTRATCOM 29 18 2919 U Provide Commander's Intent by developing Operations 2920 Orders OPORDs and Execution Orders EXORDS to SECRET 42 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930 2931 2932 2933 2934 2935 2936 2937 2938 2939 2940 2941 2942 2943 2944 2945 2946 2947 2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 2962 2963 2964 2965 2966 SEC-REF support strategic global DOD cyberspace operations as necessary U Provide an updated Commander s Intent with regard to cyberspace operations prior to execution of operations and I b 1 Sec 1 7 e U Ensure As contingency and crisis plans for C0 are integrated and coordinated across the DOD GIG U Sponsor development of CO crisis action plans policies and doctrine in order to support and Sec 1 7 e Develop strategic-level plans to Sec 1 4 a U Advise and coordinate with supporting and supported commander on matters concerning the employment and limitations logistics of such support assist in planning for the integration of such support into the supported commander's effort as a whole and ensure that support requirements are appropriately communicated within USSTRATCOM U Coordinate with combatant commanders to review and update their prioritization assessment for defense and reconstitution of their networks Assessments shall identify current mission critical mission-essential and mission- support networks Wei 5W Per ref c coordinate planning with other combatant commanders to include assisting combatant commander-shin Sec 1-4 a I U Support and coordinate CO information sharing with alliance and coalition partners concerning any ambiguous emerging threats based on guidance provided in the approved Delegation of Disclosure Letter ref k and applicable Memoranda of Agreement Memoranda of 43 2967 2968 2969 2970 2971 2972 2973 2974 2975 2976 2977 2978 2979 2980 2981 2982 2983 2984 2985 2986 2987 2988 2989 2990 2991 2992 2993 2994 2995 2996 2997 2998 2999 3000 - 3001 3002 3003 3004 3005 3006 3007 3008 3009 3010 3011 SECRET Understanding Coordination and agreements will be IAW CJCSI 2300 01A and CJCSI 5130 01A Disclosure of classi ed information will be IAW CJCSI 522 1 0 1A U Maintain liaison with appropriate government agencies with OSD and Joint Staff oversight for CO and COA development U Based on guidance provided in approved information In releasability policies and procedures support and advocate increased information sharing with the private sector 1 U Per ref j and Annex C conduct Computer Network Assessment Conferences NACs U Prior to execution of CON PLAN 8039 Ito U Prior to changing phases when not preempted by pre planned responses Io U Prior to providing recommendations for the use of the elements of national power in cyberspace operations to SECDEF U Prior to deveIOping conventional and Special operations CO and other IO COAs 14 - U Communicate to the DOD Chief Information Of cer CIO the level of agility and responsiveness of the DOD GIG to conduct CO USSTRATCOM shall also identify to the DOD CIO threats to the DOD GIG DOD CIO has legal responsibility under the Clinger-Cohen Act of 1996 to acquire architectural and con guration control over the DOD portion of the DOD GIG U Reference COOP IAW ref bl in order to conduct operations when the ability to access the DOD GIG is denied O W Identify desire Sec 1 4 a in support of other combatant commanders as directed 44 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 3026 3027 3028 3029 3030 3031 3032 3033 3034 3035 3036 3037 3038 3039 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 3057 SEC-REF W and coordinate approval with SECDEF and As as required U Exercise command and control of selected missions as directed U Assess the operational impact of recommended CO response actions 8 U Gather analyze and report at the strategic level combat assessment information necessary for continued defending defeating operations U As approved by the Secretary of Sec 1 7g as necessary U Provide technical planning and or operational offensive ber-related advice and on re uest actions to contain Sec 11 8 I I in their AORs Sec 1 4 a With respect to cyberspace W W Identify and request b 1 Sec 1I 4 a Sec 1 4 a V W Identify and X W Request from Sec 1 4 a Develop and maintain Sec 1 4 a cyberspace forces and activities 2 U Maintain network defense baseline for the DOD GIG aa W Disseminate to As I Sec 1 4 a SECRET 45 3058 3059 3060 3061 3062 3063 3064 3065 3066 3067 3068 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 Sec 1 4 a bb U As needed develop and request supplemental ROE from the SECDEF cc Sec 1 4 a 4 dd W Continue and or expand the Sec 1 4 a ec 1 4 a ee W Develon and coordinate 1 Plan coordinate and Sec 1 4 a I on assessment and recommendation from o1nt ask Force Global Network Operations ff Re1 to USA AUS GBR mm 880 1 4 a Sec 1 4 a gg U Coordinate enhanced information sharing with allies coalition partners and the private sector based on approved Delegation of Disclosure Authority Of cial memorandum ref 1 and approved USSTRATCOM is the OPR for all 2 U USSTRATCOM Components when directed will U Recommend changes to daily operations network con gurations as a result of lessons learned bl U Reference reSpective Sec 1 7 e U Coordinate with HQ USSTRATCOM on matters pertaining to CO Implement DOD-wide CO directions from CDRUSSTRATCOM for applicable networks SECRET 46 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130 3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141 3142 3143 3144 3145 3146 3147 3148 3149 SEGRE-I F999 Direct and monitor compliance including CTOs Communications Tasking Order IAVAs Information Assurance Vulnerability Alerts and IN FOCON Information Operations Condition of indigenous networks with approved DOD policies and procedures that regulate operations in the DOD GIG see Annex Operations and report as required F1999 Coordinate execute and or direct support troubleshooting and restoration actions for internal networks and systems as required 1 F999 Monitor named areas of interests NAIs in support of JTF-GNO to detect threat activity against the DOD GIG see Annex C Operations F999 Implement response actions in support by IAW SROE to correct faults defeat threat activity and deliver priority information across the DOD GIG see Annex C Operations F999 Implement contingency operations in support of JTF-GNO to restore capability and strengthen the DOD GIG against further faults threats and information gaps across the DOD GIG see Annex C Operations F999 Report to status of internal worldwide terrestrial space and wireless transmission systems and enterprise services and facilities F999 Establish in support of JTF-GNO procedures for dissemination of network operations NETOPS related advisories alerts and warning notices P999 Conduct nodal analysis of internal networks to determine Critical Nodes provide this information and assist and HQ USSTRATCOM with defense and or recovery restoration operations as required 1 U Provide recommendations to HQ USSTRATCOM for policy planning ROE COAs INFOCON changes requirements and mission tactics techniques and procedures TTPs U Operations will be coordinated with Combatant Commanders during the planning and execution phase to mitigate functional mission impact SECREI 47 SECRET 3150 U The following USSTRATCOM Component commanders 3151 have speci c tasks in support of CONPLAN 8039 3 1 52 3153 1 U Joint Functional Component Command Global Strike 3154 85 Integration J FCC GSI when directed will 3 155 3156 a U With component support will maintain common 3157 situational awareness for the headquarters and 3158 incorporating CO capabilities into integrated solutions 3 159 for USSTRATCOM operations as a supported 3 1 60 commander 3 1 6 1 3162 U Through the Global Operations Center GOC 3163 USSTRATCOM Integration Operations Center SIOC 3164 and Joint Planning Working Group J PWG will 3165 integrate 10 with all USSTRATCOM capabilities to 3166 assure the range of military operations is provided for 3167 DOD activities and operations 3 168 3169 9 Develop Operational level 3 170 plans 3171 W1 Sec 3172 I'mm'qa I COAs must include various 3 1 mes I 3174 Sec 1 4 a I 3 17 5 3 176 W Establish 33 I 3 Sec 1 4 a I 3178 W 39 14 a cyberspace 3 1 79 3 Sec 1 4 a 3181 lb 5 perations planning and 3182 a 3183 to rovide 3 184 1-4 a 3 1 85 3186 U Joint Task Force Global Network Operations 3 187 GNO when directed will 3 188 3189 a U Develop cyber-related defense COAs in 3190 coordination with FCC NW IOWC and affected 3 191 As as applicable that deter or defeat 3192 unauthorized activity targeted against the DOD GIG 3193 Submit to HQ USSTRATCOM for approval 3 194 SEC-REF 48 3195 3196 3197 3198 3199 3200 3201 3202 3203 3204 3205 3206 3207 3208 3209 3210 3211 3212 3213 3214 3215 3216 3217 3218 3219 3220 3221 3222 3223 3224 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234 3235 3236 3237 3238 3239 IO ID - ICD lD SEC-REF U As directed conduct strategic global cyber related defense operations to defend use of cyberspace U Coordinate development and planning of cyber related defense measures with DOD and non DOD organizations and agencies This includes coordination with the DHS through the US CERT and the during actual or potential cyber incidents Submit to HQ USSTRATCOM for approval U Provide coordination and technical assistance to As to minimize and decon ict operational impacts resulting from changes in INFOCON levels This includes Coordination with the DHS through the US CERT and the during actual or potential cyber incidents that may impact U S cyberspace outside the DOD GIG U Provide the consolidation of information from the service CERTs to all appropriate As U Coordinate for enhanced information sharing with allies coalition partners and the private sector based on approved Delegation of Disclosure Authority Of cial memorandum ref k and approved 12999 Coordinate with the Law Enforcement Counterintelligence Center LECIC Defense Criminal Investigative Organizations DCIOs Liaison Officers for support of Service federal state and local law enforcement and counterintelligence agencies to counter mitigate or halt threats to the DOD GIG U Monitor and analyze intrusions and other cyber incidents of interest against the use of cyberspace and provide operational impact assessments to CDRUSSTRATCOM in coordination with service CERTs DOD and service intelligence agencies U Monitor As compliance with IAVAs and status of waivers and advise CDRUSSTRATCOM on matters pertaining to vulnerabilities of DOD cyber systems 49 3240 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3252 3253 3254 3255 3256 3257 3258 3259 3260 3261 3262 3263 3264 3265 3266 3267 3268 3269 3270 3271 3272 3273 3274 3275 3276 3277 3278 3279 3280 3281 3282 3283 3284 3285 it IE IS I0 la SEC-REF U Provide situational awareness COP regarding the defensive status of the DOD GIG to As This includes coordination with the DHS through the US CERT and the during actual or potential cyber incidents U Provide tactical warning to As for defense of the DOD GIG U Sustain access to GIG backbone services U Monitor INFOCON levels and implemented actions of As U Provide and track waivers to selected IN FOCON actions that cause unacceptable operational mission impact to As U Coordinate with appropriate organizations to institute additional protection and defense measures to include using INFOCON procedures U Provide operational assessment of GIG network performance after attacks or intrusions have occurred to HQ USSTRATCOM SECDEF CJCS and the As as required U Work with As as required to develop assessment of operational impact of attacks and intrusions against DOD cyber systems U Direct and coordinate restoration efforts This includes determining and directing global alternate routing efforts and prioritization of network assets during network outages attacks and contingencies U In response to network events or activities as determined by CDRUSSTRATCOM or CDR Service Chiefs or Secretaries shall instantaneously attach Service to CDR who will exercise TACON upon contact with the service until such time that the responses to the events or activities are declared complete by CDR JTF-GNO at which time Service Secretaries will resume control on the SECRET 50 3286 3287 3288 3289 3290 3291 3292 3293 3294 3295 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 3306 3307 3308 3309 3310 3311 3312 3313 3314 3315 3316 3317 3318 3319 3320 3321 3322 3323 3324 3325 3326 3327 3328 3329 3330 3331 IS l IN IN aa SEC-REF U Recommend changes to daily operations network con gurations as a result of lessons learned U Gather analyze and report cyber-related defense combat assessment to CDRUSSTRATCOM U Coordinate and recommend changes to Global INFOCON posture levels to CDRUSSTRATCOM U Identify strategic global cyber related defense intelligence requirements to USSTRATCOM in coordination with the geographic Combatant Commanders U Determine and forward adversary s intent capability and information to CDRUSSTRATCOM and assess the risk of returning to a pre-hostility con guration U After a cyber incident coordinate return to daily operations network con gurations and operations with As as soon as feasible - awareness of Sec 1 4 a Provide situational Sec 1 4 a Sec 1 4 a 39 14 3 Information Condition INFOCON exceptions from As U Coordinate cyber defense measures with As prior to implementation c_c U Direct GIG operations and defense Identify and advocate new desired characteristics and capabilities As are responsible for implementing a network security baseline through a defense in depth strategy for their respective mission-critical mission essential and mission-support networks U Issue DOD-wide INFOCON level changes based on assessed threats Maintain awareness of INFOCON levels across the GIG and associated INFOCON implementation SECRET 51 3332 3333 3334 3335 3336 3337 3338 3339 3340 3341 3342 3343 3344 3345 3346 3347 3348 3349 3350 3351 3352 3353 3354 3355 3356 3357 3358 3359 3360 3361 3362 3363 3364 3365 3366 3367 3368 3369 3370 3371 3372 3373 3374 3375 3376 3377 SEC-REF U Assess awareness of the operational impacts of changing INFOCON levels and recommended mitigation actions U Provide policy direction and guidance to As regarding increased defense network assurance operations and deterrence measures gg WW Develo and coordinate Plans to implement 39 14 3 Sec 1 4 a I hh U Execute defensive operations and cyber defense IAW SROE I Sec _l Sec 1 7 e PG-99 Accept Operational Control OPCON of service Network Operations Security Centers NOSCs Direct Liaison Authority Sec We Sec 1 7 e is authorized jj U Submit cyberspace defense COAs to HQ USSTRATCOM to assure minimal impact to operation of the DOD GIG Submit milit _ t0 HQ USSTRATCOM 2 WW Coordinate with m3 W1 Sec 1 4 a Direct and coordinate I Sec 14 3 - El Sec 1 4 a bx I Sec 14 3 I coordinate other USSTRATCOM components in the deveIOpment of courses of action and for 1 SECRET 52 3378 3379 3380 3381 3382 3383 3384 3385 3386 3387 3388 3389 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 3400 3401 3402 3403 3404 3405 3406 3407 3408 3409 3410 3411 3412 3413 3414 3415 3416 3417 3418 3419 3420 3421 3422 3423 lo SEC-REF U Support Combatant Commands efforts to plan coordinate and conduct cyberspace and NETOPS activities U Joint Functional Component Command Network Warfare JFCC when directed will W Provide the supported Commander I ICOAs Coordinate CO with JFCC GSI tom 59 W Options COAs must describe the 4 Each option COA will address and in support of the overall operation Support JTF-GNO by Sec 1 4 a I Sec 1 4 a IO Coordinate 1 4 a Sec 1 4 a I assets to achieve supported Commander objectives across all phases of the operation IQ - Directl Sec 14 8 I Sec 1 4 a I I the DOD GIG IO W Direct Sec 1 4 a I Sec 1 4 a I use of cyberspace U Coordinate employment of cyber warfare capabilities with JTF-GNO IOWC and other When directed assume operational control OPCON or tactical control TACON of forces designated in the establishing deployment order SECREI 53 3424 W Develop COA 3425 recommendations for 39 14 8 I 3426 bmSec 14 8 3427 3428 3429 3430 MM missions 3431 and maintaining situational awareness for 3432 CDRUSSTRATCOM 3433 3434 U ECU-9 Serve as the focal point for 3435 Sec 1 7 e I 3436 3437 U Support in 3438 to ensure operations are 3439 integrated and 3440 3441 21 U Coordinate intelligence gain loss and technical 3442 assessments with the Intelligence Community for 3443 each network warfare course of action 3444 3445 Q U Coordinate and decon ict USSTRATCOM 3446 courses of action and as directed the courses of 3447 action in support of other PCs with the 3448 Intelligence Community 3449 - 3450 i U Support Combatant Commands efforts to plan 3451 coordinate and conduct cyberspace activities 3452 3453 4 U Joint Information Operations Warfare Command 3454 when directed will 3455 3456 U Provide CDRUSSTRATCOM staff JFCC NW and 3457 planners with 10 and Strategic 3458 Communication expertise as required to conduct 3459 contingency and crisis action planning 3460 346 1 W Coordinate with FCC 3462 NW FCC GSI and to ensure JIOWC's 3463 3464 3465 3466 3467 Establish and execute an 3468 Sec 1 4 a 3469 54 SECRET 3470 in coordination with 347 1 appropriate As 3472 3473 Develo and 3474 Sec 1 4 a 3475 3476 3477 Fully coordinate and 3478 I W1 39 1 I 3479 Sec 1 4 a I 3480 3481 5 U Combatant Commands when directed will 3482 3483 a U Conduct operations in and through cyberspace 3484 within their AORs and coordinate with USSTRATCOM 3485 planners as required 3486 3487 U Review and update prioritization assessment of 3488 networks to identify those that are mission-critical 3489 mission-essential and mission support networks and 3490 share information with USSTRATCOM contributing to 3491 global situation awareness 3492 3493 9 WW Nominate appropriate 3494 Sec 1 4 a 3495 3496 3497 3499 mm Sec 1 7 e 3500 3501 facilitating global situation awareness and tailored 3502 planning operations 3503 3504 U Employ measures to ensure friendly forces are in 3505 compliance with all counter vulnerabilities 3506 requirements 3507 3508 1' W In coordination with 3509 lin support of 3510 CONPLAN 8039 to include 3 5 1 1 Sec 1 4 a 3512 3513 U Enforce IAVA compliance within their specific 3 514 enterprise SECRET 55 3515 3516 3517 3518 3519 3520 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530 3531 3532 3533 3534 3535 3536 3537 3538 3539 3540 3541 3542 3543 3544 3545 3546 3547 3548 3549 3550 3551 3552 3553 3554 3555 3556 3557 3558 3559 3560 SECRET U Share operational assessments and technical reports to the when network attacks and intrusions are targeted against computers and other cyber systems within respective AOR to maintain awareness and enhance potential response and deterrent options 1 W Provide recommendations for to CDRUSSTRATCOM Sec 1 4 a Sec 1 4 a U Be prepared to support USSTRATCOM and LEAs in crisis consequence management and combat assessment within respective AORs U Assist CDRUSSTRATCOM I 1 Sec 1 7 e U Per ref c Combatant Commanders will decon ict and their planning with CDRUSSTRATCOM U Agencies Speci c agencies will be identi ed in Annex A a U General Tasks Ill U Sharel b 1 Sec 1 7 awareness and tailored operatlons Q U Coordinate with USSTRATCOM on matters pertaining to CO Implement DOD wide CO directions from CDRUSSTRATCOM for applicable networks 131 F999 Maintain DIRLAUTH with other Service and Agency Sec 1 7 e SEC-REF 56 3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 3575 3576 3577 3578 3579 3580 3581 3582 3583 3584 3585 3586 3587 3588 3589 3590 3591 3592 3593 3594 3595 3596 3597 3598 3599 3600 3601 3602 3603 3604 3605 SEGR-EI 41 F999 Direct and monitor compliance including CTOs IAVAs and INFOCON of agency networks with approved DOD policies and procedures that regulate operations in the DOD GIG see Annex Operations and report as required to JTF GNO 51 429-99 Share near-real time global situational awareness of Agency networks and systems to GNO Provide a single of ce to interface with JTF-GNO for this purpose 161 $999 Coordinate execute and or direct troubleshooting and restoral actions for Agency networks and systems L71 Monitor Named Areas of Interest NAIs as tasked by JTF-GNO to detect threat activity against the DOD GIG see Annex C 81 4299-9 Implement response actions as directed by JTF-GNO IAW SROE to correct faults defeat threat activity and deliver priority information across the DOD GIG see Annex C 121 42999 Implement contingency operations as directed by to restore capability and strengthen the DOD GIG against further faults threats and information gaps across the DOD GIG see Annex C 10 F999 Report to status of Sec 11 4299-9 Establish in coordination with JTF- GNO procedures for dissemination of NETOPS related advisories alerts and warning notices 12 42999 Conduct nodal analysis of agency networks to determine Critical Nodes and provide Critical Node list to JTF-GNO ll3 43999 Share defense plans of critical nodes against physical and virtual threats with SEC-REF 57 3606 3607 3608 3609 3610 3611 3612 3613 3614 3615 3616 3617 3618 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632 3633 3634 3635 3636 3637 3638 3639 3640 3641 3642 3643 3644 3645 3646 3647 3648 3649 3650 SEC-REF facilitating global situation awareness and tailored planning operations 2 U Speci c Organizations I a U 3999- Provide to 13 9 Sec 1 7 e actions as well as mitigation strategies b Develop in cooperation with USSTRATCOM and its Sec 1 4 a Sec 1 4 a Provide to defense related tools and their associated training and documentation Sec 1 4 a W 390 related techniques d Sec 1 7 e Sec 1 7 e advice e to USA AUS f- Provide to a Sec 14 a Sec 1 4 a 58 3651 3652 3653 3654 3655 3656 3657 3658 3659 3660 3661 3662 3663 3664 3665 3666 3667 3668 3669 3670 3671 3672 3673 3674 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 3686 3687 3688 3689 3690 3691 3692 3693 3694 3695 3696 SECRET g' FOUO 193211 9 ec17 I Sec 1 7 e h W Coordinate with Sec 1 4 a i Provide to FbX1 Sec1 Me I Provide to I lwxn8m1 m Provide to Sec 1 7 e I Sec 1 7 e k Share with Sec 1-7 e U FOUO Sec 1 7 e I Sec 1 7 e Q1 U Sec 1 7 e Sec 1 7 9 U 1030 1 Sec 1 7 SEC-REF 59 3697 3698 3699 3700 3701 3702 3703 3704 3705 3706 3707 3708 3709 3710 3711 3712 3713 3714 3715 3716 3717 3718 3719 3720 3721 3722 3723 3724 3725 3726 3727 3728 3729 3730 3731 3732 3733 3734 3735 3736 3737 3738 3739 3740 3741 3742 C e h SEC-REF mx03m17m s Re1 to USA Aus manmnAm Coordinate with Sec 1 4 a Wow-98147119876814 When required to mXUSmnAm U Assist 13 6 Sec 1 7 e U Recommend manage and performl b 1 Sac 1 7 e 1 Sec 1 7 e Sec 1 7 e Sec 1 7 e USSTRATCOM Coordinate with JTF-GNO in the Sec Sec 1 7 e I Sec -- 60 3743 3744 3745 3746 3747 3748 3749 3750 3751 3752 3753 3754 3755 3756 3757 3758 3759 3760 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 SEC-REF k U Coordinate with 1 7 e Sec 1 7 e Sec 1 7 e 1 7 e m U In coordination with 1 Sec 1 7 e n U Assist in I Sec 1 7 e 0 Sec 1 7 e p U I Who ensure interoperability with the I a W Sec 1 4 a Sec 1 4 a MAN 8039 The scone b to USA AUS GBR Sec 1 4 a 61 SECRET 3789 C W Coordinate with 3790 Sec 1 4 a 379 1 3792 3793 3794 3795 El U 3796 3797 a Identifv internal 3798 Sec 1 4 a 3799 3800 380 1 3802 b Provide 3803 39 3804 bx 1 Sec 43 3805 3806 d U Coordinating Instructions 3807 3808 1 WW Conditions for execution 3809 CONPLAN 8039 is effective for planning purposes upon receipt 3810 When CDRUSSTRATCOM or SECDEF approves this plan it will 3811 Sec 1 4 a 38 1 2 3813 3814 3815 3816 38 17 38 18 38 19 3820 2 U Direct liaison is authorized among CDRUSSTRATCOM 3821 components As supporting commands and planning 3822 headquarters When developing supporting plans maintain 3823 liaison with CDRUSSTRATCOM 3824 3825 3 U Component commands will develop supporting plans to 3826 CONPLAN 8039 and submit them to USSTRATCOM when 3827 tasked by CDRUSSTRATCOM 3828 3829 4 U ROE will be ref 0 and modi ed with supplemental ROE 3830 as appropriate 383 1 3832 5 U All C0 forces supporting the CDRUSSTRATCOM mission 3833 will immediately establish liaison with CDRUSSTRATCOM LNO 3834 upon arriving in theater SECRET 62 3835 3836 3837 3838 3839 3840 3841 3842 3843 3844 3845 3846 3847 3848 3849 3850 3851 3852 3853 3854 3855 3856 3857 3858 3859 3860 3861 3862 3863 3864 3865 3866 3867 3868 3869 3870 3871 3872 3873 3874 3875 3876 3877 3878 SECRET 6 U Commander s Critical Information Requirements CCIR The following are examples of CCIRs Sec 1 7 8 See Annex B U Friendly Forces Information Requirements FFIRs The following constitute FFIRs U Any increase decrease in INFOCON worldwide 2 U Any Sec 1 7 e I U1 Any event Sec 1 7 e IFD Sec 1 7 e 12 U Sec IO U Any access to the DOD GIG by unauthorized persons obtaining privileged user administrator or root level access in U Any Sec 1 7 e Sec IO U Anymn Sec 1 7 e Sec 1 7 e Ir h U Sec 1 7 e imminently conduct these operations U Sec 1 7 e Sec 1 7 9 63 SEC-REF I m1 Sec 388 1 Operational networks 3882 3883 U Any Sec 1 7 e 3884 mm Sec 3885 3886 3887 U 3838 Sec 1 7 e 3889 3890 3891 3892 3893 13 U Anyi Sec 1 7 e 3894 mm Sec I 3895 GCSS GCCS and DMS 3896 3897 1 U Any root level access on a system shared by the 3898 DOD GIG using new methods that exploit a system s 3899 vulnerabilities 3900 3901 U 3902 mm 3903 GCSS GCCS and DMS 3904 3905 3 U Any event that negatively affects execution of the 3906 Information Operations mission 3907 3908 U Essential Elements of Information EEI 3909 3910 Re1 to USA AUS GBR 39 1 MN 360 14 8 3912 3913 3914 2 Re1 to USA AUS GBR 3915 Sec 1 4 a I 3916 3917 Sec 1 4 8 3918 GIG 3919 - 3920 3 the DOD GIG 3921 3922 5- - 3924 Sec 1 4 a I SEC-REF 64 3925 3926 3927 3928 3929 3930 3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 SEC-REF 9 WW DOD GIG and C41 systems 4 U Administration and Logistics a CI 1 U Concept of Support Supply support will be IAW Service doctrine Teams consisting of tailored HQ USSTRATCOM FCC NW JTF-GNO IOWC and Service component personnel will be provided administrative and logistical support by the requesting command U Logistics CONPLAN 8039 is logistically supportable Cyberspace forces may need to deploy under an ad hoc U Personnel 1 U The parent command or agency will retain administrative responsibility for USSTRATCOM augmentation forces 2 U The appropriate USSTRATCOM Service component will assume administrative responsibility for military personnel Active Reserve or National Guard assigned to subordinate units 3 U Personnel accountability and direct management of military and DOD civilian resources casualties replacements additional forces etc will be the responsibility of the service component or the parent command or agency U Public Affairs PA The supported Combatant Command for CO in the operation Will handle PA When CDRUSSTRATCOM is the supported commander the USSTRATCOM public affairs of ce will handle PA U Civil Affairs Civil Affairs planning will be provided by US Army Reserve Civil Affairs forces assigned to USSTRATCOM CDRUSSTRATCOM will plan and execute Civil Affairs supporting CO when acting as the supported commander Regional commanders will execute their Civil Affairs support to CO with organic personnel JIOWC Combatant Commander teams as required and US Army Reserve Civil Affairs forces as required U Meteorological and Oceanographic METOC Services METOC in support of CO will be provided by USSTRATCOM FCC GSI METOC Branch JFCC GSI J332 SEC-REF 65 3970 3971 3972 3973 3974 3975 3976 3977 3978 3979 3980 3981 3982 3983 3984 3985 3986 3987 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4004 4005 4006 SEC-REF g U Geospatial Information and Services Geospatial information in support of CO will be provided by USSTRATCOM 2 in coordination with NGA h U Medical Services The Combatant Commander where CO is being conducted will provide medical services for supporting personnel 5 U Command and Control C2 The Service C0 C2 structure as it applies to USSTRATCOM FCC NW and JTF-GNO is not a standardized component structure as the Army Air Force Navy and Marine Corps each have organized their cyberspace activities differently See Annex for speci c C2 relationships Kevin P Chilton General USAF Commander Annexes A Task Organization B Intelligence C- Operations F Public Affairs Command Relationships K- Command Control Communications and Computer Systems N--Space Operations S Special Technical Operations V -Interagency Y Strategic Communication Z Distribution 66 FOIA review completed on 4 January 2018 Portions of this document no ionger meet the classi cation standards of ED 13526 Section 1 4 As such I am downgrading specific portion-marked paragraphs as Partial classi cation downgrade executed by SEGREF mm HEADQUARTERS us STRATEGIC COMMAND Major General US Army OFFUTT AFB Chief f5taff 28 February 2008 U S Strategic Command ANNEX A USSTRATCOM CONPLAN 8039 U U OPR JFCC NW J52 TASK ORGANIZATION U U References Refer to Base Plan 8 1 U Task Organization 9 a U Supporting or Assigned Forces While many DOD Components do 10 not have organizations dedicated solely to cyber operations there are DOD 11 organizations not assigned to USSTRATCOM that have cyber capabilities This 12 annex identi es supporting or subordinate organizations capable of conducting 13 or providing support to the cyber operations mission To provide the broadest 14 range of military capability these forces will be made available to 15 USSTRATCOM through various command relationships Refer to Annex J 16 Command Relationships Table 1 lists organizations that are designated in 17 support of USSTRATCOM for CON PLAN 8039 Table 2 lists organizations 18 subordinate or assigned to USSTRATCOM for CONPLAN 8039 19 13- The majority Of these 20 forces bx 8991-7 e Iaccomplish assigned tasks 21 For this reason a W1 59 not included in this annex 53 life 22 required it will be developed for 23 Sec 1 7 e I 24 C- U Shortfall Identi cation will also identify the forces 28 shortfall if required that normally accompanies Annex A Task Organization 29 d U Organizational Relationships Responsibilities and organizational 3o relationships are discussed in Annex J Command Relationships 31 2 U Supporting Organizations The following commands or organizations are 32 identi ed to provide support to USSTRATCOM for CON PLAN 8039 33 ORGANIZATION COMMANDER US European Command CDRUSEUCOM US Paci c Command CDRUSPACOM US Joint Forces Command CDRUSJFCOM US Transportation Command CDRUSTRANSCOM US Central Command CDRUSCENTCOM US Special Operations Command CDRUSSOCOM US Northern Command CDRUSNORTHCOM US Southern Command CDRUSSOUTHCOM US Africa Command CDRUSAFRICOM US Element North American Aerospace Command CDRUSELEMNORAD US Navy - CNO US Air Force CSAF US Army CSA US Marine Corps CMC Mbrine Corps Intelligence Activity CO MCIA Air Combat Command COMACC Central Intelligence Agency DCIA Defense Advanced Research Proiects Agency DARPA Defense Business Transformation Agency BTA Defense Legal Services Agency DLSA Defense Commissary Agency Defense Contract Audit Agency DCAA Defense Contract Management Agency DIRDCMA Defense Finance and Accounting Service DFAS Defense Information Systems Agency DIRDISA Defense Intelligence Agency DIRDIA Defense Logistics Agency DIRDLA Defense Security Cooperation Agency DSCA Defense Security Service DSS Defense Threat Reduction Agency DIRDTRA Missile Defense Agency MDA National Geospatialdntelligence Agency NGA National Security Agency Central Security Service DIRNSA Pentagon Force Protection Agency PFPA American Forces Information Service AFIS Defense MP Of ce DPMO Defense Technology Security Administration DTSA Defense Technical Information Center DTIC DOD Counterintelligence Field Activity CIFA DOD Education Activity DOD Human Resources Activity 20D Test Resource Management Center TRMC SECRET Of ce of Economic Adiustment gag TRICARE Management Activity TMA Washington Headquarters Services WHS USAF Intelligence Surveillance and Reconnaissance Agency CDR AFISRA USA Intelligence and Security Command CDR INSCOM USN Naval Security Group COMNAVSECGRU National Guard Bureau CHIEF NGB Air Force Of ce of Special Investigations AFOSI Naval Criminal Investigative Service NCIS USA Criminal Investigation Division CDR CID Strategic Systems Programs Naval Surface Warfare Center Joint Warfare Analysis Center CDR JWAC Table 1 Supporting Organizations Table 1 Supporting Organizations U 3 U Subordinate Commands The following commands are designated as subordinate commands for CONPLAN 8039 SUBORDINATE COMMANDS COMMANDER FCC Global Strike and Integration CDR JFCC GSI JFCC Intelligence Surveillance and Reconnaissance CDR JFCC ISR JFCC Integrated Missile Defense CDR JFCC IMD FCC Network Warfare CDR JFCC NW JTF Global Network Operations CDR JTF GNO FCC Space CDR JFCC SPACE STRATCOM Center for Combating WMD CDR SCC WMD Joint Information Operations Warfare Command CDR IOWC Air Force strategic Global Strike Air Force Strategic Space Marine Forces USSTRATCOM COMMARFORSTRAT US Fleet Forces Command Space and Missile Defense Command Army Strategic CDR Forces SMDC Table 2 Subordinate Organizations U A-3 Kevin P Chilton 4 5 General USAF 4 6 Commander Appendixes 5 2 1 41 mm Sec 1 7 e 53 Sec 1 703 54 Shortfall Identi cation Maintained 5 5 Sec 1 7 e 56 Military Deterrent Options S 57 58 59 60 61 Mark H Owen 62 Brigadier General USAF 63 Director Plans and Policy A-4 SEGR-EF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 2 APPENDIX 3 TO ANNEX A TO USSTRATCOM CONPLAN 3 U OPR JFCC NW J52 4 Sec 1 7 e U 5 U References Refer to Base Plan 6 1 U Situation The USG harnesses all aspects of national power through 7 the application of diplomatic informational economic and military deterrent 8 options This annex discussesl mm Sec 17 9 to facilitate 9 the objectives of CONPLAN 8039 Cyberspace Operation 0 Sec 1 7 e ll 12 13 39 available to CDRUSSTRATCOM are implemented In 14 the planning process CDRUSSTRATCOM working with the affected 15 Geographical Combatant Commander GCC will l6 Sec1 7 e 17 18 present a menu of choices for 19 recommendation to the I Should 2 deterrence fail sec I 2 1 freedom of action in cyberSpace 22 a U M Refer to Base Plan and Annex A Task Organization U Assumptions Refer to Base Plan 26 d U Legal Considerations Refer to Base plan and Appendix 8 Rules of 27 Engagement to Annex Operations 28 2 U Mission Refer to Base Plan 2 9 30 3 U Execution 51 SW Sec 1 4 a Sec 1 4 a potential threats to US interests b W Elements of National Power An effective Sec 1 4 a from the following categories may be implemented individually or in packages as appropriate to best meet the particular situation Sec 1 7 e I They may pursue measures to increase Ian 53 Other actions include measures I Joptions may also seek to gain support from the Sec 1 7 e I 2 Sec1 7 e I Sec 1 7 e 59 1- mite maintain freedom of action in cyberspace These options may be Sec Sec 1 7 e already bec I increase highlight assistance 4 U Administration and Logistics Not used 5 U Command and Control Refer to Base Plan and Annex Command Relationships 38 Lo 0 SEGR-EI HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113-6500 26 February 2008 ANNEX TO CONPLAN 8039 U U OPR HQ J23 INTELLIGENCE U 28 February 2008 U References a U Joint Publication 2-0 Joint Doctrine for Intelligence Support to Operations 9 March 2000 U b U 3314 01 Chairman of the Joint Chiefs of Staff Manual Intelligence Campaign Planning Guidance 30 November 2007 U C U Sec 1 7 e semi-annually S SI NF Iupdated d U Joint Publication 2-01 3 Joint Tactics Techniques and Procedures for Joint Intelligence Preparation of the Battlespace 24 May 2000 U e U National Intelligence Support Plan NISP in Support of USSTRATCOM CONPLAN 8039 Date TBD S REL f Sec 1 7 e I Sec 1 7 e hm Sec 1 7 e SI U I mm Seem 1 1 U m1 Sec 1 7 e Sec 1 7 e HTS 31 i U CJCSI 31 10 02D Intelligence Planning Objectives Guidance and Tasks 5 March 2003 S j DCID 7 3 Information Operations and Intelligence Community Related Activities 1 July 1999 1- U 1 U Sec 1 7 e B-l I It is designed to provide intelligence SECRET 40 information at the strategic level that may be applicable to any state or non- 41 state actor with a cyberspace ca abilit and access or intent to use 0 bers ace 42 to threaten U S networks Sec me I 43 E30 Sec 1 7 e I 44 45 a W Characteristics of the Area The cyberspace 46 environment is global in scale and is characterized by the use of electronics to 47 store modify and exchange data via networked systems and associated 48 physical infrastructures The potential operational area is the entire 49 cyberspace domain See the CONPLAN 8039 Base Plan paragraph 1 for a 50 detailed description of Characteristics of Area Area of Concern Area of 51 Interest AOI Area of Responsibility AOR Operational Area A0 and Centers 52 of Gravity The primarv focus is to defend the Global Information 53 Grid GIGUSA AUS Sec 1-4 a 60 Sec 1 4 1 U End State and Courses of Action 75 76 SHRE-L-U-SATA-U-STGB-R The foundations of I 77 Sec 1 4 a 78 79 80 Also included in this plan are Em sec I 31 Sec 1 4 a I 82 mm Sec 1 4 a 83 states such as 84 USA AUS GBR USA AUS Sec 1 4 a 2 USA AUS GBR USA AUS Sec 1 4 a 3 USA AUS GBR USA AUS Sec 1 4 a Sec 1 4 a W Sec 1 4 a cyberspace operations Sec 1 4 a full scope Sec 1 4 a 13 110 1 Sec 1 4 a I inCIUding 132 Sec 1 4 a I 133 cyberspace programs 1 2115 134 llb 1 seC1i4 a lreSiding 01 transiting DOD information systems 135 136 C Sec Ito inCIUde 137 hackers terrorists insiders and criminals intend to access deny degrade exploit or modify 138 data residing on US cyberspace systems Sec 17 6 I 139 Sec 1 7 e 140 141 142 143 144 145 146 147 148 2 U loam Sec 1 7 e 149 mu Sec 1 7 e 150 151 3 1 152 Disseminate Intelligence le Capabilitv to Collect Process and 153 Sec 1 4 Friendly vaerspace 159 operations require Sec 1 4 a 160 effort See the NISP to this CONPLAN for additional details on friendly 161 intelligence capabilities and activities 162 153 1 intelli ence 164 organizations blmsecl'4la 165 33 ponduct intelligence operations 166 in support of cyberspace operations Intelligence must also develop or 167 improve the capability to 163 169 Providel b 1 Sec 14 8 I 170 mu Sec 1 4 a 171 172 173 bl 1 Improve 174 underStal lding 0f vaerspace networksJ bm Sec 175 Sec 1 4 a 176 13 4 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 S-E-GR-EF Sec 1 4 a Tb 11 sec1'41a See CONPLAN 8039 Base Plan for more details concerning limo oec 1 4 a I C W Apportion intelligence assets 9 11 Sec 1 4 a om Sec - Prioritize efforts as directed by combatant command Joint Intellience Operations Centers J IOCs and as illustrated by the CONPLAN 8039 2 WW Combatant command J28 - will assess the effectiveness of the CONPLAN 8039 IP effort including mews this annex the NISP associated Functional Support Plans FSPs and other supporting documentation and processes in their respective AORs and forward om Sec 1 4 a Forward ISR-related shortfalls for cyberspace operations to USSTRATCOM 8 for advocacy and support d U Legal Considerations Given the unique nature of cyberspace the legal framework associated with intelligence collection in support of cyberspace operations must be well understood 3301-719 I om Sec 1 7 e om Sec 1 7 e All intelligence operations under this plan will be conducted in compliance with applicable U S domestic and international law In particular intelligence I Sec 1 7 e om Sec 1 7 e I Additional legal considerations can be found in the CONPLAN 8039 Base Plan 2 Mission Commander US Strategic Command plans and directs integrated cyber operations to Sec 1 4 a interests See NISP Base Plan for the National Intelligence Mission Statement SECRET 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 3 U Execution a Concept of Intelligence Operations This annex is the base document for the cyberspace operations IP effort It outlines the intelligence community support for CONPLAN 8039 Cyberspace Operations and the Military Strategic Framework identi ed in the National Military Strategy for Cyberspace Operations The goal Sec 1 4 a 1 Purpose and Means See CONPLAN 8039 Base Plan for the overall purpose The 2005 Contingency Planning Guidance CPG advises the Chairman Joint Chiefs of Staff CJCS to Sec 1 4 a This annex provides guidance and direction to 33 that supports USSTRATCOM CONPLAN 8039 planning and execution an combatant command cyberspace operations planning I Sec 1 support cyberspace operations Speci cally the CONPLAN 803 Ml Sec 1- a U Develop intelligence requirements and tasks and establish a common framework to understand the threat posed by state and non-state actors that have the capability and intent to threaten U S cyberspace U Designate missions roles and responsibilities for intelligence agencies in support of combatant command execution of cyberspace operations planning and operations U Integrate and with intelligence plans of Sec 1 7 e I U Describe an integrated operational architecture to facilitate the develo ment and dissemination of an intelligence lam 39 17 3 Sec 1 7 e U Identify doctrine organization training material leadership and education and personnel shortfalls to successfully conduct cyberspace B-6 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 SEGR-EF intelligence operations and develop mitigation strategies and responsibilities to correct them U Identify intelligence collection analysis and production requirements therebv allowing sec 17 9 I Jresponsibilities and allowing USSTRATCOM to advocate for solutions to shortfalls U Improve intelligence collection analysis and production 39 17 9 I cyberspace activities 2 W General CONPLAN 8039 follows an effects- based planning construct and is organized along 3901-403 Sec 1 4 a 3 USSTRATCOM is charged with leadmg esponsibilities cyberspace operations Sec 1 4 a '1 See the NISP for additional details on the CONPLAN -- I Sec 1 4 a - I USA AUS 53 14 Sec 1 4 a 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347' 348 349 350 351 352 353 354 355 356 357 358 359 360 Sec 1 4 a W Identify and understandi bm 39 Sec 1 4 a IA clear understanding of these concepts is required to conduct an effective cyberspace operations campaign Intelligence support is required for friendly forces to Sec 1 4 3 sec Ithat allow the US to Sec 1 4 8 anm Sec 1 4m Sec 1 4 a Icvbersnace activitv C Sec 1 4 a Sec 1 t f rberspace related activitv Sec 14 3 sec 1 4 5 USA AUS 331218 36 Sec 1 4 a 6 U National Intelligence Support La 366 Ma Sec 1 4 a Ian Combatant Sec 1 4 a Sec 1 4 a hirected Iwill provide rationale to bl USA AUS Sec 1 4 a 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 Sec 1 4 a The NISP Sec 1 4 a U USSTRATCOM JFCC-ISR provides the ISR Support Plan ISRSP which is also part of the NISP The ISRSP will outline ISR capabilities and requirements to be performed both day-to-day and during crisis U Sec 1 7 e I Sec 1 7 e b U Tasks ll 1W Sec 1 48 I 39 14 3 _ cyberspace operations requirements me 1-4 3 I Sec 1 4 a I and Sec conducting cyberspace intelligence operations 3 U Develop strategic cyberspace 39 17 3 Essential Elements of Information I Sec 1 7 e 4 U In conjunction with and develop Memorandum of Agreement Command Arrangement Agreements Where necessary 5 U Conduct required cyberspace operations IPRs SEGR-EF B-9 407 408 409 410 41 1 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 6 U Monitor cyberspace 186W indicators 7 Establish strate ic riorities for ber I g p I 8 U Support combatant command cyberspace operations requirements 9 U Monitor day to-day execution of the CONPLAN 8039688179 identify or report changes in the ability of Intelligence to provide the support identi ed in the ITL to USSTRATCOM 10 U Assess cyberspace intelligence capabilities and determine if Sec 1 7 e I 11 WW Integrate CONPLAN 803- her USSTRATCOM global plans 12 U Participate as required in national-level cyberspace operations intelligence planning and coordination efforts c U Procedures for processing bxl Sec is combatant command dependent and will be promulgated in the various combatant command CONPLANs and OPLANs At USSTRATCOM the J2 is responsible for processing Sec d U Sec _l Sec 1 7 e e W Sec 1 4 a agencies contributing to this an ave been identi ed in the CONPLAN Sec 1 4 a support of CONPLAN 8039 requirements See the NISP for detailed information on E111 Sec 1 414 I Sec 1 7 e I Sec 1 7 453 454 455 456 457 453 459 460 461 462 463 464 465 466 467 463 469 470 471 472 473 474 475 476 477 473 479 430 431 432 433 434 435 436 437 433 439 490 491 492 493 494 495 496 497 2 Sec 1 7 8 I Sec 1 7 e 3 Sec 1 7 e Sec 1 7 e 4 Sec 1 7 e Sec 1 7 e I 5 U Counterintelligence CI See Appendix 3 Counterintelligence 6 U Other Collection Activities None f Processin and Evaluation See the NISP I Sec 1 7 e g Analysis and Production USSTRAT 2 Sec 1 4 a 53 14 I either a RAC or a CAC for each intelligence task listed in the ITL were identi ed based I and the collection analysis and production assessments completed by agencies Within Intelligence Organizations that do not meet the criteria can be identi ed as providing other support capabilities A RAC is the lead organization responsible for producing the nished intelligence product to the requesting combatant command The RAC will specify the need for and scope of the support that CACs will provide to the RAC Each RAC and CAC will update the assessment of their ability to satisfy assigned tasks from the ITL Sec 1 4 a lor when deemed necessary by USSTRATCOM Sec 1 4 a h U Dissemination and Integration 1 Reports Re uired Re orts will differ based on the information contained in I Sec 1 4 a 2 SH-REL Formats Formats will differ based on the information contained in mm Sec 1 4 a 3 W Distribution USSTRATCOM uses Sec 1 4 a and SIPRNET Each combatant command will determine dissemination requirements to support execution of its associated cyberspace operations B-ll 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 SEGR-EF CONPLANs and OPLANs See the NISP for detailed information on integration efforts to support cyberspace operations planning and operations 4 U Foreign Disclosure To the greatest extent possible all intelligence reports will be classi ed as releasable to as many allied partners as practical eSpecially Great Britain Canada and Australia The combatant command s responsible for executing cyberspace operations will identify disclosure and intelligence sharing requirements needed to support the speci c Operations SEC 1 7 8 applicable i U Coordinating Instructions 1 U Conferences U will host as required planning conferences to address updates to this CONPLAN and the associated IP effort Attendance from combatant command I Sec 1 7 e I USSTRATCOM 2 will send the announcement via message traf c and other means to ensure widest possible information dissemination e-mail JWICS and SIPRNET web pages Secure Video Teleconference SVTC sessions etc Sec 1 7 e U USSTRATCOM components and centers may host intelligence planning conferences to support speci c USSTRATCOM or combatant command planning efforts or to address cyberspace operations related issues in their speci c areas of expertise 2 U See the NISP for speci c instructions on U S government interagency and multi-national coordinating instructions WW USSTRATCOM uses a variety of collaborative tools to coordinate cyberspace operations activity SIPRNET is the preferred collaboration venue to ensure the greatest inclusion of operators planners and intelligence personnel from all echelons of command The paragraphs below outline the major cyberspace operations coordination activities for USSTRATCOM Although current collaborative tools may change the basic functionality will remain and be used in support of mission objectives SW SIPRNETIGW Sec1 4 a Sec 1 4 a B-12 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 Sec 1 4 a W JWICS Page USSTRATCOM uses the JWICS portal and 8039 IP page for coordination on activities and information dissemination that requires higher classi cation levels than What is maintained on SIPRNET C USSTRATCO Sec 1 4 a Sec 1 4 a J2 Sec 1 4 a U Secure Video Teleconference SVTC USSTRATCOM has a number of I 1 Sec 1 7 e cyberspace operations activities a U Orders to Subordinate and Supporting Units 1 U JFCC-NW Ifor coordination and collaboration on W Sec 1 4 a plan development W Sec efense of the Global Information Grid GIG Coordinate intelligence collection analysis Ilblm Sec 1 4 a Sec 1 4 a and distribute as required Coordinate with all other functional 3 component commands for Sec 1 4 a 2 U U Develop maintain and update a Global ISR strategy for cyberspace operations and an ISR Functional Support Plan to the NISP within the IP process B-13 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 13 WW Sec 1 4 a by the CONPLAN 8039 NISP required 3 U Joint Functional Component Command for Global Strike and Integration JFCC-GSI IE1 SW Coordinate with for W Sec Sec 1 4 a 4 U Joint Task Force Global Network Operations WW Coordinate with for inclusion of CONPLAN 8039 IP into planning efforts Provide intelligence support as required by the CONPLAN 8039 NISP Provide intelligence planning support and assets as required to FCC-NW related to 9193901419 id WW Coordinate with FCC-NW for 30 1 39 14 3 Sec i 4 a W Provide cyberspacel bx 39 14 Sec 1 4 a 5 U Joint Information Operations Warfare Command J IOWC W Provide intelligence planning support as required to FCC-NW related to WW Provide intelligence support as required to support and CONPLAN 8039 NISP 0 WW Coordinate with for Sec 1 4 a b U Requests to Higher Adiacent and Cooperating Units 1 U is responsible for coordination with other government agencies OGAs for intelligence issues As the and integrator of intelligence support for cyberspace operations 635 USSTRATCOM will work through for issues requiring support from 636 OGAs and also with the combatant command 23 for any PN issues 637 633 2 U Sec 1 7 e 639 640 iP efforts ff rt process with other ac me s 643 644 bl 645 30 1 Sec 1 7 e 646 647 543 C U Lead development of the NISP in support of the PAW 649 Sec 1 7 e 650 651 enable the IP to function as a whole 652 653 I I 654 Sec 1 7 e 655 I 656 I 657 Sec 1 7 e I 658 659 U I 660 Sec 1 7 665 3 U Joint Staff 666 667 U Develop in support of Cyberspace 668 operations 669 670 00 U Provide Ito the NISP for this 671 CONPLAN IP 672 673 4 U 674 675 676 NH Sec 1 7 e 677 678 679 B-15 SEC-REF 680 U Post updated versions of IP 681 Sec 1 7 685 686 U Provide support as required by the CONPLAN 8039 NISP Sec 1 7 8 I 639 Sec 1 7 e 690 691 692 693 694 695 Sec 1 7 e 696 697 698 CONPLAN 8039 ITL 699 - 700 W Coordinate as appropriate for 701 Sec 1 4 a 702 703 704 705 706 7 U GCC J2s 707 708 Provide cyberSpace related intelligence 709 requirements for inclusion into the CONPLAN 8039 ITL 710 711 W Coordinate as appropriate for 712 cyberspace operations issues with USSTRATCOM J2 to ensure 713 between the respective plans and CONPLAN 8039 to 714 Sec 1 4 a lfor 715 cyberspace operations intelligence requirements 716 717 8 U USJFCOMZJZ 718 719 U Work IUSSTRATCOM and the GCCs to develop 720 an Sec 1 7 8 I 721 722 U Develop procedures and training to support 723 intelligence and the IP process in support of this CONPLAN 8039 724 725 U Develop modeling and simulation of processes in the IP process 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 Sec 1 7 e U Develop modeling against Sec 1 7 e U Develop an automated b 1 Sec Sec 1 7 e c U Shortfalls and Limiting Factors 1 U The Services Combatant Commands and Agencies Sec 1-719 Sec 1 7 e Sec 1 4 a 2 S Intelligence community Sec 1 4 a d W Miscellaneous Combatant commands CSAS Service intelligence centers and USSTRATCOM components may evaluate the effectiveness of CONPLAN 8039 and this IP effort and forward any requests or lrecommendations to USSTRATCOM 2 for improvements to this Annex the Sec 1 4 a 4 Administration and Logistics 5 Command and Control a Intelligence Relationships USSTRATCOM HQ and each FCC Center and JTF have organic intelligence capabilities Each provides tailored application of intelligence to satisfy respective commanders' requirements by minimizing duplication and maximizing integration 1 UHF-999 J2 Provides strategic-level intelligence support to the HQ and components HQ J2 leverages authorities and resources to ensure effective intelligence support across the USSTRATCOM intelligence enterprise while facilitating collaboration between mission partners and the integration and of intelligence needs HQ J2 is organized to provide intelligence planning IP effort in support of command planning activities Figure 1 shows a high level representation of the command relationships with key organizations relating to cyberspace operations B-17 SEGRE USSTRATCOM Sec 17 6 Sec 1 7 e JTF - GNO IOWC JFCC-NW Direct Relationship 766 -- Supporting Relationship 767 Figure U Command Relationships 768 769 770 Sec 1 7 e 771 Sec 1 7 e 772 773 774 775 776 777 778 3 U Joint Task Force Global Network Operations J2 779 Provides tailored intelligence in support of the operation and defense of the 780 GIG including DOD wide computer network defense 781 Sec 1 7 e 782 783 business missions The JTF-GNO 2 provides timely and relevant intelligence 784 to the Commander Joint Task Force Global Network Operations JTF Staff 785 and components through 39 We I 786 Sec 1 7 e 787 I in support of the operation and defense of the Global Information 788 'Grid - 789 790 4 U Joint Information Operations Warfare Command J2 791 Focal point for intelligence support to information operations within the 792 IOWC IOWC 2 coordinates directly with combatant command and JTF 793 intelligence entities to include Joint Intelligence Operation Centers IOWC 794 J2 I 795 EM Sec 1 7 e SEQ-REF B-18 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 81 812 813 814 815 816 817 818 819 820 821 822 SEGR-EI Additionally the assists W1 See me Sec 1 7 e I 5 U Joint Functional Component Command-Network Warfare J2 Provides intelligence to support the optimization of planning integration coordination execution and force management of the Network Warfare missions in support of joint war ghters In coordination with GNO FCC-NW maintains situational awareness for the GIG while Sec 1 7 e I In addition to the wide range of products FCC-NW provides to support cyberspace operations planning Sec b U Communications USSTRATCOM J2 component 2s and relevant combatant command 2s make up the USSTRATCOM Intelligence Enterprise SIE to collaborate on intelligence support The SIE is the customer in Figure 2 and the information exchange between agencies in the cyberspace environment is deicted in the diagram The SIE submits a Production Request PR viaThe dotted lines within the customer box are to show that ideally each affected member of the SIE should receive a copy of the PR to ensure receipt of the nished intelligence product Non Producers Production Requests Inter -Agencies ICIA Etc WI USD I i Collection Requirements 1 Validated STRATCOM Intel Enlg prlse SlEi RH Producers Collec_ rs Sec 1 7 e i Intel Community Disciplines STRATCOM oits cocons ill-lions 13R pm Sec 1 7 51 Collection Requirement Validated Collection Reqm Infomlion Flow - or Finished Finished Intel Product Figure 2 U Communications and Information Exchange 1 U The Ito ensure the appropriate subtasking of PRs to the producer s The producer accomplishes the PR and submits their own collection requirements if needed to the appropriate 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 collector As mentioned above the FCCs have been directed to submit production requirements directly to the producers In the case where the PR and a non-DOD agency meet the PR is routed through the and the Director of National Intelligence DNI assigned to the appropriate non-DOD producer who may task a collector if needed and then the nished intelligence product is routed back to the STRATCOM Intelligence enterprise SIE The process for a non-DOD agency to task a collector is not directed by this CON PLAN and therefore is grayed out in the diagram 2 U Collection requirements CR that originate from the SIE are 7 prior to elding by the collectors The combatant command process for tasking national assets follows the path shown in the diagram I Sec 1 7 e and ensure appropriate subtasking of both PRs and CR3 Ap endices 1_ I 3 -Counterintelligence CI 4-- Sec 5-- hm Sec 1 7 e I 6 Intelligence Support to Information Operations 10 7_4 Sec 1 7 e 8-- 9-- Kevin P Chilton General USAF COMMANDER B-20 SEC-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113-6500 28 February 2008 1 APPENDIX 1 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U 2 U OPR HQ J2 3 Sec 1 7 e _l U 4 5 1 U General Iare the basic 6 Sec 1 7 e 7 8 9 requirements to support planning and operations regarding computer network 10 operations 11 to support this plan 12 I 13 2 U eve been identi ed for the W See me 8039 14 execution Due to the similarity in intelligence requirements for 15 mmsec 17 9 will be combined for 16 sec 1 7 6 I 17 18 3 U Each the supporting tasks and subtasks that further de ne 19 the cyberspace operations intelligence requirements The die W0 Sec 1 7 e 26 27 28 c 29 W0 Sec 1 7 B l-l Sec 1 7 e f Sec 1 7 e Sec 1 7 e g Sec 1 7 e networks Kevin P Chilton General USAF COMMANDER B-l-2 ICYbel'Space SEGR-EF 1 HEADQUARTERS U S STRATEGIC COMMAND 2 OFFUTT AIR FORCE BASE NE 68113-6500 3 28 February 2008 4 5 APPENDIX 2 TO ANNEX TO CDRUSSTRATCOM CON PLAN 8039 U 6 U OPR HQ J2 7 Sec 1 7 e 8 9 U References S U 16 17 c Sec 1 7 e 18 31 May 01 U 19 20 d U Joint Pub 2 01 Joint Intelligence Support to Military Operations 21 Appendix C 26 Aug 02 S U 25 26 f Sec 1 7 e I 27 28 29 g_ U Sec 1 7 e I 30 June 05 31 32 h_ Sec 1 7 e 1 33 W1 Sec 1 7m U 34 35 1 U Situation This appendix provides a review of general responsibilities 36 and procedures for submitting 37 requirements to support planning intelligence readiness posturlng 38 situational awareness and mission executlon Additional If 39 17 9 I 39 capability which mav contribute to 40 ICombatant 41 Commands and tasked by their respective Service 42 8039 Annex Intelligence Sec b U Friendly Refer to Base Plan c U Assumptions Refer to Base Plan d U Legal Considerations Refer to Base Plan and Annex Intelligence e U Collection Priorities 1 U PrioritV 1 through Prioritv 7 Not applicable 2 Sec 1 7 e I I USSTRATCOM 2 Requirements Sec 1 7 e I support to HQs staff elements USSTRATCOM Joint Functional Component Commands J FCCs components and subordinate commands manage cyber I functions for their organizations JFCC-Intelli ence Surveillance and Reconnaissance Sec 1 7 e 3 Sec 1 7 e U Conduct all source intelligence analysis assessments U Support command components and assigned units U Support real time global cyber operations and intelligence decision-making U Support Commander USSTRATCOM in operations to support the President of the United States the Secretary of Defense SecDef and other Uni ed Commanders 2 U Mission Refer to Base Plan 3 U Execution Refer to Annex Intelligence para 3 B-2-2 SEQ-REF a U Concept of Operations 1 U ganizations S Sec 1 4 a Sec 1 4 a by U The Sec 1 7 e Sec 17 6 Sec 1 7 e U 9 05901-7 rovide timel res onsive rocessin and validation of USSTRATCOM 3 - 3 W1 Sec 1 7 e requirements feedback on the status of b U Responsibilities 1 U Provide timely submission I needs in support of this CONPLAN Maintain all appropriate tabs to this appendix 2 an U Sec 1 7 e Sec 1 7 e Ull Sec Sec 1 7 e B-2-3 134 135 136 137 138 139 140 141 142 143 14 145 146 147 148 149 15f 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 I69 170 171 I72 173 174 175 176 C Sec 1 7 e Sec 1 7 e U Sec 1 7 e 130 1 Sec 1 7 e Sec 1 7 e 3 U Sec 1 7 e I I I bx 1 Sec 1703 U Sec 1 7 e I Sec 1 7 e C Sec 1 7 e I Sec 1 7 e U Sec 1 7 e Sec 1 7 e c U Tasks Refer to Annex Intelligence 1 U Coordinating Instructions Refer to Annex Intelligence 4 U Administration and Logistics Not Applicable 5 U Command and Control a Command and Control Refer to Annex Command Relationships b Communications Svstems Refer to Annexes Intelligence and C4 Systems Kevin P Chilton General USAF COMMANDER 3 2-4 omummhme 34 35 36 37 38 HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 APPENDIX 3 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U U OPR HQ J2 COUNTERINTELLIGENCE CI U U References a U Executive Order 12333 United States Intelligence Activities 4 Dec 81 U b U DOD Regulation Information Security Program Regulation Jan 97 U c U DOD Directive 5105 67 Dept of Defense Counterintelligence Field Activity 19 Feb 02 U 1 U DOD Directive 5200 27 Acquisition of Information Concerning Persons and Organizations not Af liated with the Department of Defense 7 Jan 80 U e U DOD Directive 5240 1 DOD Intelligence Activities 25 Apr 88 U f U DOD Regulation 5240 1R Procedures Governing the Activities of DOD Intelligence Components that Affect United States Persons Dec 82 U g U DOD Directive 5240 2 DOD Counterintelligence 22 May 9'7 U h U DOD Instruction 5240 4 Reporting of CI and Criminal Violations U i U DOD Instruction 5240 8 Security Classi cation Guide for Information Concerning the DOD Counterintelligence Program U 16 Nov 00 C j U DOD Instruction 10 Counterintelligence Support to the Combatant Commands and the Defense Agencies 14 May 04 U k_ Sec 1 7 e Sec 1 7 e I U B-3-1 SECRET 1 U FOLIO Of ce of the Under Secretary of Defense Decon iction of DOD Counterintelligence CI Cyber Operations with the Intelligence Community IC U FOUO 2 Feb 07 l U Situation a US critical infrastructure and cyberspace- related systems technologies facilities and resources exist Sec 1 4 a Sec 1 4 a I Refer to Annex of Base Plan for current overarching threat information andl bX Sec 14 3 Em Sec 1 4 a I b U Friendly 1 U US National Agencies Prior to during and following execution of any portion of this plan CI law enforcement security or intelligence support may be requested of the following organizations Department of Justice DOJ including the Federal Bureau of Investigation Central Intelligence Agency National Counterintelligence Executive US Marshals Service the Service CI law enforcement and security organizations including AFOSI NCIS US Army INSCOM US Marine Corps CI United States Coast Guard USCG CI and the U S Army and various state level departments such as the National Guard and state and local police U USSTRATCOM Counterintelligence Staff Of ce CISO will serve as the focal point for integrating and coordinating all USSTRATCOM CONPLAN 8039-re1ated CI activities U The US Air Force Army Navy and Marine Corps CI elements will provide CI support to their respective Services in support of the USSTRATCOM mission W Each tasked CI organization will EM Sec 1 4 a SEGR-EF 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 Sec 1 4 a Sec 14 3 Iwith USSTRATCOM CISO 2 U Command CI Structure on execution of CONPLAN 8039 the USSTRATCOM CISO KW Sec 17 9 and will perform associated duties in coordination with affected geographic combatant command functional combatant command 01803 and designated Task Force CI Coordinating Authorities TFCICAs U USSTRATCOM CISO is responsible to plan coordinate advocate and integrate the overall collaborative CI effort in support of this plan Unless execution authority is transferred to another combatant commander CDRUSSTRATCOM is the supported Commander USSTRATCOM CISO is the CI representative for CDRUSSTRATCOM U If another combatant commander is designated the supported Commander under this plan that command s CISO becomes responsible for all planning coordination and integration of CI support to this plan and USSTRATCOM CISO becomes a supporting CI element Supported combatant command CISO will designate a TFCICA C W All combatant command CISOs and Service CI agencies will ensure the supported TFCICA receives in a timely manner Sec 1 4 a Sec 1 4 a information copies of all CI planning I U The respective Service and its CI organizational headquarters will exercise operational control over its Military Department CI resources unless speci ed otherwise by legal authority U Administrative control of Military Department CI resources remains with the CI organization of the respective Service U Assigned and supporting CI assets will utilize all available CI activities to support this plan CI activities include all 590 17 9 I b111139 31'7 e available Within CI investigations operations collections and analysis and production U All C1 information relative to this plan will be made known to USSTRATCOM Commander and the supported Commander through the Commander s CISO or other CI element if so named CI information will be shared through the most expeditious means available B-3-3 130 131 132 133 134 135 136 137 138 139 140 141 142 143 I44 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 3 U Allied Allied and coalition elements provide support based on national plans and agreements c U Assumptions 1 U The supported CISO when required will serve as or appoint a TFCICA The TFCICA will establish CI reporting channels and requirements with component and other agency CI organizations upon implementation or execution of this plan 2 U All command elements and components will have dedicated CI support 3 U Components and national support agencies will provide pre execution and post-execution CI support and services 4 U All C1 organizations will follow appropriate US laws directives regulations and policies regarding CI activities that involveUS persons enemy prisoners of war and the LOAC 2 U Mission See Base Plan 3 U Execution a SW Concept of Operations The integration and of CI in support of this CONPLAN is the responsibility of CISO Upon implementation of this CONPLAN the assumes the roles and responsibilities of I Sec 1 4 a 1 W Information collection and protection Sec 1 4 a 2 U The discharge of special CI requirements assigned by higher authority CJCS etc 3 U Supporting Service CI elements will accomplish CI missions within respective jurisdictions in accordance with established Service policies and SECRET SEQ-REF 176 procedures Assigned CI elements will be guided by applicable DOD Joint 177 Staff or combatant command policies and procedures All Service CI elements 178 will provide information and coordination c0pies of Service-unique eld CI 179 Sec 1 7 e 180 181 182 activities that are supporting this CONPLAN 183 184 b U Tasks 185 186 U Counterintelligence Collection and Reporting 187 188 U Service CI Elements Forward Service-unique eld CI 189 collections and 13 9 190 Sec 1 7 e 191 192 U Sec 1 7 e I 193 Sec 1 7 e I 194 195 U USSTRATCOM ISO 196 197 U Develop CI collection requirements speci c to USSTRATCOM 198 and in coordination with FCC NW JTF GNO and other affected combatant 199 commands agencies 200 201 U Ensure all products generated in support of this plan are 202 distributed to Commander USSTRATCOM JFCC NW JTF GNO Joint Staff 2 203 other combatant commands and task forces as appropriate 204 205 Q U Coordinate CI collection activities and maintain liaison with 206 national level CI and law enforcement agencies as well as other affected 207 COCOM CISOs 208 209 U Coordinate with national level agencies for collection 210 analysis and production in support of critical mission needs 211 212 2 U Counterintelligence Analysis and Production See para 213 above 214 215 3 U Counterintelligence Investigations Investigations will be 216 conducted by the military services and or the appropriate national agencies 217 Services will brief CDRUSSTRATCOM through the CISOILW Sec 17 9 I 218 affecting this CONPLAN 219 220 4 SHREL Counterintelligence Operations Individual Service 221 components and or appropriate national I SECRET 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 activities as directed or required in support of this CONPLAN Services will brief CDRUSSTRATCOM through the operations and activities affecting this CONPLAN 5 U Functional Services Individual service components and or appropriate national agencies will conduct CI functional services as required by this CONPLAN Services will brief CDRUSSTRATCOM through the CISO on the overall status of functional services activities 0 U Coordinating Instructions All higher lateral and subordinate Service and DOD level CI elements will keep the USSTRATCOM I as appropriate of their CI operations and activities USSTRATCOM Sec 1 7 e in support of this CONPLAN These roles and I Sec 1 7 e 4 U Administration and Logistics USSTRATCOM CISO manages the Command's CI program In this role the USSTRATCOM CI Staff Of ce will assist the component's CI services in coordinating their activities and to identify Service-speci c requirements New CI requirements should be forwarded to USSTRATCOM USSTRATCOM CI Staff Of ce coordinates with USSTRATCOMI W1 36 17 9 Sec 1 7 e I as required to satisfy CI requirements in support of Secll-7 e 5 U Command and Control a U Command Relationships This CONPLAN does not require an assumption of OPCON or TACON of Service CI elements Commander USSTRATCOM through the CIS exercises staff coordination authority over supporting Service CI elements If CDRUSSTRATCOM cannot obtain necessary agreement on an issue CDRUSSTRATCOM will request resolution of the issue from the Director of CI Deputy Assistant Secretary of Defense for Counterintelligence Security through the CJ CS Such requests I will be forwarded via the C1D to CJ CS Military Department Service CI units designated to support operations retain their command and organizational integrity Administrative control also remains with the CI organization of each Military Department Service CI units are responsible for supporting their Services and responding to requests for support and coordination All CI activity will be conducted in conformity With legal and policy restrictions regarding CI activities I 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 b U Command _ Control Communications Computers and Intelligence Reporting will be in accordance with established Service procedures and channels and in message format Messa traf c will be addressed to USSTRATCOM OFFUTT AFB NE SSOSTRATCOM 2 for Sec 1 7 e Tabs A - U Counterintelligence CI Target List Not used_ Sec Sec 1 7 e USSC - U Umbrella CI Force Protection Source Operation Proposal Not used Kevin P Chilton General USAF COMMANDER IN TENTIONALLY BLANK HEADQUARTERS US STRATEGIC COMMAND AIR FORCE BASE NE 68113 6500 28 February 2008 APPENDIX 4 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U OPR JFCC U References Refer to Base Plan 6 7 8 a U M1 Sec 1 7 e I20 Mar 2006 S 9 10 b U bXDSec 1-7 e 13 Apr 2007 U 12 1 Situation This appendix provides a review of general 13 reSponsibilities and procedures for 330 14 a 14 Sec1 4 U 39 1 Refer to Annexes Intelligence and 20 Sec 1 7 e 21 22 b U Friendly Refer to Base Plan 23 24 c U Assumptions Refer to Base Plan 25 26 2 U Mission Refer to Base Plan 27 28 3 U Execution 29 30 a a CHE-EL mm Sec 14 8 I HQ 31 USSTRATCOM 2 will coordinate aim 1 ipport HQs staff elements 32 USSTRATCOM FCCs and subordinate commands will manag -tlaleir 33 organizations and manage coordinate d cted by assigned intelligence 34 Individual USSTRATCOM components will manag - t eir Speci c 35 operating environment in coordination with HQ USSTRATCOM 2 other 36 USSTRATCOM components other lother USG agencies and 37 the IC DOD Component elements will coordinate and or assist B-4-1 withI b 1 Sec 1 4 a things Iamong other 1 U DetermineI b 1 Sec 1 7 e and tactical levels Iat strategic operational 2 U Identify Sec 1 7 e I Sec 1 7 e 3 U PrOject how I 4 Review Intelligence Surveillance and Reconnaissance 39 14 3 I b WNW Sec will lead record coordinate and update CDR USSTRATCOM I I Individual USSTRATCOM component J5 elements will record validate coordinate and 493901-49 I In addition HQ USSTRATCOM 5 will coordinate with all involved Ian Sec 14 3 I related to the plan Individual USSTRATCOM 5 elements Will perform the same function at the component level related to supporting plans HQ USSTRATCOM 5 Sec 1 4 a mu Sec 1 4 a Individual elements will perform the same function at the component level DOD Components and IATF members will maintain and share cyberspace situational awareness 1 U Component SJA elements will maintain approved Supplemental Rules of Engagement 2 U Component J5 elements will maintain respectivela m3301703 I Sec 1 7 e I 3 U Component J5 elements supported by their respective J2 elements Sec 1 7 e USSTRATCOM organizational oversight c U Sec 1 7 e 1 4 a I sec 14 3 e1ements responsible for the I Traditionally external organizations conduct the majority of 39 14 3 B-4-2 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 Sec 1 4 a JFC Staff Howeveerxn Sec 1 4 a procedures and the scarcity and dispersion of cyber mm Sec 1 4 a 2 At any time any agency Sec 1 4 a Sec 1 4 a 59 17 9 the best opportunity for recommendations nclude t0l b 1 Sec 1 7 e l U Sec 1 7 e I Sec 1 7 e IO U LOAC ROE or treaty considerations I00 U Sec 1 7 e Sec 1 7 e U I Sec 1 7 e U U Sec 1 7 e I U Sec 1 7 e '00 U To decon ict with friendly operations Iwill maintain the authoritative Sec 1 4 a 3 U F l r ' nts will request approval via SEAWlthe jhresholds or ROE d U Capabilities Analysis Under the oversight and direction of STRATCOM J2 I pomponent 33 and J8 elements will determine asset capability and availabili and in coordination with individual component J2 and SJA will estimate B-4-3 SEQ-RE 130 components and mission partners will Sec 1I703 131 Sec 1 7 e 132 133 134 135 e U Commander s Decision and Force Assignment 136 137 1 Component Sec 1 4 a will 138 Ito for approval 139 140 2 Iwill match their 141 components I 59 17 6 I 142 This action will take into account the results of 143 capabilities analysis as well I 144 Sec 1 7 e 145 146 147 148 149 3 W11 39 1 150 available 151 as soon as possible in a subsequen 152 153 f Mission Plannin 154 units Sec 1 7 e 155 Sec 1 7 e I and Sec 1 7 e Component 3s will ensure tasked IAW the applicable 156 157 2 G-H-R-E-L Sec 14 3 1 In coordination with component 3s 14 8 158 Sec 1 4 a 1 59 160 h If operationsla msec 3 161 Jim Sec 1-4la will modify this 162 Appendix and other documents to incorporatel 59 I 163 Sec 1 4 a associated with Sec 1 4 a l 164 provide enough data W De nitions 169 1 14 3 170 SSTRATCOM is de ned as 171 Sec 1 4 a 172 173 174 3 4 4 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 I90 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 SEGR-EF by the commander Sec 14 8 I including Sec 1-4 a knowledge of thelmx Sec 14 8 Sec 1 4 a 2 USA AUS GBR I Sec 1 4 a I Sec 1 4 a I 3 Situational Awareness SA This activity encompasses Sec 1 4 a Sec 1 4 a all echelons of the chain of command establish and maintain an understanding of I Sec 1 4 a 4 USA AUS Sec 1 4 a j W Coordinating _Ishou1d compare and evaluate the merit mu Sec 1 4 a 4 U Administration and Logistics Refer to Base Plan 5 U Command and Control Refer to Base Plan Annexes Command and Control and C4 Systems Sec 1 4 a 3 4-5 Sec 1 4 a B-4-6 Sec 1 4 8 213 214 Figure USA AUS GBR 215 13 4 7 216 222 223 224 225 226 227 228 229 hm Sec 1 7 e Figure 8 4 2 mm Sec 1 7 e Kevin P Chilton General USAF COMMANDER B-4-8 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 APPENDIX 5 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U QJ OPR HQ J2 Sec 1 7 e U References a U Sec 1 7 e I3Aug 98 b U 30 Jun 97 S c Sec 1 7 e Sec 1 7 e d I NF IlJun 92 e U Joint Pub 2-01 Joint Intelligence Support to Military Operations Appendix C 7 Oct 04 U f I '7 Mar 2006 SHNF 1 U Situation This appendix reviews general responsibilities and procedures for submitting 03 1 Sec 13 6 I IBM Sec 1 7 e I a to 8039 Annex Sec 1 7 e b U Friendly Refer to Base Plan c U Assumptions Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution Refer to Annex Intelligence para 3 B-5-1 USSTRATCOM 2111 1111 Sec 1 7 e management support to HQs staff elements per ref USSTRATCOM FCCs components and subordinate commands perform cyber operations Sec 1 7 e collaborate with USSTRATCOM subordinate 2 03 1 Sec 17 8 Sec 1 7 e subordinates 19- U LOW for their organizations FCC ISR will closely Sec 13 6 are assigned to USSTRATCOM FCCs or other component organizations CONOPS for the Ian 39 Sec 1 7 e 1 U Tasks Not applicable will be developed by the receiving organization and coordinated with USSTRATCOM 2 2 U Requirements and Reporting See refs and for the authorities procedures and formats for Sec 1 7 e C REL IQM Sec 1 4 a Sec 1 4 a U Sec 1 7 e I See para above C U External Tasking Sec 1 7 e applicable I Not hm serl i'nately reporting agencies will be responsible to the Command and its U Other eporting Procedures Formats Not applicable U Sec 1 7 e Sec 1 7 e c U Coordination 1 Sec 1499 Sec 1 4 a in support of this CONPLAN 2 U Sec 1 7 e provides Sec 1 7 e Ito USSTRATCOM I coordination Sec 13 9 and other command B-5-2 100 101 102 103 104 105 106 SEQ-REF elements are kept fully aware of 390 1343 010 1 Sec 1 7 e requirements 3 U Sec 1 7 e liaise with Commander USSTRATCOM component commands and assigned units Sec 1 7 e Sec - 4 U Administration and Logistics See Annex Intelligence 5 U Command and Control See Annexes Intelligence and Command and Control a U Command Relationships Not applicable b U Communications Not applicable Kevin P Chilton General USAF COMMANDER INTENTIONALLY BLANK 13-5-4 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 APPENDIX 6 TO ANNEX TO CDRUSSTRATCOM CONPLAN U OPR HQ INTELLIGENCE SUPPORT TO INFORMATION OPERATIONS 10 U ND U References p A-ul HO a U Joint Pub 2-0 Joint Doctrine for Intelligence Support to Operations 9 Mar 2000 U hid-3M b U Joint Pub 2 01 Joint and National Intelligence Support to Military Operations 7 Oct 2004 U r li Ii I 40qu c U Joint Pub 3 13 Joint Doctrine for Information Operations 13 Feb 2006 U I Iu t C d U 11 6 13 Apr 2007 U MN e U Joint Pub 5-0 Doctrine for Planning Joint Operations 26 Dec 2006 NMM f U Defense Intelligence Management Document Analyst Information Requirements for Information Operations Information Warfare Feb 1999 U MN 28 WW Situation This appendix specifies how 30 information Operations intelligence support will be conducted in support of 31 USSTRATCOM CONPLAN 8039 See also Appendix 3 to Annex Information 32 Operations and Annex Intelligence 33 35 36 37 b U Friendly 38 39 1 W Production Mana ement Production B-6-1 management for this plan is organized using the IP processes and documented in thelwxn Sec 1 4 a 10 crosses the functional responsibility of several intelligence agencies and production centers often requiring direct coordination 2 I Sec 1 4 a REL USA AUS Sec 1 4 a USA AUS GBR TO USA I Sec 1 4 a I Sec 1 4 a Sec 14 3 that assist a wide range of planning options W1 USSTRATCOM and its collaborate with I Sec 1 4 a 10 L3 W IO Sec 1 4 a Information is Sec 1 4 a developed with U JCS - ZS Coordination of Political Military Assessments and compartmented requests for information RFIs bl Sec 1 Sec 1 4 a level for support to 8039's intelligence requirements Cl Sec 1 4 a Sec 1 4 a the Headquarters building SW W1 36 1-4 a jvia an assigned LNO 8-6 2 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 REL USA AUS Sec 1 4 a WW Sec 1 4 a Sec 1 4 a to enable com bat commanders to develop operational courses of action They serve operational Sec 1 4 a databases and detailed analy31s 4 U Staff Coordination Cyber intelligence requirements may require other support collection and counter intelligence support To facilitate this intelligence support JIOWC coordinates with the following internal staff of ces Sec 1 7 e U Sec 1 7 e support U IOWC Intelligence Operations assistance U Sec 1 7 e c U Assumptions Refer to the Base Plan and Annex Intelligence 3 U Execution 2 U Mission Refer to the Base Plan a W erational Re uirements 10 re uires broad-based dedicated intelligence I Sec 1 4 a Sec 1 4 a and access must be developed as early as possible For example 390 4a I source of intelligence W Information Requirementsla xll must be made It is critical 1405' of the B-6-3 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 Sec 1 4 a 1kept current Identifying requirements and initiating 3351 4 8 I Sec 1 4 a 1 W Leadership Iof key personnel strategic communications Sec 14 3 Sec 1 4 a Ietc will require updating 2 Sec 1 7 e Sec 1 7 e 131 U Sec 1 7 e Sec 1 7 e 41 REL USA AUS Sec 1 4 a 51 Sec 1 7 e mu Sec 1 7 e etc 6 U Military and Sec 1 7 e lfor example 7 Sec 1 7 e Sec 1 7 e operation for example 81 of the Sec 1 7 e Sec 1 7 e validated prior to release 0 U Collection 1 U Collection Management JIOWC will coordinate with respective J2 elements to ensure de-con iction of IO intelligence requirements 2 U Supporting SVstems 1 1 4 mum 9 8 requirements will focus on the aforementionedla m 59 14 3 1 I Sec 1 4 a 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 Sec1 7 e supports all elements of IO 0 011 Sec me of IO U OSINT Open Source Intelligence includes radio television speeches newspapers technical manuals and the Internet Along with public polling and survey data such 1 Sec 1 7 e 3 W Capabilities Analysis Access Sec 1 4 a Sec 14 8 IAdditionallv intelligence to support cyberspace will require 4 U Processing Production Application and Dissemination U Communication with Collection Management Continuous assessment and analysis of intelligence collection is necessary in order to anticipate and or react to the information situation as it develops U Coordination IO planners coordinate directly throughout the planning process and ensure that the appropriate J2 elements are included in planning at the appropriate phases 0 U Correlation Information will be provided directly to the operator in a wide variety of formats Products will be considered draft until reviewed and coordinated by the appropriate leadership U Foreign Capability or Activity Assessment A 1 Sec1 7 to Annex Intelligence U Database Management Web-based tools and services Sec 1 7 6 Sec 1 7 e U C4 Network Analysis USSTRATCOM plans integrates and coordinates DOD GNO by directing GIG operations and defense and identi es and advocates these desired characteristics and capabilities USSTRATCOM SEQ-REF 224 integrates global C2 networks identi es desired C2 capabilities develops 225 architectures and concepts and manages doctrine development 226 operations and C2 centers provide rapid integrated C2 for 227 employing military capabilities 228 229 U Capabilities Analvsis 230 231 4 U Sustaining Functions 232 233 a Automated data processing Computer 234 requirements must meet the accreditation requirements of the network The 235 W1 360 1-4 8 236 237 238 239 240 241 242 Sec 1 7 9 243 244 2 U 245 246 Sec 1 7 e 247 243 4 Sec 1 7 e 249 Sec 1 7 6 I 250 251 b U Capabilities Analvsis Not used 252 253 C U Communications 254 Sec 1 7 e 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 SEGR-EI 270 271 5 U Command and Control Refer to Annex Intelligence 272 273 274 275 Kevin P Chilton 276 General USAF 277 COMMANDER B-6-7 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 TNTENTIONALLY BLANK 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 U OASD PA provides overarching guidance and policy to combatant command PA personnel This guidance will be disseminated by USSTRATCOM PA and or the supported supporting GCC PA U After the initial announcement of the execution of this plan OASD PA may delegate release authority to the supported commander Once delegated this responsibility the supported commander will determine if when and what release authority will be delegated to component supporting commands and operational task forces - U USSTRATCOM will lead the coordination of information among OASD PA JFCC PA JTF GNO PA and the affected as quickly and as often as required USSTRATCOM will issue PA guidance as required U Detailed interaction and coordination among PA IO and DOD PA must occur throughout all phases of any operation e U Security Review Although information sharing is key PA of ces at all levels must exercise security at the source OPSEC will be considered throughout all phases of the operation The supported command PA function will conduct security and policy review when necessary 4 U Admin and Logistics Refer to Base Plan 5 U Command and Control Refer to Base Plan and Annex Command Relationships Kevin P Chilton General USAF Commander OFFICIAL JILL H VOTAW CAPT USN Chief Public Affairs F-6 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 U Ensure subordinate units receive and comply with the PA policy and guidance in this Annex and any other speci ed PA approved PAG U Propose information that can be used for a detailed PA communication plan or Proposed Public Affairs Guidance PPAG U Coordinate any planned PA programs and activities related to this plan With PA U Develop local PA annexes to supporting plans assigning responsibilities and providing command-speci c guidance public information internal information and community relations necessary to successfully implement this plan As appropriate coordinate PA annexes of supporting plans with logistics communications and operations planners and USSTRATCOM PA U Be prepared to exercise release authority delegated to Component Commanders or Task Force Commanders TFC U Provide Component Commanders and FCs advice and counsel on PA matters concerning USSTRATCOM operations as required and immediately inform PA of any incident or action resulting from communications that are likely to require action at the Service Joint Staff or OASD level be of immediate news interest or cause unfavorable public reaction or publicity d U Coordinating Instructions 1 U Release Authority Release authority will be delegated to the lowest level possible consistent with published PA guidance 2 U Reporting Requirements All supporting PA functions will provide a daily SITREP by 1700 ZULU to via NIPR email if possible The SITREP will include electronic copies or internet links of articles published in the preceding 24 hours planned press releases a summary of completed PA actions and future media engagements a list of PA personnel deployed and any new messages or talking points USSTRATCOM will publish a consolidated SITREP each day 3 U There will be no releases statements responses to media inquiries or other public announcements by USSTRATCOM or assigned forces concerning this plan without authorization from PA The general conduct and control of PA activities will be as follows F-5 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 1 U PA will U Be involved in all appropriate planning boards and groups to include Information Operations Working Groups IOWG Operational Planning Groups and Long Range Planning Elements etc U Plan for speci c contingencies and formulate tailored courses of action for each Phase of Operations to affect regional and international opinion U Counter enemy propaganda with the truth Actively use truthful fact based accurate and timely public information products to respond to enemy threats deception and lies U Ensure all personnel required to interact with media and the community are well versed on the PA guidance media guidelines and prepared to assist media members as necessary - U As news releases and statements are issued to the media they should also be disseminated to the internal audience Via SKIWEB STRATWEB and other available resources 2 U CDRUSSTRATCOM will Assign high priority to PA programs and direct commanders to assign dedicated assets and support a PA program consistent with OPSEC INFOSEC PAG regulations and policies 3 U will U Provide CDRUSSTRATCOM and his staff advice and counsel on PA matters concerning operations as required Develop PA policy guidance and plans as required U Maintain liaison with OASD PApolicy matters U Coordinate PA activities with IO and SC to themes and messages U Ensure rapid communication of PAG to component and task force PA of ces 4 U Geographic Combatant Command PA GCC PA will Provide regular feedback on signi cant PA activity within the area of responsibility area of interest to PA CJCS PA and USSTRATCOM PA 5 U USSTRATCOM Component Command Task Force PA Of ces F-4 31m 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 used as a military deception capability or to provide disinformation to internal or external audiences 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operations The supported command for execution will lead the efforts to develop coordinate and a comprehensive PA program with the supporting PA functions and PA which is aligned with and directly supports USG communication objectives As a supporting command USSTRATCOM retains responsibility for providing coordinated FCC NW and JTF GNO PA products in addition to other USTRATCOM components as applicable to the supported command PA function Regardless the intent is to provide truthful information of suf cient breadth and timeliness which supports the efforts to educate the audience with the cyberspace domain and its impact on military operations b U Themes and Messages The following overarching themes and messages are contained in NSPD 38 1 U The US is committed to ensuring the free and secure ow of information through cyberspace Global economic growth and security depend upon the networks and systems that constitute cyberspace Maintaining freedom of action in cyberspace in the let Century is as inherent to US interest as freedom of the seas became in the 19th Century and access to air and space in the 20th Century 2 U We will continue to lead international and domestic efforts to ensure the security of global information infrastructures upon which cyberspace depends 3 U The US reserves the right to respond to attacks in and through cyberspace by nations terrorist groups or other adversaries in a manner it deems appropriate 4 U We will maintain the capabilities to operate in the cyberspace domain to deter deny or defeat any adversary that seeks to harm US national and economic security 5 U We will ensure that our actions in this domain are undertaken in a manner that is lawful and protects our Constitutional liberties c U Tasks Consistent with current guidance and within the constraints of Operations Security OPSEC Information Security INFOSEC safety and privacy of US military personnel their families and DOD civilians SECRET F-3 SEGREF k U DOD Instruction 5410 19 Public Affairs Community Relations Policy Implementation 13 November 2001 1 U Situation a U General 1 U This annex assigns responsibilities and provides overarching guidance for military Public Affairs PA activities in support of CDRUSSTRATCOM CONPLAN 8039 07 S for combatant and supporting commands 2 U The preeminent factor in PA support of this strategic concept involves coordinating and communicating DOD efforts in broad themes and public affairs strategies by establishing a common context in the cyberspace domain for military areas of operation and developing a deeper understanding of this domain and its impact on war ghting In support of this plan PA efforts must be with other USG and DOD communication strategies This requires a comprehensive PA plan that extends from to USSTRATCOM its components and integrated with Geographic Combatant Commands I Sec 1 7 e 1 b U efer to Base Plan c U Friendly Refer to Base Plan d U Assumptions Refer to Base Plan e U Policy PA is a function of command and consists of public information internal or command information and community relations activities designed to educate and inform external and internal publics and stakeholders Public Affairs activities are conducted in accordance with existing DOD directives and policy the DOD Principles of Information and current Of ce of Assistant Secretary of Defense for Public Affairs PA guidance Other policy considerations follow 1 U PA activities are complementary to yet distinct from Information Operations 10 PA activities contribute to IO by providing truthful fact based accurate and timely information using approved OASD public affairs guidance PAG to keep the public informed about the military s missions and Operations in support of military objectives countering enemy propaganda dissuading and deterring enemy actions and maintaining the trust and con dence of the US population our friends and allies By law and by doctrine PA activities are prohibited from intentionally deceiving the public PA activities will not be SEGR-EIF F-2 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113 6500 28 February 2008 1 2 ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U1 3 U OPR USSTRATCOM JO2O 4 PUBLIC AFFAIRS U 5 6 U References Refer to Base Plan 7 8 a U JP 3 61 Doctrine for Public Affairs in Joint Operations 14 May 1997 9 10 b U DOD Directive 5122 5 Assistant Secretary of Defense for Public 11 Affairs 27 Sep 2000 12 13 c U DOD Directive 5200 1 DOD Information Security Program 13 14 December 1996 15 16 d U DOD Directive 5230 9 Clearance of DOD Information for Public 17 Release Change 1 15 July 1999 18 19 e U DOD Instruction 5230 29 Security and Policy Review of DOD 20 Information for Public Release 6 August 1999 21 22 f U DOD Directive 5400 13 Joint Public Affairs Operations 9 January 23 1996 24 25 g U DOD Instruction 5400 14 Procedures for Joint Public Affairs 26 Operations 22 January 1996 2-7 28 h U DOD Instruction 5405 3 Development of Proposed Public Affairs 29 Guidance 5 April 1991 30 31 i U DOD Instruction 5410 15 DOD Public Affairs Assistance to Non 32 Government Non Entertainment-Oriented Print and Electronic Media 28 33 March 1989 34 35 j U DOD Directive 5410 18 Community Relations Policy 20 November 36 2001 37 a F-l SEGR-EF 4 U Other USSTRATCOM components will review and provide CONPLAN additions and deletions to USSTRATCOM 534 Sec 1 4 a Sec 1 4 a Figure 0204 USA AUS GBR 4 U Administration and Logistics Refer to Base Plan 5 U Command and Control Refer to Base Plan SEGREF SECRET HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68133-6500 27 February 2008 APPENDIX 20 TO ANNEX 0 TO CDR USSTRATCOM CONPLAN 3039 U U OPR JFCC NW J52 Sec 1 7 e U References Refer to Base Plan and Annex Operations 1 U Situation Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution a W Concept of Operation The Sec 1 4 a of the Base Plan b U Tasks 1 U HQ USSTRATCOM J534 will maintain the CONPLAN 3039 e and receive inputs from USSTRATCOM components during CONPLAN 8039 periodic reviews 2 will review and provide CONPLAN Ito include recommended additions and deletions to USSTRATCOM 1534 for Sec 1 4 a 3 FCC NW will review and provide CONPLAN 8039 Sec ladditions and deletions to USSTRATCOM 1534 Sec 1 4 a Sec 1 4 a I 1 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 - 365 366 367 368- operational or strategic level Sec 1 7 e Sec 1 7 e Sec 1 7 e U Operational Effects Desired operational-level outcomes necessary to achieve a phase objective Operational effects incorporate all elements of national power available to the theater commander 8 Sec 1 7 e Sec 1 7 e M Isystems for a Speci c purpose 9 U Political Militarv Economic Social Infrastructure and Information PMESII Construct for de ning systems behaviors 10 U Sec 1 7 e Sec 1 7 e throughout the campaign f U Refer to Base Plan g U Coordinating Instructions Refer to Base Plan 4 U Administration and Logistics Refer to Base Plan 5 U Command and Control Refer to Base Plan 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 32' 328 329 330 331 Sec 1 4 a circumstances 1 Commanders at all levels will ensure Sec 14 8 Sec 1 4 a Sec 1 4 a Sec 1 4 a issues that arise e U De nitions will integrate and coordinate DOD Components plans and address advocacy and allocation 1 U Campaign effects Desired theater level outcomes or conditions that allow CDR CFC to achieve the operational objectives 2 U Effect The physical functional or outcome event or consequence that results from a speci c action or actions that produces desired changes in enemy actions reactions or inabilities to act 3 UWU Sec 1 7 e W1 Sec 1 7 3 provides a conceptual alternative to traditional attrition and maneuver warfare Sec 1 7 e U Indicator criteria that we are going to measure Indicators may mu Sec 1 7 e 5 Sec 1 7 e Sec 1 7 e C- 19-9 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 SEQ-REF U Reassess the adversary utilizing thd threat analysis to determine the new if any cyberspace operations threat posed by that adversary U Reassess the and determine if the actions applied cause a signi cant change in capability or intent of the actor Q U Determine if _ were met 3 U Assess resources to ensure current resources are adequate and suf cient If additional resources or capabilities are required USSTRATCOM JCS and OSD must re-enter the DOD PPBS cycle to address near and long term needs and to acquire as quickly as possible capabilities that address immediate needs U Determine unintentional and undesired effects of actions applied Ensure other DOD Components and USG agencies are aware of actions as effects in cyberspace with few exceptions are trans regional U If the applied tasks were not successful in achieving the desired effect 1 U Reassess the actor utilizing theah e threat analysis to determine the new if any cyberspace operations threat that the adversary actor poses remains valid U Evaluate the U Determine if other associated effects were met 3 U Assess current resources to ensure adequacy and suf ciency If additional resources or capabilities are required USSTRATCOM JCS and OSD must re-enter the DOD PPBS cycle to address near and long term needs and to acquire as quickly as possible capabilities that address immediate needs 5 U Determine if any unintentional and or undesired effects occurred Ensure other DOD Components and USG agencies are aware of actions as effects in cyberspace with few exceptions are trans- regional c W Interagency Efforts Refer to Annex Interagency USSTRATCOM through OSD S and in coordination with the applicable Combatant Commands '11 engage the interagency to develop a common situational awareness of land b 1 sec threats in cyberspace 39 SEGR-EI C-19-8 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 processes the USSTRATCOM staff deve10ps a Sec 1 4 a acro SS Sec 1 7 e lAssessment Guidance 1 39 lUsing available assessments and analysis the b 1 Sec 1 4 a Sec 1 4 a I operations in and through cyberspace_ This Sec 1 4 a to re align with new combatant commander's priorities U Assessing Effectiveness Following the execution of cyberspace operations applied tasks commanders responsible for the execution of those a lied tasks assess the performance of tasks and report ndings to the Sec 1 7 e U Assessingl x 89 17 9 Ide ned in para USSTRATCOM HQ staff and applicable components assess 17 3 individual tasks conducted during the course of operations When performing this assessment answer the following questions Are we doing things right Were the tasks performed correctly Insights into this aspect of task execution inform advocacy and military decision-making processes that su port the cyberspace operations campaign cycle The assessment of r7 fiewly integrated capabilities across the informs the advocacy process by 53 17 9 operational needs in terms of support and suf ciency USSTRATCOM will assign an Of ce of Primary Responsibility OPR to each applied task The or each applied task 51 U Sec 17 9 Ide ned in para USSTRATCOM and Components must also assess I Sec 1 7 e I will answer the questions Are we doing the right things Did the applied task have the desired effect on the threat USSTRATCOM will assign an OPR to each applied task The Sec 1 7 e U If the applied tasks were successful in achieving the desired effect C-19-7 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 Sec 1 7 e Figure brie ng May 2006 U 3 U Sec 1 7 e U 59 linkage above provides a baseline starting point to I Sec 1 7 e Operational level applied tasks 030 Sec 1 4 a I Once speci c 1 Sec 1 4 a um i sea as The overall criteria for the actual prioritizationl W1 Sec 14 3 I ma Sec 1 4 a SEQ-REF 139 U The USSTRATCOM staff and components analyze the mission 140 using all tools available- Operational Net Assessment ONA de ned in para 141 CIE COA analysis Virtual Information Environment VIE etc to 142 understand the operational environment and determine what Political Military 143 Economic Social Infrastructure and Information PMESII de ned in para 144 3e 10 stem behaviors and or capabilities 14 5 sec 17 9 OCOM theater objectives 146 147 U Based on veri cation of the task to 148 objectives and the analysis of the adversary and the operational environment 149 provided by the staff and components the commander s intent is issued to all 150 components and supporting agencies This normally includes his vision of 151 what needs to be done purpose a broad concept for how CDRUSSTRATCOM 152 intends to accomplish the objectives method and key measures for 153 determining success end state CDRUSSTRATCOM provides planning 154 guidance to focus staff and component development of COAs to accomplish his vision end state for - 156 CONPLAN 8039 ' COAS withinlmm bee Ute I 157 will fuse and the appropriate DIME and or PMESII 158 actions in time and space against those decisive points within the operational 159 environment which most directly produce the effects that will achieve his 160 stated objectives The goal is unity of effort or harmonization of all elements of 161 DIME PMESII toward a common goal 162 163 S Sq AUS GER 164 which produce decision points I 6 5 Sec 1 4 a 166 based upon the commander s guidance and intent Refer to Base Plan for 167 CONPLAN 8039 6 8 169 U USSTRATCOM integration and collaboration mechanisms will 17 0 be used to develop Sec I 171 1 Kfl iich is the primary means to provide operational level assessment 172 All appropriate DOD Components and USG Agencies will be invited to 173 participate See 174 Figure 0 19 2 below 175 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 Sec 1 7 e Figure C- 1 9- HUNT Sec 1 7 e May 2006 U 1 U Ewind Prioritize Threat detailed discussion of the Sec 1 7 e 2 U Tailored Planning U The tailored planning process uses an Sec 1 7 e Sec 1 7 e Sec Sec 1 7 e I Through an analysis of national strategic objectives utilizing the products from the develops 866 We CONPLAN 8039 reference chart Sec 1 7 e 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 Sec 1 7 e CONPLAN 8039 Base Plan 5 U Emphasizes unity of effort through a strengthening of interagency operations by i U Supporting improvements in strategr development and planning within DOD and with interagency partners to shift emphasis from DOD centric approaches toward USG interagency and coalition a11ied solutions U Developing stronger links between planners in the OSD the Joint Staff Combatant Commands Services and the IC U Facilitating communication by developing shared perspectives and a better understanding of each agency s roles missions and capabilities i U Improving the effectiveness of operations in and through cyberspace through the accomplishment of objectives and promoting ef ciency throughout the operational mission area by effectively allocating integrating and using limited resources 0 for this appendix Sec 1 4 a Sec 1 4 a Sec 1 4 a plan para established Land as referenced in the CONPLAN 8039 base b WW law Sec 1-4 a This appendix provides a framework for continuous and sustained efforts throughout DOD 59 14 3 Sec 1 4 a Sec 1 4 a environment in an operational '70 '71 '72 '73 '74 '75Refer to Base Plan and Annex A Task Sec 1 7 e Organization 4 Refer to Base Plan and Annex Intelligence 53 we I 5 U Friendlv Capabilities Refer to Base Plan and Annex A Task Organization 6 U Assumptions Refer to Base Plan and Annex Operations 7 U Legal Considerations Refer to Base Plan and Annex Operations 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operations 1 U Commander s Intent Purpose The purpose of CON ec1 4 a Sec 1 4 a I The purpose of this appendix is to set the framework for integration and of USSTRATCOM plans in support of operations in and through cyberspace and de ne activities and metrics to assess their effectiveness 86 14 Sec 1 4 a U Method This appendix uses a strategic framework that U Includes a process for the development of a for CON PLAN 8039 is shown at Appendix 20 to Annex C 2 U Includes 11 0 describe the overall Sec 1 7 e 3 U Includes logical lines of operation in which DOD will focus Sec 1 7 e HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68133-6500 OoqmmibwwI I 28 February 2008 APPENDIX 19 TO ANNEX TO USSTRATCOM CONPLAN 8039 U U OPR JFCC Sec 1 7 e References Refer to Base Plan a U Commander s Handbook for an Operations 24 Feb 06 1 SW Situation Since the advent of the Information Age the US at all levels of government and society has become increasingly GUIDANCE U Sec 1 7 e to Joint dependent upon the world wide network of software computers and telecommunications infrastructure as the foundation of our national economy Sec 1 4 8 Sec 1 4 a 1 a U General 1 W Function This appendix describes plans and functions to integrate and within the DOD GIG and operations in and through cyberspace in support of Sec 1 4 a appendix also expands upon the Sec 1 4 a Sec 1 4 a USSTRATCOM command goal This described in the CONPLAN 8039 Plan Summary para Base Plan and Annex to Sec 1 4 a describes the strategic framework within 39 14 3 yberspace operations 2 U Area of Concern Refer to Base Plan I This appendix C 19-l 207 208 Sec 1 4 a Figure Sec 1 4 a C-18-8 S REL USA AUS GBR 182 3 ICW JFCC 53 14 3 183 Sec 1 4 a 184 185 186 4 USA AUS GBR 9101360 14 8 I 137 Sec 1 4 a 188 189 SW Identify COA support requirements 190 Sec 1 4 a I 191 192 6 anm Sec 1-4 a I 193 Sec 14 a if identi ed as supported commanderpost mission analysis feedback 197 198 8 Reuest assistance in organizing training 199 and otherwise preparing from FCC GSI if required 200 201 9 W Support JFCC GSI through the 202 203 204 205 c Figure below is a graphical depiction of 206 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 WW Prepare and maintain plans in support of Sec 1 4 a Sec 1 4 a when 4 WW Recommend appropriate 5 W Sec 1 4 a 6 SW Coordinate and lead l Sec 1 4 a W Sec 14 3 development 17 W Provide support to 198931-41 3 required or directed 8 In preparation for follow on operations monitor situations generated intelligence follow-on operations possibilities additional coordination requirements 33 14 3 Sec 1 4 a U 9 W Ensure all open action items are evaluated for closure 10 SW Sec 1 4 a mission analysis lconduct a post 11 1 Assist in organizing training and otherwise Sec 1 4 a iSec 1 4 5 b Sec 1 7 e Sec 1 7 e 1 W Using existing infrastructures CAT Crisis Action Center Command Center Operations Center Joint Operations Center The GCC determines the appropriate command and structure arrangements for respectivelmxn Sec 1 4 a I 2 REL USA AUS Sec 1 4 a I Sec 1 4 a SEQ-REF 124 125 126 127 128 129 130 131 132 133 134 135 Sec 1 4 a Figure C-18-2 Sec 1 4 a USA AUS GBR 3 U Sec 1 7 e a U USSTRATCOM lResponsibilities and Requirements 1 WNW Sec 1 4 a Sec 1 4 a 2 W Monitor through JFCC GSI 136 Fbm Sec 1 4 a operations under this plan as required Sec 1 4 a SEGR-EF 104 105 2 W CDRUSSTRATCOM will review the 106 Sec 1 4 a 107 108 W 33 1-413 IUSSTRATCOM operational recommendation 109 110 e - The purpose of this 111 Sec 1 4 W NW Sec 14 8 119 IThe supported Combatant 120 Commander1 b 1 39 1-418 I 121 122 g U Figure below depicts 1 123 Sec 1 4 a 83 84 W Figure 0 18 1 85 86 c The purpose of this Sec 4 a 37 Sec 1 4 The purpose of this Sec me Sec 1 7 e 95 planning 96 97 1 W JFCC GSI ICW the W 39 98 operational 99 recommendation This recommendation will be presented for consideration to 100 the Joint Staff and I 101 Sec 1 4 a 102 103 USSTRATCOM recommendation for the way ahead 39 Sec 1 4 Sec 1 4 a 44 establish manage the planning timeline and expectations 45 46 1 SW GCCs and JFCC GSI continuousl anal ze 47 current intelligence to determine if suf cient information exists I 43 Sec 1 4 a 49 50 Combatant Commanders other government agencies and other planning 51 partners in attendanceSec 1 4 a - 59 provides initial tasks for participants delineates the planning timeline and 60 collaboration instructions de nes required products I 61 m1 Sec 1 4 a I 62 63 b Wn mm Sec The purpose of this 64 mm Sec 1 4 a 65 determining potential solutions 66 67 1 W FCC GSI conducts and leads mission 68 analysis in 1 69 Combatant Commands Services and participating USG 70 Sec 1 4 the supporting 75 Sec 1 4 a I 76 77 3 W Mission analysis will produce alum 53 13 3 1 4 a JFCC GSI works with Sec 1 4 a 73 Sec 1 4 a 79 80 81 82 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 681 13 6500 28 February 2008 1 APPENDIX 18 TO ANNEX TO USSTRATCOM CONPLAN 8039 Ul 2 U OPR JFCC GSI J39 OCR 8 IOF 3 lwx1 3ecme CYBERSPACE OPERATIONS U 4 5 U References See Base Plan and Annex Operations 6 7 WW Situation 8 9 a W General Iis the 10 process for producing USSTRATCOM recommended 11 or when directed by the Joint Staff JS for 12 CDRUSSTRATCOM This process is generally used 13 Sec 1 4 a 14 15 16 17 executed by land other organizations in order to 18 facilitate and integrated effects Several variables may dictate 19 that the cyberspace Idiffer from what is found in this 20 appendix in addition 21 depending on interagency I 22 circumstances may be encountered These situations will be handled on a by 23 case basis For example 24 Sec 1 4 commence planning and coordination with FCC GSI 34 35 2 REL USA AUS 36 Sec 1 4 a 37 3 8 Sec 1 4 a C-18-1 40 41 U Coordinate with DOD Components to determine the operational 42 impact of changing DOD INFOCON levels 43 44 U Provide recommended changes to DOD INFOCON levels to 45 CDRUSSTRATCOM 46 47 4 U Administration and Logistics Refer to Base Plan 48 49 5 U Command and Control Refer to Appendix 17 NetOps to Annex 50 Operations 39 SEC-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 681 13 6500 28 FebruaIy 2008 TAB TO APPENDIX 17 0 ANNEX TO CONPLAN 8039 U U OPR JTF-GNO J5 INFORMATION OPERATIONS CONDITION INFOCON U References Refer to Base Plan and Appendix 17 NetOps to Annex Operations 1 U Situation Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operation The INFOCON system including responsibilities processes and procedures applies to all DOD information systems and networks operating at the Secret level not to include closed special enclave or 10 networks and below under the purview of Of ce of the SECDEF the Military Departments the CJCS The Combatant Commands The Of ce of the Inspector General of the DOD the Defense Agencies the DOD Field Activities and all other organizational entities within the Department of Defense hereafter referred collectively as the Components The system also governs any interconnections between Public and DOD Unclassi ed networks DOD Unclassi ed and Classi ed networks and Classi ed and Classi ed networks b U Tasks 1 U will U Implement the INFOCON System IAW 8530 CJCSI 6510 01 Strategic Directive 527 1 and USSTRATCOM and guidance 2 U will U Monitor track and provide global situational awareness on the Global INFOCON Indicators U Develop the execution guidance for implementation of the INFOCON directive and incorporate it into NetOps plans 17-E-1 INTENTIONALLY BLANK C- 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 U Ensure that the DOD GIG is optimally delivering the information required by DOD GIG users in accordance with information delivery priorities U Ensure visibility of the information owing across the DOD GIG and of those systems used to store catalog discover and transport information U Monitor information ows and access determine impact to network capacity and ensure that user pro les are being satis ed with a reasonable quality of service U Determine the sources responsible for providing information and stage information content throughout the DOD GIG in support of a given operation U Track and maintain knowledge of the various requests and user pro les for information coordinate changes in the operating parameters of DOD GIG assets identify new products review and validate the user-pro le database and develop joint policies and procedures governing information ow across the DOD GIG 2 U JTF GNO will U Direct GCM activities U Provide DOD GIG users with an awareness of relevant accurate information and automated access to newly discovered information for timely ef cient delivery in a usable format 0 U Provide guidance to capitalize on the content management framework found within the Net-Centric Enterprise Services NCES and Net- Centric Data Strategy U Facilitate the placement posting and transport of information required by DOD GIG users 4 U Administration and Logistics Refer to Base Plan 5 U Command and Control Refer to Appendix 17 NetOps to Annex Operations 17-D-3 SEQ-REF timely and ef cient information delivery and or search information databases to retrieve desired products as required 4 U Improve bandwidth utilization 5 U Enhance all aspects of the DOD GIG transport capabilities b U The core GCM services are Content Discovery Content Delivery and Content Storage These core services are envisioned to be enterprise wide services used by the entire DOD to ensure our information is available to all authorized users 1 U Content Discovery Content Discovery provides the ability to quickly search for information throughout the DOD GIG Using any appropriate web browser whether on a desktop computer or wireless device operational staffs can search across multiple sources from one place vice making several attempts Once the product is located the Content Delivery service permits the users to pull in the needed product 2 U Content Delivery Information that is requested by a DOD GIG user is delivered using the GCM delivery service Content Delivery provides the user the capability to replicate les and directives publish and subscribe to information based on roles and responsibilities and provide assured timely transport of the information to include noti cation of when the information was read by a distant user Items are delivered across multiple heterogeneous communication systems with delivery and read receipt noti cations providing assured delivery of information products 3 U Content Storage Content Storage provides physical and virtual places to host data on the network with varying degrees of persistence These information storage capabilities will be located throughout the DOD GIG c U Tasks CDRUSSTRATCOM through the and the NetOps Community directs GCM through the policies procedures programs and operations that prepare DOD systems networks and personnel to manage the content of the DOD GIG and coordinates with the interagency as required 1 U will U Act on JTF GNO direction with regard to GCM activities U Ensure the Content Discovery Storage and Delivery services as well as mitigation are operating correctly and that information is maneuvered to the optimum location on the DOD GIG SEQ-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 TAB TO APPENDIX 17 TO ANNEX TO CONPLAN 8039 U U OPR J5 GIG CONTENT MANAGEMENT GCM U References See Base Plan and Appendix 17 NetOps to Annex Operations 1 U Situation Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operations GCM is the essential task that ensures information is available on the DOD GIG At any time within the DOD GIG there are information consumers and producers who either publish or access the information required to accomplish their mission Information exists in le sizes ranging from kilobytes to terabytes all of which must be identi able and accessible to appropriate users GCM enables information users to de ne and set information needs to facilitate timely information delivery and to search information databases and retrieve required products GCM maneuvers information across the DOD GIG focusing on positioning and re-positioning of content to the Optimum location in order to satisfy mission needs This essential task adjusts information delivery methods and priorities for enhanced SA and allows information producers to advertise publish and distribute information GCM is accomplished by enabling DOD GIG users to safeguard compile catalog discover cache distribute retrieve and share data in a collaborative environment GCM will allow NetOps centers to optimize the ow and location of information over the DOD GIG by positioning and repositioning data and services to optimum locations on the DOD GIG in relation to the information producers information consumers and the mission requirements Some of the objectives of GCM are U Enable commanders to adjust information delivery methods and priorities for enhanced SA 2 U Enable information producers to advertise publish and distribute information to the war ghter 3 U Enable users to de ne and set information needs to facilitate INTENTIONALLY BLANK c-17-c-4 100 101 102 U Direct RA and coordinate with network warfare mission partners FCC NW and others as appropriate IAW CJCSI 3121 01B U Coordinate with LE CI for investigation of the malicious activity U Validate and prioritize identi ed critical assets meeting established CIP criteria and ensure remediation mitigation and reconstitution plans are developed and maintained by asset owners U Establish standards and programs for GIG management and defense training awareness and certi cation across DOD IAW OSD policy and USSTRATCOM direction 4 U Administration and Logistics Refer to the Base Plan 5 U Command and Control Refer to the Base Plan and Annex Command Relationships C-l 7-C-3 U Alert others on the GIG of local incident status to correct the intrusion U Certify accredit and report on all networks peripherals and edge devices in their portion of the GIG in addition to enforcing information security INFOSEC U Conduct security readiness reviews and vulnerability analysis assessments of subordinate units for compliance with CTOs and IAVAs and report compliance to U Ensure compliance of GIG management and defense training awareness and certi cation programs per established policies and directives U Develop and decon ict local contingency plans to defend against malicious activity in their portion of the GIG and provide copies to JTF GNO U Conduct risk assessment of their networks 0 U Share GND information with Allies and coalition partners in accordance with formal agreements and national disclosure policies except where limited by law policy or security classi cation U Provide reporting as tasked U Develop and maintain remediation mitigation and reconstitution plans for CIP criteria 2 U JTF GNO U Direct GND activities U Notify the NetOps Community of ongoing or developing threats and anomalies via SA Reports IAVAs or Information Assurance Vulnerability Bulletins IAVBs and reduce potential risks by issuing CTOs and or conducting a Signi cant Event Conference SIEC U Provide guidance and execution instructions for managing and increasing OPSEC control measures for the GIG and NetOps Community in response to the identi ed threat level - U Assess the possible impact the anomaly or incident will have on the rest of the GIG will direct GND activities and actions in accordance with the de ned NetOps C2 construct The NetOps Community will manage its affected portions of the GIG through local procedures C-l 7-C-2 SEGR-EF HEADQUARTERS U S STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 TAB TO APPENDIX 17 TO ANNEX TO CONPLAN 8039 U U OPR J5 GIG NETWORK DEFENSE GND U References Refer to Base Plan 1 U Situation Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operations 1 U GND activities consist of the policies procedures programs and operations that prepare DOD systems networks and personnel to protect the GIG as well as coordination with the interagency as required 2 U CDRUSSTRATCOM through and the NetOps Community directs GND 3 U GIG constituent systems that meet the de nition of a National Security System NSS must follow the appropriate Information Assurance IA guidelines and policies for N88 in accordance with the National Manager for N88 Other GIG systems not designated NSS must be provided adequate IA to not jeopardize the security of GIG NSS systems b U Tasks 1 U will U Act on direction with regard to GND U Detect and perform analysis of an anomaly or intrusion providing with incident reports through their GND Tier Structure U Direct RA in their portion of the GIG IAW CJCSI 3121 013 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 INTENTIONALLY BLANK C-17-B-4 U Administration and Logistics Refer to Base Plan I 5 U Command and Control Refer to Appendix 17 NET OPS C-17-B-3 5 U Electromagnetic Spectrum Management Ensures combatant commanders and subordinate commanders are aware of spectrum management decisions that impact mission accomplishment and provides for ef cient employment of the electromagnetic Spectrum in terms of planning allocation coordination with other Spectrums interference resolution and Ham Sec 1 7 e I b U Tasks CDRUSSTRATCOM through and the NetOps community directs GEM through the policies procedures programs and operations that prepare DOD systems networks and personnel to manage the DOD GIG and coordinates with the interagency as required 1 U CC A will U Act on direction with regard to GEM U Report outages degradations and upgrade operations having an operational impact on GIG functionality U Monitor and adjust their portion of the DOD GIG to ensure its health and integrity in accordance with Information Assurance Control Implementation guides U Build and maintain SA over their portion of the DOD GIG U Report network outages degradations and upgrade operations having an operational impact on the DOD GIG functionality using the CND Tier structure U Maintain robust and redundant DOD GIG capability U Develop as necessary standardized local procedures to implement guidance Joint Tactics Techniques and Procedures 2 U JTF GNO will U Direct GEM activities U Build and maintain SA over the DOD GIG infrastructure 0 U Report outages degradations and upgrade operations having an operational impact on the DOD GIG C- 1 7-3-2 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 TAB TO APPENDIX 17 TO ANNEX 0 TO CONPLAN 8039 U U OPR JTF-GNO J5 GIG ENTERPRISE MANAGEMENT GEM U References Refer to Appendix 17 NetOps l U Situation Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operations GEM encompasses the DOD IT services management This consists of the many elements and processes needed to communicate across the full spectrum of the DOD GIG and include the following 1 U Enterprise Services Management Provides services for end user applications web based services remote hosted applications discovery storage software applications and other IT components of applications 2 U Systems Management Comprises all measures necessary to ensure the effective and efficient operations of GIG information systems elements of systems and services Provides day to-day management of information systems elements of systems and services to include operating systems databases and hosts of the end-users 3 U Network Management Provides networked system services with the desired level of quality and guaranteed availability Networks use all available means of communication including terrestrial airborne and or satellite and include switched networks data networks Video Teleconferencing VTC networks satellite networks and wireless networks 4 U Satellite Communications Management Provides day-to-day operational management of all apportioned and non apportioned SATCOM resources to include appropriate support when disruption of service occurs This includes global SATCOM system status and maintains global SA to include each combatant commander's current and planned operations as well as Space Control and Terminal Segment asset and operational con guration management 161 INTENTIONALLY BLANK 17-A-6 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 U NETOPS activities will be executed per memorandum of agreement with the DOD c U Tasks will 1 U Direct the operations and defense of the DOD GIG with the authority and responsibilities assigned by the President SECDEF and CDRUSTRATCOM and is thereby empowered to order actions that execute directions given 2 U Ensure both the operational and functional chains of command are included in JTF-GNO orders 3 U Ensure that NETOPS activities are executed at the lowest level of command possible within the NETOPS Community 4 U Use the decision matrix Figure to help determine if the NETOPS incident is a global event A yes answer to any of these four criteria may drive the incident to be fought at a global level U An incident crosses a Geographic Combatant Command GCC boundary U An incident affects multiple combatant commanders U An incident impacts multiple DOD agency enterprises U An incident is beyond a combatant commander's capabilities Criteria CROSSES IIPACTS aEvonn THEATER IULTIPLE OTHER THEATER GLOBAL Incident BOUNDARY cocous memes GAPABILFHES Figure Decision Matrix U 4 U Administration and Logistics See Base Plan 5 U Command and Control Refer to Appendix 17 NETOPS C- 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 SECDEF Sew i 3 es 3 lltle 3 1 31 USSTRATCOM Agency Uri JTF-GNO has COCOM over his OPCON our has TAOON over GNOSC providu Direct Sloan to - b gravid Gama-II Suppuglo - - - Coordinating Authority with is Suppomd by Coordination 9380 will provide GS to GNSC 3 will coordinat- will Ilia NotOps Commun'ly for all non-global NaOps avenue 3 Simian will 0an will the NulOpo Community for all nmglohal out 4 Agencies will coardnala with Ila NutOpa Communin ior all nnwobal NlIOps ovum Figure Non Global NETOPS C2 with USSTRATCOM as Supported Command U U The supported commander has the authority to take whatever ETOPS action is deemed necessary to support the mission and has n decision responsibility U The establishing authority CDRUSSTRATCOM will outline the generic responsibilities of the supported and supporting commanders as they apply to NETOPS during global theater and the non-global NETOPS events U Simultaneous collaboration both vertically and horizontally is fundamental to SA and is vital in determining the impact of an incident global theater or non-global U In time-critical situations such as when an immediate Network Defense ND action is warranted to defend the DOD GIG within an area of responsibility AOR action may be initiated by the supported CC A prior to collaborating or collaboration may be abbreviated Collaboration must then follow in order to mitigate or remediatc global affects if any e U NETOPS activities Sec 1 7 e C-17-A-4 2 U Supporting Command CDRUSSTRATCOM is the supporting commander when designated by the SECDEF in an EXORD or when executing a mission for NETOPS events that are not deemed global or non-global by CDR per authority delegated by CDRUSSTRATCOM see Figure COCOMs JTF-GNO Service NETOPS Components FCCs and Agencies shall provide support to the affected CC A for theater NETOPS events U S government USG organizations intergovernmental organizations State and Local non-governmental organizations NGO multinational military commands alliances and coalitions as well as commercial and research communities may also provide support per inter governmental agreements Most NETOPS events begin as theater events in a local enclave that are under the control of the respective GCC Theater NETOPS events are those activities occurring within a theater that have the potential to impact the operations in that theater USSTRATCOM A I I c lr 11 35 Eng JTF-GNO Hon-I Ell I 5-5 nr mer l3 PM COCOM over his SPOON over EIVI E 03 i h on Frail F-iiT has ADCON provide Direct Support on Prov-id nggnI 1 GNSC provides as to SOUTHCOM mcc 1 USA provide 05 to USA SGNOSC USA SGNOSC provide 63 in USA is Supported by 3 in the absence at STNOSC the SGNOSC will provide GS is the TNC mi 4 will coordinate with the NItOpe Community for all theater NetDpe events a mu Figure Theater NETOPS C2 with GCC as Supported Command U mission while operating and defending against NETOPS events that have a global or non global impact see Figures and CDR via delegated authority from CDRUSSTRATCOM will determine when a network incident requires him her to assume this role In such circumstances CDR JTF-GNO will issue orders and direction with the authority of CDRUSSTRATCOM to the CC As and other stakeholders with connection to the DOD GIG to ensure availability and integrity of the DOD GIG While this supported relationship gives CDRUSSTRATCOM global authority it does not negate the authority over NETOPS forces as speci ed in the UCP 5 May 06 Service NETOPS Components will support the execution of operating and defending against global and non-global NETOPS events while actions with affected COCOMs and their respectiVe Components Global NETOPS events are those activities that have the potential to impact the operational readiness of the DOD GIG and require a coordinated response amongst CC As CC As are reSponsible for leading their respective responses to global NETOPS events in accordance with USSTRATCOM and JTF- GNO direction Non-global NETOPS events are those activities whose impact affects FCCs unassigned Title 10 Service forces or Defense Agencies and are neither global nor theater in nature will provide GS to the FCCs Services and Agencies for non-global NETOPS events USSTRATCOM and JTF- GNO in conjunction with CC As will establish that provide speci cs for executing the supported supporting relationships with regard to global NETOPS events USSTRATCOM Servrces Tit Agency JTF-GNO I I hee COCOM over his OPCON over has TACON our 5 provides Direct Support to - -- b mVId-e-s Ema swine Coordinaihg Minority with is Supported by Coordination I GNSC provides 08 to SOUTHCOM TNCC and all 3 USA STNOSCS provide 05 to USA SGNOSC USA SGIDSC provide GS to USA STNOSCS 3 In the absence of STNOSC the SGNOSC will provide 08 to the INC Figure Global NETOPS C2 with USSTRATCOM as Supported Command U SEQ-REF C- 17-A-2 SEGR-EF HEADQUARTERS US STRATEGIC COMMAND AIR FORCE BASE NE 68113-6500 28 February 2008 TAB A TO APPENDIX 17 TO ANNEX 0 TO CONPLAN 8039-07 U U OPR J5 NETOPS COMMAND AND CONTROL 02 U References See Appendix 17 NETOPS to Annex Operations 1 U Situation See Base Plan 2 U Mission See Base Plan 3 U Execution a U Concept of Operations In order to execute its UCP missions CDRUSSTRATCOM delegates operational and tactical level planning force execution and day-tO-day force management to Task Forces TF and Centers These FCCs TFs and Centers conduct operations for USSTRATCOM while the Headquarters focuses on strategic level integration and advocacy Of its assigned missions At the request of CDRUSSTRATCOM the SECDEF assigned the Director Defense Information Systems Agency DISA as Commander GNO with authorities and responsibilities for Global Network Operations and Defense Global NETOPS is conducted by JTF-GNO unless otherwise directed by CDRUSSTRATCOM Such Operations include apprising CDRUSSTRATCOM on NETOPS matters impacting the DOD integrity and support of DOD missions CDR via delegated authority from CDRUSSTRATCOM manages the apportionment and allocation of GIG system and network resources b U NETOPS NETOPS faces the same set of hierarchical C2 complexities as any other joint force operation To facilitate net centricity NETOPS must adopt new Information Age C2 structures and processes that breed self support for effective operations and defense of the DOD GIG Today rapidly changing technology and a lack of acquisition standardization challenges effective operation and defense of the DOD GIG from one centralized headquarters Thus effective operation and defense of the DOD GIG requires trained and certi ed NET OPS Operators at all levels with a common purpose Vision and understanding of intent Until technology advances in concert with Combatant Commands Services and Agencies As will develop full situational awareness of the DOD GIG through common processes standards and instrumentation enabling near real time manipulation of any asset in order to optimize net-centric services 1 U Supported Command CDRUSSTRATCOM is the supported commander when designated by the SECDEF in an EXORD or when executing a C-17-A- 204 205 206 207 GIG Network Defense GN D GIG Content Management GCM Information Operations Conditions INFOCONS 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 2 U Assured information protection offers digital electronic and cognitive protection to counter attacks against US interests in cyberspace For example GND and GCM activities include information assurance and protection of data 3 U Assured information delivery offers cyber and cognitive protection to counter attacks against US interests in cyberspace For example GCM and GEM activities include the optimization of information ow and location and maintaining redundant GIG capabilities 4 U The synergy achieved through the layering of NetOps Effects provides defense in depth for Sec 1 7 e c U NetOps Support tol mm sec 17 3 NetOps Effects ensure support Sec 1 7 e I d U Tasks 1 U A are required to perform the essential tasks of GEM See TAB B GND TAB C and GCM TAB D Adhering to the responsibilities of the essential tasks GEM GND and GCM produces NetOps desired effects of Assured System and Network Availability Assured Information Protection and Assured Information Delivery in support of the overall goal of NetOps NetOps and its essential tasks GEM GND and GCM include IA and can only occur when IA measures are implemented and accomplished within the GIG 2 U JTF GNO directs the operation and defense of the GIG to ensure timely and net centric capabilities across strategic operational and tactical boundaries in support of the full spectrum of business intelligence and war ghting Speci c responsibilities for the JTF GNO include establishing SA developing NetOps tactics identifying GIG measures of effectiveness publishing plans and orders coordinating RA to attacks against the GIG and conducting network threat intelligence 4 U Administration and Logistics Not used 5 U Command and Control For NetOps Command and Control refer to Tab A NetOps Command and Control Tabs A NetOps Command and Control 02 GIG Enterprise Management GEM SECRET 131 132 133 134 135 I36 137 138 139 140 141 I42 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 essential tasks Each effect is further described in the following bullets and the relation of the essential tasks and effects are depicted below in Figure 1 U Assured System and Network Availability is achieved through visibility and control over the system and network resources Resources are managed and problems are anticipated and mitigated ensuring uninterrupted availability and protection of the system and network resources This includes providing for graceful degradation self-healing fail over diversity and elimination of critical failure points 2 U Assured Information Protection applies to information in storage at rest as well as passing over networks from the time it is stored and catalogued until it is distributed to the users Operators and decisions makers 3 U Assured Information Delivery provides information to users operators and decision makers in a timely manner RI In Information User ht Time - Right Protection Fusion Aerossthe GIG Effect Assured System 8 Network Avaime Effect Assured Information Delivery Effect Assured Information Protection U Figure C-17-1 Relation of Essential Tasks Effects and etOps c U NetOps sec 1 33 The achievement of NetOps Effects ensures '90 Sec 1 7 e 1 U Assured system and network availability offers digital electronic and physical protection to counter attacks against US interests in cyberspace For example GEM and GND activities include the reporting of anomalies affecting GIG health and critical infrastructure protection SEQ-REF c-17 4 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 SEGR-EF 3 U Execution The execution of NetOps remains the same throughout the Sec 1 7 e a U Concept of Operations NetOps is de ned as the operational framework consisting of three essential tasks SA and C2 that CDRUSSTRATCOM in coordination with the NetOps Community employs to operate and defend the GIG to ensure information superiority The GIG is a globally interconnected end-to-end set of information capabilities associated processes and personnel for collecting processing storing disseminating and managing information on demand to war ghters policy makers and support personnel The three essential tasks are GIG Enterprise Management GEM GIG Network Defense GND and GIG Content Management GCM The synergy achieved by each integrated relationship between any two of the essential tasks GEM GND and GCM produces NetOps desired effects of Assured System and Network Availability Assured Information Protection and Assured Information Delivery in support of the overall goal of NetOps which is to provide the right information to the edge NetOps and its essential tasks GEM GND and GCM includes IA as de ned and outlined in DODD 8500 1 Information Assurance and CJCSI 6510 01D Information Assurance and Computer Network Defense Successful NetOps can only occur when IA measures are implemented and accomplished within the GIG USSTRATCOM will organize its forces identify mission essential tasks and training requirements measure and report readiness and direct the operation and defense of the GIG IAW the Joint CONOPS for GIG NetOps CDRUSSTRATCOM exercises C2 through the JTF GNO Successful operation and defense of the GIG requires an adaptive force comprised of professionals at the JTF GNO and throughout the NetOps Community The NetOps Community is de ned as the GIG providers operators defenders and subscribers who possess a fundamental understanding of their responsibilities and act to support DOD and NetOps mission partners missions and operations The community members include but are not limited to NetOps organizations in the CC A who install operate maintain and defend the GIG as described in DODD 8100 1 However it also includes major contributors to NetOps such as the OSD Joint Staff J6 the IC Incident Response Center and b U NetOps Effects The desired effects of NetOps are as follows Assured System and Network Availability Assured Information Protection and Assured Information Delivery Two key principles must be applied to achieve the three desired effects essential tasks must be performed interdependently GND cannot be performed separately from GEM as the two are synergistically coupled and are essential to evoking GCM and JTF GNO in collaboration with the NetOps Community must perform the responsibilities associated with each essential task processes These three effects of NetOps are derived through the synergy achieved by each integrated relationship between any two of the C-17-3 SEGR-H m U DODD 8500 1 Information Assurance IA 21 Nov 03 n U DODD 0 8530 1 Computer Network Defense 8 Jan 01 o U DOD-I 8100 dd NetOps for the GIG DRAFT p U DODI Support to Computer Network Defense CNDCIO MOA Sharing Network Management and Computer Network Defense Information 24 Jul 05 r U Joint NII Memorandum Computer Network Defense Strategy for Defense in Depth in Support of the DOD IO Roadmap 13 Jan 05 s U Joint Command and Control Functional Concept Feb 04 p 32 t U JTF GNO OPORD 05-01 Global Network Operations 7 Feb 05 u U JTF GNO VTC Minutes 14 Nov 05 v U JTF GNO TTX-2 Conference Minutes 15 Dec 05 w U JTF GNO Strategic Plan An Adaptive Force Ensuring Information Delivery Feb 06 x U Joint Functional Component Command Space and Global Strike Concept of Operations 1 Jan 06 DRAFT y U JFCC SGS CONOPS 1 Jun 06 Draft NSD-42 National Policy for the Security of National Security Telecommunications and Information Systems signed by the President 527-1 DOD Information Operations Condition INFOCON System Procedures 27 Jan 06 I U Situation a Sec 1 7 e I Sec 1 7 e I b U Friendly NetOps forces Refer to Annex A Task Organization 2 U Mission Refer to Base Plan SEQ-RE C-17-2 35 U Ch 37 SEQ-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 APPENDIX 17 TO ANNEX TO STRATCOM CONPLAN 8039 07 U OPR JTF-GNO J5 NETOPS U - References Refer to Base Plan a U SECDEF Memo Forces For Uni ed Commands Memorandum FY06 S 15 Feb 06 b U DEPSECDEF Guidance and Policy Memo 10-8460 c U USSTRATCOM Memo Delegation of Authorities to Director Defense Information Systems Agency DISA 30 Sep 03 d U USSTRATCOM Memo SECDEF Appointment of the Person Serving as Director Defense Information Systems Agency DISA as Commander Joint Task Force Global Network Operations JTF-GNO 21 Jun 05 e U USSTRATCOM Network Warfare Concept of Operations Final Mar 06 f U USSTRATCOM Integrating Guidance DRAFT 19 Dec 05 g U CJCSI 6215 03 GIG Network Operations DRAFT Nov 05 h U CJCSI 6510 01D Information Assurance IA and Computer Network Defense CND U 15 Jun 04 - i U 3402 01B Alert System of the Chairman of the Joint Chiefs of Staff U 1 Nov 00 j U DODD 8100 1 Global Information Grid Overarching Policy 21 Nov 03 k U DODD 3020 40 Defense Critical Infrastructure Program 19 Aug 05 l U DODD O-5100 30 Department of Defense Command and Control 5 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 SEQ-REF USSTRATCOM not being able to meet Sec 1 4 a U USSTRATCOM personnel death or involvement in the death of another or death or serious illness of high-level government of cial U A signi cant degradation to CI supporting a USSTRATCOM mission 3 I Report any indications of U Substantial degradation in US communications capabilities SATCOM Terrestrial Communications Relay System or ground station that is part of the Communications Network U Imminent or direct attacks intrusions against the GIG and or Coalition Allied networks 4 U Essential Elements of Friendly Information EEFIs Report U Discovery of a signi cant unmitigated vulnerability to the GIG 16-8 202 203 204 205 206 207 208 209 210 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 SEGR-EF 3 U Commanders will initiate a report through the chain of command for any of the following incidents impacting critical infrastructure supporting this OPLAN I U Initiation of an infrastructure incident response plan U Potential or actual use of WMD against DOD assets or infrastructure 0 U Threat Information Report speci cally related to infrastructure d U Data Collection and Reporting Collect as much information as possible for initial noti cation reporting but do not delay noti cation to gather complete data Submit all reports as soon as possible after an event or I incident has occurred in accordance with the USSTRATCOM Reporting Matrix dated 1 May 07 Use all sources including host nation agencies to gather data who what when where why how 1 W W1 sec 14 8 Jnoti cation to Commander USSTRATCOM and senior staff This may Sec 1 4 a Sec 1 4 a issues and svstems bm Sec 1 4 a Sec 1 4 a - Sec 1 4 a W Reference the GIG Sec 1 4 a 2 SW Sec 1 4 a I Sec 1 aReport any changes in or events that cause changes to U USSTRATCOM mission availability of USSTRATCOM forces or unexpected loss of a USSTRATCOM asset 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 I94 195 196 197 198 199 200 201 2 U USSTRATCOM will recommend thata duct Joint Staff Integrated Vulnerability Assessments J SIVA with or Without a DCIP module or Balanced Survivability Assessments BSA via USNORTHCOM for CONUS based assets other Geographic COCOMs for OCON US based assets and the Joint Staff These assessments will complete gaps in information or validate dated information 3 U USSTRATCOM will request additional resources to support solutions outlined in all of remediation plans and future characterization efforts 4 U Administration and Logistics a U Administration Refer to Base Plan b U Logistics 1 U Refer to Base Plan 2 U The Services and Agencies are responsible for funding subordinate unit CIP programs Commanders have the inherent responsibility to implement prudent CIP measures and will immediately elevate any identi ed CIP concerns to their next higher headquarters or responsible command Commanders may provide additional support through advocacy and or funding of critical CIP issues 5 U Command and Control a U Command 1 U Command Relationships 2 U Command Posts Refer to Base Plan b U Command Control Communications and Computer C4 Systems See Annex K c U Reporting Requirements 1 U Refer to Base Plan 2 U All units and Commanders must immediately report any incident threat surveillance or suspicious activity that may adversely impact infrastructure supporting USSTRATCOM operational capability S-E-GR-EIF 133 134 135 136 137 133 139 140 141 142 143 144 145 146 147 143 149 150 151 152 153 154 155 156 Figure C-16-3 The GIG Characterization Methodology U on Wm mu None thallium I Imam name Datum I W616 WM 1mm Mum Dependant 2 U DOD Components asset owners will remediate vulnerabilities to their critical assets infrastructure Remediation includes actions taken to correct known deficiencies and weaknesses once vulnerabilities have been identi ed The JTF GNO will make recommendations to the CC As in support of their risk management efforts The asset owner's remediation plans will include recommendations to either accept the risk or remediate the risk via a Doctrine-Organization approach The factors to be considered are as follows U Assess the ability to use material vs non-material solutions to include alternative funding solutions if necessary U Incorporate CIP into Exercise Plans U Provide lessons learned to improve the GIG risk management processes c U Coordinating Instructions 1 U USSTRATCOM will 59 17 9 to assist in the Characterization of the GIG See Figure 2 110 ranked based on their impact to the performance of the GIG 111 Sec 17 8 112 113 Sec 1 7 e DEFENSE SECTOR LEAD AGENCY Defense Industrial Base DIB Defense Contract Management Agency DCMA Financial Services Defense Finance and Accounting Services DFAS Global Information Grid GIG Health Affairs Assistant Secretary of Defense ASD for Health Affairs HA Intelligence Surveillance and Reconnaissance ISR Logistics Defense Logistics Agency DLA Personnel DOD Human Resources Activity DHRA Public Works US Army Corps of Engineers USACE Space USSTRATCOM Transportation - United States Transportation Command USTRANSCOM 114 115 116 Figure DCIP Defense Sector Lead Agencies U 117 118 7 U Priorities USSTRATCOM CIP protection priorities are based on 119 critical C4 missions in support of the NMS GIG mission success will depend 120 upon accurately characterizing the GIG Identifying critical GIG assets 121 determining vulnerabilities and mitigating risk 122 123 b U Tasks 124 125 126 Sec 1 7 e 127 responsibility of characterizing the GIG See Figure 3 below This 128 characterization process will clearly de ne inter intra dependencies of DOD 129 and non-DOD assets single points of failure and commercial dependencies in 130 support of the NMS All validated GIG task critical assets approved by the joint 131 staff will be added to the GIG Geospatial Database that s presently maintained 132 by the IMission Assurance Division SEGR-EIF 100 101 102 103 104 105 106 107 108 109 5 U Monitoring and Reporting M8511 The process is not solely Sec 1 7 e Figure 1 below The endstate is to integrate CIP into existing command reporting processes J3 Headquarters USSTRATCOM I Global 0 oerations 3A Combat 85 Information Operatioiis Chief Infrastructure Assurance Of cer cmol 133 Current Operations J37 DAFC Mission Assurance 371 Continuity 1372 31 Critical Infrastructure Program 1373 Survivability Figure USSTRATCOM CIP Organizational Structure U U The Mission Assurance Division J37 is the of ce of primary responsibility to establish resource and execute the command s program for matters pertaining to the identi cation of Defense Infrastructures and the prioritization protection of Defense Critical Infrastructure including the identi cation and prioritization of USSTRATCOM mission essential tasks and required capabilities 6 U Criticaligg The GIG critical assets are identi ed from both mission dependent and mission independent perspective Mission-dependent critical assets are those deemed essential to the accomplishment of a mission Their identi cation and prioritization are top down driven i e from mission to supporting infrastructure Mission independent critical assets are derived and U Friendly See Annex A Task Organization There are no friendly forces speci cally assigned to protect the critical infrastructure of the United States Rather CIP is a national effort to establish resource and execute a process for matters pertaining to the identi cation of Defense Infrastructures and the prioritization protection of Defense Critical Infrastructures In this effort it is important to understand that CIP and Force Protection FP are complementary efforts will rely on the following organizations to enhance the success of its delegated USSTRATCOM mission to direct the operations and defense of the GIG 1 Sec 1 7 e 2 U Sec 1 7 e 3 4 U Counterintelligence Field Agency CIFA 5 U Law Enforcement Counterintelligence LE CI Agency U Assumptions Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution The execution of CIP remains the same throughout the Sec a U Concept of Operations 1 U Commander s Intent CDRUSSTRATCOM intends to prevent or mitigate the loss or degradation of task critical assets that support assigned global missions 2 U Purpose Identify prioritize and recommend protection measures to defend critical GIG assets 3 U Methods Accurately characterize the GIG and establish a standardized criticality methodology and a real time situation awareness capability that will accurately support the identi cation of critical GIG assets 4 U Endstate Focus scarce resources on the most critical vulnerabilities and integrate CIP into operational planning processes C-16-2 40 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113-6500 28 February 2008 APPENDIX 16 TO ANNEX TO STRATCOM CONPLAN 8039 U U OPR J5 GIG CRITICAL INFRASTRUCTURE PROTECTION CIP Execution Plan U U References a U Homeland Security Presidential Directive HSPD 7 Critical Infrastructure Identi cation Prioritization and Protection 17 Dec 03 b U DODD 3020 40 Defense Critical Infrastructure Program DCIP 19 Aug 05 C U DODD 3020 40 Defense Critical Infrastructure Program DCIP Apr 07 Draft 1 U Strategic Command Directive SD 536-1 Critical Infrastructure Program 15 Jul 05 e U Joint Concept of Operations for Global Information Grid NetOps 4 Aug 06 f U DCIP Security Classi cation Guide March 2007 Draft Version 2 1 1 U Situation a U Background DODD 3020 40 provides policy and assigns responsibilities for the DCIP DCIP was conceived at the National level as a risk management strategy to provide processes tools and methodologies for making economic Choices about what type of protection will be employed for critical infrastructure assets to assure their continued availability DCIP requires an understanding of mission impact to guide the prioritization of enterprise wide protection efforts vulnerability remediation investment strategies operational and procedural enhancement and contingency plan development Protection derives from reducing or eliminating vulnerabilities This Annex will focus on critical GIG cyber assets IAW USSTRATCOMS UCP mission which emcompasses directing GIG operations and defense capabilities b- See Annexes I Sec 1 7 e C- 16-1 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 Sec 1 4 a SECRET simulation process itself will be used as a tool to visualize how the Operations Campaign may ow Additionally modeling and simulation will be used to support analysis of collection opportunities as well as offering COCOM staffs an opportunity to evaluate the plan for shortfalls gaps and other complications that may not have been observed in previous collection planning efforts 0 U Tasks r11 smash JFCC ISR in support of CONPLAN 8039 2 SH-REL-USATA-U-STGB-R FCC GSI will coordinate and integrate operations in and through cyberspace with FCC NW JTF GNO JIOWC and as required with FCC Spacelflm Sec 14 3 Sec 1 4 a d U Coordinating Instructions Refer to the Base Plan 4 U Administration and Logistics Refer to the Base Plan 5 U Command and Control Refer to the Base Plan C-9-8 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 31 312 allocationlwxu Sec 1 4 a Sec 1 4 a Icapabilities 4 U Operations Center JFCC ISR maintains 24 7 ISR Operations Center for situational awareness of global ISR operations FCC watch will monitor all Sec 1 7 e Sec 1 7 e 5 U 39 Sec 1 7 e 6 U Portal The current FCC ISR portal serves as a hub for ISR information sharing within the DOD The information accessible within this portal consists of a collection of pages for publishing FCC ISR speci c content and multiple links to resources external to the portal The version 2 of FCC ISR web- based portal will be capable of supporting internal and external coordination and collaboration The FCC ISR Portal willbe critical resource for ISR community and a vital enabler of the FCC ISR mission 7 U Assessment U Assessing Collection FCC ISR will develop criteria for assessing collection mechanisms in order to determine the effectiveness of resolution of tasking asset competition and customer satisfaction JFCC ISR Assessment Division will in coordination with the FCCs Services IC CSA and COCOMs develop maintain use and evaluate measures of effectiveness and mission metrics to assess ISR mission objective accomplishment FCC ISR will use USSTRATCOM JFCC GSI JFCC NW JTF GNO JIOWC and combatant command inputs and planning factors as a baseline conducting assessment process will be captures and used to inform subsequent planning and allocation efforts U Modeling and Simulation Methodologies After reviewing the plan FCC ISR Assessments Division will use COCOM inputs to initiate Modeling and Simulation MOD SIM to support analysis of specific ISR Operations Campaigns While FCC ISR will develop specialized MOD SIM tools the modeling and SEGR-EF 222 223 224 225 226 227 223 229 230 231 232 233 234 235 236 237 233 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 25 7 258 259 260 261 262 263 264 265 266 U Re-allocate This involves moving an asset capability assigned against an existing requirement to the newly identi ed requirement This re- allocation can be from within the requesting AOR or from another AOR U Surge This involves a speci ed time-frame during which selected assets capabilities will be surged to meet the requirement U Utilize Sec 1 7 e requirement 1- WW 9 11 Sec 1 4 a I recommended allocation changes FCC ISR will Sec 144 9 I _ to meet the Sec 1 4 a allocation recommendation based on asset availability for speci c requirement consolidate the i W recommendation 390 14 9 sec 14 8 Will make the nal decision and assets will be allocated accordingly 3 U Support for Operations in and Through Cyberspace W Operations in and throu bers ace have unique requirements in the electromagnetic spectrum I Sec 1 4 a I In this case FCC ISR will coordinate with JFCC Nw to satisfy W ISR will leverage DOD 53 right capabilities to go against the identi ed collection requirements W W 59 1-4 a JFCC exible ISR options if and when W1 Sec 14 3 lam sec 14 8 support of operations in and through cyberspace U FCC ISR Sec 1 7 e Sec 1 7 e W b 118ec14 a1 I Sec 1 4 a FCC ISR will provide l 33 14 3 recommendations if the current ISR SEQ-REF C-9-6 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 A REL USA AUS Sec 1 4 a 3 W In Sec 1 4 a i 1 The Sec 1 4 a I continue to be improved to 1 Sec 1 4 a Itimelv fashion Request for additional ISR I Sec 1 4 a W1 Sec 1 Friequires additional coordination W Re-allocation JFCC ISR I Sec 1 4 a U National Intelligence Priority a U Sec 17 9 Sec i U Risk associated with not gaining the information i U Potential value of intelligence to be gathered U COAS FCC ISR will develop potential COAs for consideration A list of factors will be provided with each COA to facilitate decision making Those COAS include U Coordination with the CC As to determine if the requirement is being or can be met via any existing ISR operations A W If at all Sec 1 4a Sec 1 4 a I U Allocate This means to allocate an asset capability that is not currently assigned against the requirement 130 131 132 133 134 cyberspace operations forces and capabilities Also as required FCC ISR will 135 develop and maintain 136 Sec 1 4 a 137 138' 139 140 appropriate entities to access FCC ISR is responsible for providing all ISR 141 partners with global situational awareness of ISR activities 142 143 2 U ISR Force Management Concepts JFCC ISR established 39 17 3 I 144 Sec 17 9 145 146 reallocation and COAs recommendations will provide the exibility to modify 147 existing allocation plan to better meet combatant command requirements in a 148 timely manner 149 150 Sec 1 7 8 151 Sec 1 7 e 152 153 154 FOLIO I 155 Sec 1 7 e I 156 157 Requirements for this 17 8 1 158 Sec 1 7 8 159 160 161 162 163 FQ-UQ While supporting Geographic Combatant Commander ISR 164 requirements these forces enable USSTRATCOM to integrate ISR in support of 165 strategic and global operations 166 167 Wmm 39 If an immediate 168 requirement is identi ed for additional ISR I 169 Sec 1 4 a 170 171 172 W 1 173 1 00 Sec 1 4 a 174 175 SECRET 0-9 4 84 Sec 1 7 e 85 86 87 88 89 representation within JFCC ISR 90 91 USSTRATCOM and Centers JFCC ISR 92 will closely coordinate with USSTRATCOMsupport 93 CONPLAN 8039 FCC ISR will coordinate with other USSTRATCOM component 94 commands to meet the CONPLAN 8039 objectives In this effort FCC ISR will 95 participate through collaborative sessions facilitated by USSTRATCOM FCC GSI 96 or other combatant command s and recommend ISR COAs if required 97 93 4 1 JFCC ISR will work in coniunction with the 99 Sec 1 7 e 100 101 102 103 104 105 106 CONPLAN 8039 107 108 5 U Services The Service representatives within FCC ISR serve as the 109 primary conduit liaison into their respective Service for coordinating ISR issues 110 Coordination between FCC ISR and FCOM and its components will be done to 111 address issues 17 9 112 processes and determination of availability and capability of Service speci c ISR 113 assets Additionally each Service will receive process and disseminate data via 114 their respective and existing ISR processes and procedures 115 116 6 U Allies and PN To the maximum extent possible PN ISR capabilities 117 will be utilized when available and appropriate 113 Sec 1 7 U Mission Execution 124 125 1 W I JFCC ISR 126 will coordinate with USSTRATCOM ISR 127 FCC ISR will monitor these operations and be prepared to 128 assist the Uni ed Commanders in modifying the operation to ensure mission 129 success Concerning cyberspace FCC ISR SEQ-REF networked systems and associated physical infrastructures Sec 1 4 a SHREL-U-SATAU-STG-BR Other on-going activities Global War on Terrorism GWOT Contingency I Sec 1 4 a Other collection capabilities ma be leveraged on a case by-case basis There may be opportunitieslwm Sec 14 3 I Sec 1 4 a 2 U Constraints None Identi ed 2 U Mission Refer to the Base Plan 3 U Execution 51- W Conce of erations ISR erations include those processes carried out Sec 1 4 a loam sec 1 4 a The role of FCC ISR is not to provide the analytical research of collected data but recommend the resources to adequately respond to critical needs in the form of sensors platforms and speci c processing suites While integrating all intelligence disciplines FCC ISR Will ensure its focus also includes Sec 1 4 a 1 W General FCC ISR will coordinate and seek Sec 1 4 a 2 U Organization and Mission Partners FCC ISR is a component Sec 1 7 e HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 APPENDIX 9 TO ANNEX TO USSTRATCOM CONPLAN 8039 U 1 I U OPR JFCC ISR 2 INTELLIGENCE SURVEILLANCE AND RECONNAISSANCE ISR U 3 4 U References 5 6 a U Draft Horizontal Command and Control Integration HC2I Apr 2007 S 7 8 b U Draft Joint Functional Component Command J FCC ISR Concept of 9 Operations CONOPS U Situation 12 13 a U General 14 15 1 The strategic goal of CONPLAN 8039 is to 16 ensure US military freedom of action in cyberspace and to deny adversary freedom 17 of action in cyberspace To achieve this I 13 Sec 1 4 a 19 20 21 22 23 when directed 24 25 b to Annex 26 Sec 1 7 e 27 28 c U Friendly Refer to Annex A Task Organization and the Base Plan 29 30 d U Assumptions Refer to the Base Plan 31 32 e U Limitations 33 34 1 U Restraints 35 36 Cyberspace is a domain using electronics 3 and the electromagnetic spectrum to store modify and exchange data via C-9- 1 INTENTIONALLY BLANK C-8-4 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 SECRET commanders may use any lawful weapon or tactic available for mission accomplishment 3 U W SeclU i ing ROE development careful consideration must be given Ianticipated operations The ROE development cell will need to identify what actions are subject to speci c ROE reference a Enclosure F Paragraph and whether any supplemental ROE will be I 4 U Self-defense As described in reference a unit commanders always retain the inherent right and obligation to exercise unit self defense in response to a hostile act or demonstrated hostile intent Unit commanders may limit individual self-defense by members of their unit Both unit and individual self defense includes defense of other US Military forces in the vicinity The hostile act standard described in Enclosure A of reference a does not apply to a subset of digital protection options under this plan I Refer to Enclosure of reference a b U Tasks - Required Legal ReViews It is the responsibility of the legal staffs to con rm that required legal reviews for a capability weapon to be utilized in a cyberspace operation have been completed as well as to do any operational legal reviews It is the responsibility of the operators to ensure that a legal review is conducted for proposed operations c U Coordinating Instructions As stated above coordination may need to takeplace with the Interagency and non-US forces In addition Enclosure of reference a reference b and other DOD instructions and policies require Sec 1 7 e 4 U Administration Refer to Base Plan 5 U Command and Control It is possible that USSTRATCOM may be the supported commander supporting commander or a combination of both depending on the particular activities to be undertaken In any of these cases USSTRATCOM planners operators and attorneys must ensure that appropriate ROE are developed to carry out the missions assigned C-8-3 SEQ-REF I SROE but also theater ROE existing EXORDs and DOD authorities such as the Sec 1 4 a I b U Scope Applicability This appendix applies to all US forces and personnel conducting missions pursuant to this plan 0- U to Base Plan Annex I d U Friendly Refer to Base Plan Although not subject to ROE there may be signi cant involvement between US forces and the Interagency to achieve overall US objectives In some operations non-US forces may participate in cyberspace Operations under this plan ROE for non US forces may differ from the ROE issued to US forces In such cases coordination and decon iction with the non US force will need to take place unless classi cation OPSEC or operational considerations prevent such coordination e U Assumptions Refer to Base Plan f U Legal Considerations All operations under this plan will be conducted in compliance with US law and the law of war Per reference b members of the DOD Components will comply with the law of war during all armed con icts however such con icts are characterized and in all other military operations For the legal considerations applicable to intelligence collection refer to Annex B Intelligence g U Concept ROE are a means of providing guidance and instruction to military commanders and DOD components within the framework of overall political directives and the law of war They de ne the degree and manner in which force may be applied and are designed to ensure its carefully controlled application in order to achieve speci ed objectives Additionally they ensure the maximum survivability of USSTRATCOM and other forces in a confrontation with adversary forces 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operation 1 U General CJ CS Standing ROE contained in reference a serve as the starting point for development of ROE for an operation 2 U Lawful tactics weapons The SROE reference a are designed to be permissive in nature Therefore unless a speci c weapon or tactic requires SecDef or combatant commander approval or unless a specific weapon or tactic is restricted by an approved supplemental measure SEQ-RE C-8-2 oomuombwm i 39 40 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 APPENDIX 8 TO ANNEX 0 TO USSTRATCOM CONPLAN 8039 U U OPR USSTRATCOM HQ SJA RULES OF ENGAGEMENT ROE U U References a U CJCSI 3121 01B Standing Rules of Engagement Standing Rules for the Use of Force for US Forces 13 Jun 05 S b U DOD 2311 01E DOD Law of War Program 9 May 06 U U Sec 1 7 e Activities 9 May 07 l U Situation a W Purpose The purpose of this appendix is to address rules for conducting cyberspace operations Given that the scope and nature of contemplated operations under CONPLAN 8039 are quite diverse this appendix contains a discussion of the issues that will need to be addressed in the ROE for a speci c operation Supplemental ROE will almost certainly have to be requested from SECDEF in order to carry out operations under this CONPLAN As stated in the Base I Sec 1 4 a Sec 14 8 The ROE for an operation will need to enable the supported Combatant Commander and supporting Combatant Commanders to carry out cyberspace operations including Sec 1 4 a I Authorization to carry out specific parts of Ithe an operation may depend Sec 1 4 a Sec 1 4 a operations IO in particular tend to require higher level authorizations The planners operators and attorneys who work together to develop appropriate ROE will need to look not only at ref a the Standing Rules of Engagement C-8-1 INTENTIONALLY BLANK hm Sec operations are planned and executed SECDEF SROE for Information Operations and the USSTRATCOM Sec 1 7 e - I 4 U Administration and Logistics Refer to the Base Plan 5 U Command and Control Refer to the Base Plan IAW e 40 1561666 on the situation 41 42 2 Sec 14 8 43 commander or head of maior DOD component is the approving authority for 44 the employment 45 Sec 1 4 a 46 47 48 49 50 should report response actions and results to the JTF GNO as this input is 51 critical to other response actions that may be necessary and GIG situational 52 awareness in generalUSA AUS CAN GBR 57 030 1 Sec 1 4 a 53 59 60 61 Description I 62 63 TO USA Aus CAN GBR 64 Sec 14 8 I 65 66 Signi cant results 67 68 69 s TO USA AUs CAN GBR 70 Sec 1 4 USSTRATCOM is the approving authority for the employment of RA techniques 74 Sec 1 4 a 75 76 ICC A Combatant Commands or 77 Service component etOps HQ 14 a from 78 the CDR USSTRATCOM Via JTF GNO 79 80 81 4 IThe 82 Commander USSTRATCOM is the approving authority 83 Sec 1 4 a 84 85 SEQ-REF SECRET HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 TAB TO APPENDIX 3 TO ANNEX 0 TO CONPLAN 8039 U U OPR JTF-GNO J5 RESPONSE ACTIONS U U References Refer to the Base Plan 1 U Situation Refer to the Base Plan The purpose of this is to articulate de nitions boundaries and responsibilities for Response Actions RA in defense of the GIG 2 U Mission Refer to the Base Plan 3 U Execution a U Concept of Operations For the purpose of this plan RAs are deliberate authorized measures or activities that protect and defend DOD computer systems and networks under attack or targeted for attack by adversary computer systems networks RAs extend DOD's layered defense in depth capabilities and increase DOD's ability to withstand adversary attacks RAs consist of techniques and administrative procedures employed to halt or minimize the effects of malicious activity and or intrusion RAs com rise the entire set of defensive actions to protect and defend the DOD GIG Sec 1 7 e U Speci c Guidance for RAs 1 mem Sec 14 8 commander is the approving authority for the employment of response actions Sec 1 4 a This reporting is critical to the overall defense of the GIG and situational awareness in general CC A's advise and coordinate as necessary on 224 225 226 227 228 229 230 231 232 233 234 235 INTENTIONALLY BLANK Sec 1 4 prepared to 183 Sec 1 4 a 184 bmse 31'4 a Ito Appendix 3 Information 185 Operations and Annex Strategic Communication 186 187 Q U employed forces 188 189 Q I 190 JUS vital interests 191 192 El S Is I 193 data or the medium used to transmit or store the data 194 195 2 USA AUS GBR I 195 mm Sec 1 4 a 197 198 199 200 b U Tasks Refer to the 33 17 9 I 20 1 Sec 1 7 e I 202 203 c U Coordinating Instructions Refer to 204 and CONPLAN 8035 205 206 4 U Administration and Logistics Refer to 207 208 209 5 U Command and Control 210 211 a U Command Relationships 212 213 U Roles and Responsibilities Refer to Annex Command 214 Relationships and the Base Plan Refer also to 215 I If forces are 216 delegated to USSTRATCOM USSTRATCOM will further 217 delegate TACON to JFCC NW 218 219 2 ommunicatlon and 220 Requirements The is used for 221 coordinating of this plan Refer I 222 Sec 1 4 a 223 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 Sec 1 4 a U Sec 1 7 e threatening US vital interests b1 Sec 1 4 a Ito Appendix 3 Information Operations and Annex Strategic Communication IE1 U Sec 1 7 e U Sec 1 7 e 1 pl WW Support Operational Ito Appendix 3 Information Sec 1 4 a Operations Q U Maintain the capability to support deterrence follow-on operations against other potential adversaries 4 USA AUS 38 Sec 1 4 a C-3-F-4 SEGR-EF 86 considered Refer I to Appendix 3 87 Information Operations and Annex Strategic Communication 88 89 2 SW 5 I 90 Sec 1 4 a 91 92 USSTRATCOM will lead 93 a collaborative effort across the USSTRATCOM Staff Functional Components 94 Service Components combatant commanders Joint Staff and a Joint 95 Sec 1 4 Sec 1 7 e 106 107 108 m1 Sec 1 7 e I 1 09 110 E W Support Sec 1 4 a I 1 1 1 Sec 1 4 a I 1 12 to Appendix 3 Information Operations and 113 Annex Strategic Communication 1 14 115 Id USA AUS I 116 Sec 1 4 a 1 1 7 118 USA AUS Sec 1 4 a 1 19 Sec 1 4 a 120 121 122 ff W Support Operational 123 to Appendix 3 Information 124 Operations 125 126 s s USA AUS 127 128 129 130 131 C-3-F-3 SEQ-REF 40 41 1 WE-9W USSTRATCOM 1 4 a lm 42 references through above Plan Summary and Base plan 43 44 lopera ons 45 USSTRATCOM 390 14 USA AUS GBR 56 M0 Sec 1 4 U Identify threats to US interests and assessWWI 65 Sec 1 7 21 U Sec1 7 e 72 interagency partners allies and GCCs Sec 1 7 e Iin support of 73 Ian activities that I 74 W1 Sec 1 7 e 75 76 77 191 U EStabliSh force posture and conditions tailored tom Bil U Use ofl b 1 Sec 1 7 e 85 M1 Sec 1 7 e Iw l be SEGR-H 29 35 37 38 39 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 TAB TO APPENDIX 3 TO ANNEX TO USSTRATCOM CONPLAN 8039 U U OPR JFCC NW Sec 1 7 e U U References Refer to the Base Plan a U Sec 1 7 e Sec 1 79 IUnited States Strategic Command USSTRATCOM and Delegation of Authority 14 Aug 2003 S NF b Sec 1 7 e Sec 1 7 e Headquarters Commands to 1 Oct 2003 S C Sec 1 7 e Sec 1 7 e U IJan 2004 With Modi cations 1 2 and 3 d U SECDEF Memorandum Subject Appointment of the Commander JFCC 12 Jul 2005 S e U USSTRATCOM Operational Order OPORD 07-01 1 Nov 2006 1 U Situation a 39 1-73 efer to Annex Sec 1 7 e Intelligence le1 Sec 17 8 b U Friendlv Refer to Annex A Task Organization the Base Plan and Sec 1 7 e c Assumtions Refer to Sec the Base Sec 2 U Mission Refer to the Base Plan 3 U Execution a U Concept of Operations SECRET C-3-F-1 13 1 132 b W Coordinatin Instructions Planners should 133 compare and evaluate the merit I 134 mm Sec 14 3 I Refer to 135 the Base Plan for example of 136 137 138 139 140 141 will be decon icted by USSTRATCOM 142 143 4 U Administration and Logistics Refer to the Base Plan 144 145 5 U Command and Control Refer to the Base Plan Annex Command 146 Relationships 8 5 Sec 1 4 a 86 8'7 88 I 4 W wmwecma lthrough Cyberspace 89 can be used 90 Sec 1 4 a 9 1 92 93 94 5 95 mm sec 14 8 Consider the 96 activities below as representative activities that may be best achieved through 97 Sec 1 4 a 98 99 USA AUS Sec 1 4 a 100 Sec 1 4 a 10 1 102 103 W 104 sec 149 Jthrough the Cyberspace domain 105 106 Sec 1 4 a I 107 Sec 1 4 a lthrough 108 the cyberspace domain 109 1 10 USA AUS Sec 1 4 a I 1 1 1 Sec 1 4 114 USA AUS Sec 1 4 a 1 15 Sec 1 4 REL USA AUS Sec 1 4 a 119 Sec 1 4 a ussc 120 121 S REL USA1 AUS I 122 123 124 I REL USA AUS I 125 W Sec 1-4 a - 126 127 128 EL REL USA AUS Sec 1 4 a 129 Sec 1 4 a 130 SEGR-EF the mission space for command and control of forces some use the internet to conduct recruiting and develop the nancial support that is the lifeblood of modern terrorism others use it as a means to subvert regimes and governments others use it in active opposing re ghts combat in cyberspace to deny freedom of action to the US 3 U Assumptions Refer to the Base Plan 2 U Mission Refer to the Base Plan 3 U Execution Refer to the Base Plan a U Concept of Operations 1 U Pugpose U The purpose of this Tab is-to provide a common level of understanding of the requirement I planning operations in and through cyberspace U Additionally this Tab 1 that can be integrated into operations in and throu bers ace and enerate an effect in the cyberspace domain Sec 17 6 Sec 1 7 e I 2 SW General W1 Sec 14 8 i Sec cyberspace operations Availability llbm Sec within cyberspace affords a combatant commander a Wide variety of W1 Sec 1 4 30 1that can Sec 1 4 a 31- USA AUS Sec 1 4 a Sec 1 4 a HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 TAB TO ANNEX TO USSTRATCOM CONPLAN 8039 U U OPR JFCC NW J52 Sec 1 7 e U References Refer to the Base Plan and Appendix 3 Information Operations to Annex Operations 1 U Situation Refer to the Base Plan a U FOB-G General Our Adversaries are using cyberspace to execute command and control to enhance logistics and acquisition to disseminate their ideology of violence solicit and gather the nances for operations train the present cadre of insurgents in traditional and modern TTPs and radicalize the next generation of terrorists One way to effectively disrupt their freedom of maneuver in these efforts is Sec 1-7 e I Sec 1 7 e U For the purpose of this Sec 17 8 actions that affect adversary information 2 Opportunities to neutralize counter or prosecute adversary operations in and through cyberspace will emerge and disappear within minutes at best and seconds at worst Whilelle Sec 17 9 Sec 1 7 e b U Adversagg adversaries targeting the USG with multiple objectives operating at different levels of competence and capability in struggles of differing philosophies and ends all occurring simultaneously Some adversaries are content to intrude on and ex ltrate data in mass others use a INTENTIONALLY BLANK U Coordinating Instructions 1 Sec 1 4 a combantant command When required sec Sec 1 4 a I Respective 2 S Sec 1 4 a Sec 1 4 a 3 U USSTRATCOM Component Commands will integrate planning efforts to achieve CDRUSSTRATCOM and combatant command objectives and desired effects 4 CDRUSSTRATCOM will coordinate with combatant commanders in order to develop and that can be used to achieve objectives Sec 1 4 a rovide to those commands IO capabilities mm Sec 1 4 a 4 U Administrative and Logistics Refer to the Base Plan 5 U Command and Control Refer to the Base Plan and Annex Command Relationships C-3-D-3 SEC-REF planning and employment with all affected COCOMs and DOD Components bl- Coordinate mm Sec affected Combatant Commands DOD Components bX l Sec 1 4 a Coordinate with all applicable 1 Sec 1 4 a USSTRATCOM components and supported COCOMs will Sec 1 4 a Sec 1 4 a Sec 1 4 a USSTRATCOM and subordinate Joint Combatant Commands JTFs will coordinate necessary action for supported Combatant Commands Services Agencies CC A 03 1 Sec 14 8 Sec 1 4 a 2 U Combatant Commands al- Coordinatel bxl 390 14 9 03 1 Sec 1 4 a _ and USSTRATCOM as required Coordinatel Sec 1 46 1 surveillance assets as re uired in accordance with all ec 4a applicabl IISR resources C Develop and or manage the Sec1 4 a Sec 1 4 a - Maintain date and provide access to the combatant COmmand Sec 1 4 a SHE-EL Conductla m 39 help ensure freedom of action in cyberspace to 38 surveillance to Sec 1 4 a SECRET C-3-D-2 1 HEADQUARTERS US STRATEGIC COMMAND 2 OFFUTT AIR FORCE BASE NEBRASKA 68113 6500 3 28 February 2008 4 TAB TO APPENDEX TO USSTRATCOM CONPLAN 8039 U 5 U OPR JIOWC 6 Sec 1 7 e U 7 8 U References Refer to Base Plan 9 10 a U Sec 31 Jul 2002 Sew- tr Feb 1996 U 14 15 c U '7 Apr 2000 Oct 1993 FOUO 19 20 1 U Situation Refer to Base Plan 21 22 2 U Mission Refer to Base Plan 23 24 3 U Execution 25 26 a SHRE-L Concept of Operations For the purpose of CONPLAN 8039 27 Sec 1 4 a 28 29 I These and Intelligence Surveillance 30 and Reconnaissance ISR assets conduct operations globally to ensure freedom 31 of action in cyberspace for the I 32 Sec 1 4 applicable combatant command standing rules of engagement ROE 35 36 b U Tasks 37 38 1 U USSTRATCOM 39 40 SHRE-L Coordinate 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 2 U F999 A strict need-to-know policy must be announced enforced and maintained throughout the entire Operation The need-to-know policy should cover classi ed and unclassi ed information While all personnel must be familiar with the critical information list personnel do not have a need to-know speci c facts comprising critical information for areas of the plan in which they are not involved Limiting information distribution will dramatically reduce the chances for accidental compromise of unclassi ed but sensitive information that is critical to the success of the operation 3 U F9149 Initiation and termination of OPSEC measures and related activities will be coordinated through the OPSEC Working Group 4 U FIG-U9 Dissemination of the critical information list as widely as possible within security and OPSEC guidelines is essential to OPSEC awareness 5 U FGUQ Provisions of OPSEC support to this plan should be coordinated with the PAOJGW 39 17 9 6 U OPSEC Concerns Personnel are encouraged to contact the USSTRATCOM OPSEC Of cer to report OPSEC concerns request guidance and to provide suggestions for process improvement 4 U Administration and Logistics a U Administration Command OPSEC program of cers managers must be appointed in writing Identify in writing these OPSEC of cers managers to the STRATCOM 39 JFCC GSI J39 OPSEC of cer b U Logistics Not used 5 U Command and Control a U OWG An OWG comprised of representatives from all supporting Combatant Commands oint Force Commands supporting this plan will be convened as necessary Reporting of OPSEC disclosures to the OWG will be made for the purpose of ensuring the currency of OPSEC awareness as it pertains to this plan b U OPSEC Procedures Conduct periodic reviews and evaluations of OPSEC procedures in order to improve the USSTRATCOM OPSEC Program 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 205 207 208 209 210 211 212 213 214 215 215 217 218 219 220 221 H1999 In coordination with J6 update monitoring priorities and key word lists QL U F999 Attend all planning group meetings discussions to includel b 1 Sec 1 7 e 2 U Provide an assessment of the effectiveness of OPSEC countermeasures W Utilize the OPSEC process to enable Sec 1 4 a Sec 1 4 a I U F999 Identify secure communications shortfalls based upon CONPLAN operations W Develop a communications plan that Sec 1 4 a 4 U F-Q-U-Q PAO Coordinate PA Guidance with OPSEC Working Group in order to prevent disclosures 5 W Force Protection Coordinate facility Sec 1 4 a 6 U 3999 Division Chiefs or OWG members Periodically remind staff personnel of USSTRATCOM critical information and indicators vulnerabilities and adversary intelligence collection capabilities c U Coordinating Instructions 1 U F-G-U-Q To protect against collection from adversaries USSTRATCOM personnel must be cognizant when using unsecured means of communications such as the IPRNET facsimile cell phones Defense Switching Network DSN telephones and common telephones Anytime personnel are communicating over an unsecure or means of communication they must not disclose critical or sensitive information pertaining to CONPLAN 8039 SEQ-REF 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 i U Details of military ties agreements arrangements between the DOD the interagency commercial industries and partner nations U Details of security measures or procedures with other federal state or local agencies Vulnerabilities discovered through regular cyberspace assessments and those corrective measures recommended U Capabilities facility and network diagrams infrastructure layouts connectivity information status readiness of cyberSpace assets alert status procedures of forces supporting this CONPLAN i U Details and vulnerabilities of a Combatant Commander s C4ISR architecture and physical security infrastructure 2 U Operational and technical details including Tactics Techniques and Procedures TTP of cyberspace operations d U Assumptions Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution a U Concept of Operations The purpose of OPSEC is to prevent adversaries from obtaining friendly critical information While OPSEC should be practiced at the same rigor whether in garrison during training or deployed conducting operations leaders at all levels are encouraged to remind their personnel of the importance of OPSEC during the planning and execution of this CONPLAN and to apply OPSEC TTPs to protect critical information and indicators regarding force intentions capabilities and vulnerabilities The OPSEC process will be integrated into this plan and its supporting plans and operations to the fullest extent possible Based on identi cation of critical information analysis of the threat and friendly vulnerabilities OPSEC of cers managers planners will assess risk to mission and then implement appropriate countermeasures to increase overall mission effectiveness b U Tasks 1 U USSTRATCOM OPSEC Of cer U F999 Use the OPSEC Working Group OWG meeting to evaluate CILs and countermeasures and promulgate the OPSEC plan The OWG members will then increase OPSEC awareness within their respective directorate to decrease the chance of critical information disclosure c-s-c-4 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 SEQ-REF U Assess Risk A determination of how much damage to the cyberspace mission and commander s intent will be caused by the loss disclosure of the critical information U Implement Countermeasures Anything that effectively negates an adversary s ability to gather or exploit friendly critical information or that renders the possession of the critical information useless While not a formal step of the OPSEC Process lam sec 17 9 I the OPSEC planner to monitor utility of implemented countermeasures and if required re-initiate the cyclic nature of the OPSEC process to improve on the actions taken 3 U Critical Information U In any operation it is vital to achieve essential secrecy which is the condition achieved as a result of denying adversaries friendly forces critical information Because of the requirements to share operational information across many agencies and to other governments care must be taken to emphasize the need to protect critical information U Critical Information is the speci c facts about friendly intentions capabilities and activities vitally needed by adversaries for them to plan and act effectively so as to cause a delay disruption total failure or unacceptable consequences for friendly mission accomplishment U Each A supporting this plan will develop a Critical Information List CIL Once developed the CIL will be used to support the 5 step OPSEC process The following are generalized Critical Information items that pertain to this CONPLAN Actual words and or phrases that address or provide speci cs covered below must not be discussed over non secure means or in public spaces in order to protect critical information from disclosure and adversary exploitation U Association of the operational execution of this CONPLAN with any speci c target or country U Association of this CONPLAN with exercises operational rehearsals or other mission-specific training that supports this CONPLAN i U Association of abbreviations acronyms nicknames or code words with this CONPLAN or locations i U Movement billeting of forces and senior decision makers when conducted in support of this plan SECRET 41 3 U Responsibility for OPSEC OPSEC is a command responsibility 42 At each level of command the Operations of cer or equivalent has staff 43 responsibility for coordinating overall OPSEC planning Every individual 44 involved with or supporting CONPLAN 8039 must assist in safeguarding 45 classi ed and unclassi ed information deemed sensitive or critical to the 46 success of this CONPLAN 47 48 b Sec 1 7 e 49 Sec 1 7 e 50 51 c U Friendly Forces Refer to Base Plan and Annex A Task Organization 52 53 1 U Friendly Operations Adversaries can exploit OPSEC vulnerabilities 54 and correlate information obtained by various collection and exploitation 55 methods Therefore we must operate in such a manner as to deny friendly 56 information necessary for adversaries to accurately estimate the military 57 situation friendly capability and simultaneously contribute to adversely 58 affecting their decision cycles 59 6O 2 The OPSEC process OPSEC is a continuous analytical process which 61 focuses on identifying controlling and protecting evidence associated with any 62 operation OPSEC is not a physical personnel or information security system 63 nor is it a collection of rules or instructions Like the overall integration of IO 64 OPSEC is a function of planning this planning must apply appropriate 65 countermeasures to achieve desired effects during execution of operations 66 IAW reference all Combatant Commands and supporting joint forces will 67 use the ve step OPSEC process 68 69 U Identify Critical Information That information if exploited by 70 an adversary would signi cantly impede friendly operations or prevent mission 71 accomplishment Combatant Commands should provide their critical 72 information lists to USSTRATCOM and other pertinent Combatant Commands 73 to facilitate protection of sensitive information 74 75 U Analyze the Threat A formal assessment of the adversary s 76 capability and intent to exploit any critical information Combatant 77 Commands should task supporting intelligence elements to provide analysis 78 tailored for OPSEC planners that focus on cyberspace threats and as 79 appropriate state and non-state threat collection capabilities and intentions so Sec 1 7 e related 81 information that most be considered by personnel when planning for 82 exercising or conducting cyberspace operations 83 84 U Analyze Vulnerabilities and speci c signatures indicators A 85 determination of how susceptible cyberspace operations related critical 86 information is to loss disclosure SECRET oomqmemMHoom mm-bmwp- HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113 6500 28 February 2008 TAB TO APPENDIX 3 TO ANNEX TO US STRATEGIC COMMAND CONPLAN 8039 U U OPR OPERATIONS SECURITY U U References Refer to Base Plan and Appendix 3 Information Operations to Annex Operations a U CJCSI 3213 01B Joint Operations Security 17 Dec 2003 U b U Joint Pub 3-133 Joint Doctrine for Operations Security 29 Jun 2006 U c U CJCSI 6510 01D Information Assurance and Computer Network Defense 15 Jun 2004 U 1 U Situation Refer to Base Plan a U General 1 Pur ose This Tab provides planning guidance for integrating OPSEC intol b 10 Sec 1-4 EONPLAN 8039 Sec Sec 1 4 a 2 U Overview OPSEC is the process of denying adversaries information about friendly intentions and capabilities by identifying controlling and protecting indicators associated with planning and conducting of operations and other activities When applied OPSEC measures prevent an adversary s timely exploitation of critical friendly information relating to operational plans special technologies capabilities and relationships OPSEC measures include protection of primarily unclassi ed information that can model or pro le friendly intentions and capabilities through analysis compilation and integration of multiple-source information including that available through open sources and international media coverage PAGE INTENTIONALLY BLANK SEQ-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 681 13 6500 28 February 2008 TAB TO APPENDIX 3 TO ANNEX TO USSTRATCOM CONPLAN 8039 U U OPR HQ USSTRATCOM J39 Sec U References Refer to the Base Plan 1 U Situation Refer to the Base Plan 2 U Mission Refer to the Base Plan 3- Execution Information in CONPLAN 8039 is handled in Sec 1 4 a mm Sec 1 4 a I is required 4 U Administration and Logistics Refer to the Base Plan 5 U Command and Control Refer to the Base Plan 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 INTENTIONALLY BLANK see-RI 541 5 WW Command and Control CDRUSSTRATCOM is 542 the supported commander for planning and ma be designated the supported 543 commander for execution As lwill provide the 544 supported commander the necessaryla x 59 1-40 545 I The supported commander will identify 546 Sec 1 4 W Headquarters Locations and movements As 552 Sec 1 4 a I 5 53 Sec 1 4 a 554 555 556 557 W Supportingla xl See Me 558 mm Sec 1 4 support requirements and responsibilities 562 liaison of cers are situation dependent based I 563 564 565 566 567 568 computer networks 569 C-3-A-13 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 51 1 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 Sec 1 4 a WW Con rm capabilities S- 1 1 AS TeQUiI ed assist in the identi cation and staf ng of _l Sec 1 4 a 4 Sec 1 7 e when requested 4 U Administration and Logistics The requirements below re ect those necessary for sustainment in the event 360 17 8 supported commander a U Administration Not used b U Logistics 1 U ICW USSTRATCOM andIW 39 lthe affected GCC will Sec 1 7 e requ1rements 2 U USSTRATCOM land the affected GCC will coordinate the equipment and materials 3 U USSTRATCOM ICW and the affected GCC will coordinate scal matters relating to special funds 4 U USSTRATCOM Sec we land the affected GCC will coordinate W1 Sec I 51 U USSTRATOM will coordinate movement of personnel and uipment Sec 1 7 e Sec 1 7 e 449 U 390 1-7 9 450 451 2 452 453 W Plan develop 454 Sec 1 4 a 455 456 457 458 SW ICW affected GCCs request support 459 las required 460 461 W Coordinate 462 th GCCs 463 464 W land the affected GCC 465 Sec 1 4 a 466 467 468 Coordinate Iaffected 469 Sec 1 4 a 470 Sec 1 4 a 471 472 473 474 3 U Commander 475 476 W lin 477 support of cyberspace operations 478 479 W 480 Sec 1 4 a I 481 482 Conduct 483 484 Provide copies of all cyberspace related 485 products to and affected GCCs 486 487 W Determine critical requirements 488 shortfalls 489 Sec 1 4 a 490 491 492 SW Develop and provide detailed 49 3 Sec 1 4 a 494 C-3-A-11 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 conventional missions and units as necessary Commander 030 1 530 14 8 Sec 1 4 a SH-REL-U-SATAU-STGB-R Combatant Commanders Be prepared to W 39 1 4 a as requested and required 3 U Authorities W Geo a hic Combatant Commander's are the approval authori 3 - a Sec 1 4 a REL USA AUS I Sec 1 4 a I C W The designated supported commander for execution is delegated WU Sec I Sec 1 4 a I W Geo a hic Combatant Commanders In coordination with Sec 1 4 a e U Tasks 1 U GCCs W InItegrate a m1 Sec 1 4 a Sec 1 4 a 59 14 a cyberspace operations strategy C U Accept OPCON or TACON Sec 1 7 e operations jto conduct U Be prepared to provide Service-unique capability to support Sec 1 7 6 SEC-REF 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 fl REL USA AUs GER Sec 1 4 a I Sec 1 4 a I U USG National Goal 6 Defending US citizens and interests at home and abroad U Sec 1 7 e 2 REL USA AUS GBR Sec 1 4 a b U End State Refer to the Base Plan c Situation Monitorin and Measures of Effectiveness Intelligence security monitoring and operational feedback mechanisms to support this CONPLAN and determine measures of effectiveness will be determined for each situation permissive or otherwise d U Control 1 W Approval Process Sec 1 4 a and cyberspacelwm Sec 14 3 thru coordination with the Sec 14 8 IUSSTRATCOM recommends cyberspace I submits cyberspace for approval Once cyberspacelmm Sec 14 3 are approved CDRUSSTRATCOM is thelmxn Sec 1 4 a Sec 1 4 a I In all other cases the GCC is delegated product approval authority 2 U Responsibilities W mm Sec 1 4 a and programs approval authority Iguidance SW Iapproval and dissemination authority to the designated Supported Commander Sec 1 4 a Sec 1 4 a I W Commander Sec 1 4 a I Sec 1 4 a SEGR-EF SEQ-RE 312 313 3 USA AUS 314 mu Sec 1 4 a 315 316 U USG National Goal 3 Defeat terrorist organizations 317 318 USA AUS Sec 1 4 a 319 Sec 1 4 a 320 I 321 2 S REL USA AUS Sec 1 4 a I 322 W1 Sec 1 4 a 323 324 325 S REL USA AUS Sec 1 4 a I 326 327 328 4 USA AUS 32g Sec 1 4 a 330 331 U USG National Goal 4 Deny sponsorship support sanctuary 332 to terrorist organizations 333 334 S REL USA AUS I 335 E80 Sec 1 4 a 336 337 USA AUS GBR 1 338 mm Sec 1 4 a 339 340 341 318 REL USA AUS I 342 Sec 1 4 a 343 344 345 3 USA Aus 346 Sec 1 4 a 347 348 U USG National Goal 5 DiminiSh the underlying causes of 349 terrorism 350 Sec 1 7 9 I 352 353 2 REL USA AUS Sec 1 4 a 354 Emu Sec 1 4 a 355 3 56 3 USA AUS 357 020 1 Sec 1 4 a I 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 31 1 S REL USA AUS GER Sec 1 4 a -- g USA AUS GBR Sec 1 4 a 3 USA AUS Sec 1 4 a 5 W The Victims Sec 1 4 a I Sec 1 7 e Sec 1 7 e Sec 1 4 a I The most signi cant law Sec 1-403 I Sec 1 4 a 6 U Sec 1 7 e Sec 1 7 e U USG National Goal 1 Deter aggression and counter coercion Sec 1 7 e 2 U Sec 1 7 e community U USG National Goal 2 Dissuade Defeat potential adversaries U Sec 1 7 e U Sec 1 7 e 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 SEGR-EF 2 coordination with Sec 1 4a Guidance CDRUSSTRATCOM thru Sec 1 4 a activities Initiate required actions to deploy forces required in support of USSTRATCOM CONPLAN 8039 Sec 1 7 3 Iwill be developed and included in the appropriate appendices to Sec 1 7 e 4 WNW Sec 1-4 a CDRUSSTRATCOM thru coordination with CDRUSSOCOM will develop and publish inl bm Sec 1-4 a - - 5 U Sec 1 7 e 1 W Operational Guidance OPE will be used to provide predictive analysis Sec 14 8 1 Sec 1 4 a S USA AUS GBR Sec Sec 1 4 a 1 Wuwm Sec 1 4 a Sec 1 4 a to those goals SEGR-EF 179 Sec 1 4 a I 180 181 5 Sec 1 4 Refer to the Base Plan 185 186 S Interagencv informationl b 1 Sec 1 4 a 187 Sec 1 4 a - - 4 188 189 31'9 Se 1 190 Sec 1 4 a 191 192 193 2 U Mission Refer to the Base Plan 194 3 U Execution 195 I 196 a U Concept of Operations The purpose 197 Sec 1 7 e 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 1 W Overview Advise the CJCS 213 USSTRATCOM and GCCs on cyberspace information measures themes and 214 215 216 217 218 219 220 221 222 C-3-A-5 SEGR-EIF 133 USA AUS Sec 1 4 a 135 136 137 1 S USA AUS I 138 Sec 1 4 a 139 140 S REL USA AUS GBR Sec 1 4 a _l 141 Sec 1 4 a 142 143 USA AUS I 144 Sec 1 4 USA AUS 150 Sec 1 4 a 151 152 153 154 USA AUS 155 Sec 1 4 a 156 157 158 159 4 Command stems Refer to Annex Intelligence 160 Sec 1 7 e 161 162 e REL USA AUS 16 3 Sec 1 4 a 164 165 166 f tasks 167 168 1 USA AUS 169 I 170 171 172 173 174 3 USA AUSSec 1 4 a ecision-making process 178 4 S REL USA AUS GER Sec 1 4 a 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 2 U Sec 1 7 e military operations ISO this plan d Intelligence W1 Sec 1 Decision Maker and Staff Refer to Annex Intelligence and Sec 1 7 e 2 U Intelligence Systems Refer to Annex Intelligence Sec 1 7 e 3 U Target Audiences I Refer to the Base Plan Annex REL USA AUS GBR Sec 1 4 a REL USA AUS 313R I Sec 1 4 REL USA AUS Sec 1 4 a USA AUS Sec 1 4 3 I REL USA AUS I fl REL USA AUS GBR Sec 1 4 a theater of operations REL USA AUS Sec 1 4 a Sec 1 4 a WHWU Sec 1 4 a mm sec 14 8 bperations in and through cyberspace Within their jurisdiction REL USA AUS Sec I Sec 1 4 a U Situation a Overview Cyberspace can play a role in the Sec 1 4 a Information Grid GIG development and approvElbel Sec 14 9 community can support as one of many via the Global Iis responsible for the I the cyberspace Sec 1 4 a b U US and Allied Perspective 1 U Refer to the Base Plan and Annex A Task Organization 2 U US Department of State DOS W Sec 1 4 a Sec 1 4 a prior to the initiation of cyberspace activities WW1 Sec 1 4 a advice Sec 1 4 a EM Sec 1 4 a I Furnishes communications capabilities The Of ce may release select assets to the appropriate combatant command s control IA Sec 1 4 a Sec 1 4 a I 3 REL USA AUS I Sec 1 4 a 4 Will delegate 390 14 a CDRUSSTRATCOM upon request and implementation of CONPLAN 8039 5 W Sec 1 4 a I Sec 14 9 agencies per Under Secretary of Defense Policy USD-P existing agreements c U Neutral Perspective 1 U Refer to the Base Plan Annex Sec 1 7 e Sec 1 7 e C-3-A-2 1 HEADQUARTERS US STRATEGIC COMMAND 2 OFFUTT AFB NE 68113-6500 3 28 February 2008 4 5 TAB A 0 APPENDIX 3 TO ANNEX TO USSTRATCOM CONPLAN 8039 U 6 U OPR 7 Sec 1 7 e U 8 9 U References Refer to the Base Plan 10 11 a U Executive Order 12333 4 December 1981 United States Intelligence 12 ActivitiesSec 1 7 e IS 18 19 20 2002 21 22 e 23 Sec 1 7 e 24 FY 2002 U Joint Pub 3-57 1 14 April 2003 Joint Doctrine for Civil Affairs 30 31 h Sec 1 7 e 32 Sec 1 7 e 33 34 i USA AUS 35 Sec 1 4 677 EM Sec1 4 a 678 Operations 679 680 c Determination of command relationships 681 TACON OPCON of forces shall be provided in published 682 or the applicable EM Sec 1 4 a - 1 683 Sec 1 4 a 684 685 d U External Agencv Support During exercises and contingencies 686 USSTRATCOM components and agencies such as but not limited to IOWC 687 I JFCC NW DISA the JWAC and Joint COMSEC Monitoring Agency 688 may deploy to USSTRATCOM AOR or a supporting location as required 689 690 691 Tabs 692 A I 693 - U Electronic Warfare 694 - U Operations Security 695 U Response Actions 16 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 SECRET 4 USSTRATCOM Develop and conduct Sec 1 4 a 101 - W USSTRATCOM Facilitatelwxl Sec 1 4 a 9 U JFCC GSI W1 56 ho capabilities as needed C Sec 17 9 I in Sec 1_7 e Sec 1 7 e action in cyberspace d U Coordinating Instructions 1 U 10 will be conducted through centralized planning and decentralized execution JFCC GSI J39 will establish IO objectives and associated tasks FCC GSI J39 will coordinate IO plans and objectives with supporting commands components and support agencies 2 U Supporting elements will give daily IO Situational Reports through the USSTRATCOM GOC providing the status of execution of supporting tasks in support of IO objectives 4 U Administration and Logistics Refer to Base Plan a U Forces utilized in this CONPLAN include deployable or xed assets operating in CONUS or from sites located throughout the world and are controlled as separate forces I Sec 1 7 e AOR During a contingency USSTRATCOM Service components will ensure all mission critical cyberspace forces xed and mobile are fully supported and capable of performing their mission 5 U Command and Control a U Refer to Annex Command Control Communications and Computer Systems Sec 1 7 e I b W Special IO Communication and Reporting Reguirements I 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 6 REL USA AUS Sec 1 4 a Sec 1 4 a U Sec 1 7 e E U m1 Sec 1 7 e I Sec 1 7 e 2 U Sec 1 7 e I Sec 1 7 e Sec 1 7 e - U Q U Sec 1 7 e U Support activities See me Sec 1 7 e E W Objective Balancing When Sec 1 4 a Q U Tasks l rU Su ortin CDRs Employ IO options in support of USSTRATCOM b'ectives as directed Maintain suf cient strate 'c reserve 39 - Sec 1 7 e 2 W JTF GNO Coordinate with supporting commanders Service and functional Sec 1 4 a Sec 1 4 a JIOWC Facilitate intera enc coordination and integration Sec 1 4 a considered and made available to decision makers c-3- 14 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 Sec 1 4 a 5 FCC GSI Through the use of 59 14 4 Sec 1 4 a c WM 390 1-40 I Activities in this Sec 1 4 a cyberspace 5 anm Sec 1 4 a I The intent of this Sec 1 4 a 59 1 4 34 operations if necessary IO Sec 1 4 a a Strategic IO objectives The following objectives Sec 1 7 e S REL USA AUS Sec 1 4m Sec 1 4 a 2 USA AUS GBR 33 14 8 Sec 1 4 a 3 IREL USA AUS Sec 1 4 a 4 USA AUS Sec 1 4 a 5- USA AUS Sec 1 4 a SEGR-EJF 13 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 51 1 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 SEGRET 4 W The intent of this Sec 1 4 a U Strategic IO objectives 1 anmwemm Sec 1 4 a to other Operations through Cyberspace will be covered in Sec 1 215 Sec 1 4 a 2 W Obiective Balancing When executing Sec 1 4 a Q U Tasks l U Supporting CDRS lg 39 17 9 I USSTRATCOM cyberspace objectives as directed Sec 1 7 e WW JTF-GNO IAW published Plans coordinate with supporting commanders Service and functional com onents to Sec 1-4 a I essential elements of friendly information s W JFCC Nw Coordinate Sec 1 4 a JIOWC Facilitate interagency coordination and integration Sec 1-4 a Sec 1 4 a SEQ-REF 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 Sec 1 4 a actors I10 SW Sec 1 4 a Sec 1 4 a loo SW 00 1 Sec 14 8 Sec 1 4 a ladversaries 4 U Utilize 10 to maximize effectiveness of force deployment Sec 1 7 e 9 mTasks l U Supporting CDRs Employ 10 options in support of USSTRATCOM cyberspace obiectives as 59 17 3 Sec 1 7 e 2 W published Plans coordinate with supporting commanders Service and functional components 59 14 8 I essential elements of friendly information s W JFCC NW Coordinate Sec 1 4 a JIOWC Facilitate interagency coordination and integration Sec 1 4 a U Q JFCC GSI Collaborate with the effected and applicable agencies 6 W Obiective Balancing When executing Sec 1 4 a C- I Activities in this lcyberspace mission s SEGR-EI 404 405 406 407 408 409 410 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 S-E-GR-EF l U JTF GNO Coordinate with supporting commanders Service and functional components to develop robust IA to protect our critical information systems 2- JFCC GSI JFCC Nw Identif prioritize and obtain Sec 1 4 a re ected in validated national collections requirements U JFCC GSI JIOWC Facilitate intera enc coordination and integration of appropriate Sec Sec 1 7 e Through the use of collaborative tools integrate planning 1-719 Sec 3 U USSTRATCOM Support US declaratory policy by preparing positions Adjust force posture Adjust themes and messages U Sec 1 7 e 1 Sec 1 7 e oi cyberspace m1s31on s 3 W M1 399 1-49 The intent of Sec 1 4 a a Umbx 5901-76 Strategic IO objectives Continue ongoing objectives following strategic objectives 1- Sec 1 40 Sec 1 4 a I C-3-10 359 State Activities in this Sec me 360 CDRUSSTRATCOM to present available 10 COAs in support of 361 cy erspace 362 363 2 I 364 365 366 367 368 369 force posture or execution of the identi ed options IO actions conducted 370 mm Sec 1 4 a 371 372 373 mm Sec 1I ig tlltions lead to achievement of US strategic objectives 374 375 U trategic IO Objectives I bmse 31'7 e Istrategic 376 objectives Strategic Communication SC themes and messages Will be 377 situation I 3 78 bx 1 Sec 13 6 379 380 consequences to the current adversarial government once their forces are 381 neutralized 382 333 i USA AUS 334 Sec 1 4 a 385 386 337 2- REL USA AUSUSA AUS GBRIIW Sec 1-4 a 1 Sec 1 4 3 393 394 g anm Sec 1-403 395 Sec 1 4 a I 396 integrated to best achieve the commander s objectives 397 398 5 W Objective Balancing When executing 399 pm See 1 4 a 400 401 402 U asks 403 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 SEGR-EZF Sec 1 4 a manage IO COAs derived from I Develop and 3 W JFCC NW Sec 1 4 a Sec 1 4 a Sec 1 4 a Develop baseline force structure necessary to accomplish detailed planning of IO options E W JFCC NW 5 U W1 Sew-7 6 SSTRATCOM information systems Coordinate with supporting commanders Service and functional components to develop robust IA and OPSEC plans to protect our critical information systems and essential elements of friendly information 6- W JFCC GNO 03 1 Sec 1 4 a Sec 1 4 a 1 a JFCC GSI Su ortin CDRs Develop 10 options Sec 1 4 a Sec 1 4 a of appropriate IO themes and responses to support objectives a U IOWC Facilitate interagency coordination and interation om Sec 1 7 e Provide Combatant Commanders with IO support teams integrate and coordinate Sec 1 7 e Sec 1 7 e 2 U USSTRATCOM Services and Agencies 1 a U Identify and assist in development of IO capabilities necessary to meet validated requirements b WHMH Sec 1 4 a Sec 1 4 a of these issues 9 Wme Sec 1 4 a maintain situational awareness 270 271 272 273 274 275 276 277 278 2-USA AUS 1 Sec 1 4 a c USA AUS Sec 1 4 a 2' 1 I Incorporate IO capabilities as they become availableI W1 Sec 14 8 mm Sec 1 4 a I 51- 1 1 11m 33 I Develop and implement 10 options which when 53 1-413 I Sec 1 4 a b USA AUS I Sec 1 4 a 10 executing Sec1 4 a Sec 1 4 a U Tasks l- U W- Ob'ective Balancin When IUSSTRATCOM staff and components supporting commands and agencies are adequately trained in the 10 disciplines needed to meetW 59 1-719 I Sec 1 7 e A I Assess and identify IO capabilities against potential adversariesl Sec 1-719 I Support US declaratory policy by preparing CDRUSSTRATCOM positions Establish IO requirements for objectives 2 FCC GSI I Sec 1 4 a I SEQ-REF C-3-7 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 mu sec 1 4m Key to success is working with supporting and component comman s Combatant Commanders and outside agencies on the integration and of the following strategic objectives Strategic Objectives l Sec 14 8 Us is capable of MO Sec 1 4 a networks 2- REL USA AUS Sec 1 4 a 3 I Sec 1 4 a Iadversaries Sec 1 4 a W I W1 Sec 14 4 Iadversaries Sec 1 4 a WW Ensure friendly forces have ION linfrastructures - - REL USA AUS I Sec 1 4 3 Sec 1 4 a I90 USA AUS Sec 14 3 I a C41 Svstems 9330149 Sec 1 4 a C-3-6 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 USA AUS Sec 1 4 a SHREL USA AUS Sec1 4 a Sec 1 4 a 2 Sec 17 9 Example actions may include USA AUS Sec 1 4 a USA AUS 3312 1030 Sec 1 4 a Sec 1 4 a 3 Sec 1 7 e Example actions may include USA AUS Sec 1 4 a USA AUS Sec j- sa Sec 1 4 a c U Sec 1 7 e 1 I The strategy of this Sec 1 4 a C-3-5 134 Sec 1 7 e 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 effects It is important to note that IO plans that incorporat W 390 1719 Sec 1 7 e W Sec 1 4 a Sec 1 on the supporting information infrastructure The 59 14 3 Sec 1 4 a Refer to Plan Summary Base Plan and Annex for more detailed descriptions of defense types 0 End State Refer to the Base Plan and Annex Operations Sec 1 4 a 59 14 3 land appropriate legal informational military diplomatlc or economic measures are Sec 1 4 a Sec 1 4 a US resumes normal cvber operations_ Sec 1 4 a I Sec 1 4 a DOD is postured to support homeland security critical infrastructure protection and civil support US allies and coalition partners have freedom of action to operate in cyberspace U vaer Engagement Criteria Refer to the Base Plan b U Strategic Obiectives IO Tasks General 10 tasks will be covered in Tabs A through of Appendix 3 Information Operations All types of cyber defense will be utilized W11 59 17 9 1 W Sec 17 8 Example actions may include 0 3 4 33 Additionally USSTRATCOM 89 Sec 1 4 a 90 91 92 93 2 W The commander le efforts will 94 Sec 1-4 a by employing assigned 10 95 assets to protect USSTRATCOM information I 96 031 1 Sec 1-4 a Iwhile ensuring readiness reliability 97 and continuity of the DOD GIG and the critical information infrastructure IO 93 Sec 1 4 REL USA AUS Sec 1 4 a I 104 Sec 1 4 a 105 106 i U COAs 1310159017191 107 Sec 1 7 e I 108 The primary method of supporting the mission is through the development of 109 integrated 10 courses of 1 10 Sec 1 7 e 111 112 113 - Icourses of action underscore 114 the importance of contingency planning and early response to a crisis Given 115 clearly stated objectives and effectively integrated IO capabilities this has the 116 potential to change the course of threatening events Finally when deterrence 117 fails IO - COA Refer to 113 Figure 03-1 119 120 2 Sec 1 7 e I 121 Sec 1 7 e I SpeCi c 122 implementation 53 1We I 123 Sec 1 7 e Ito 124 Appendix 3 Information Operations to Annex Operations I 125 Sec 1 7 e 126 127 128 129 130 131 132 133 42 Sec 1 4 a 43 44 45 This appendix provides guidance for the 46 planning integration and implementation of current 10 capabilities and 47 development of future IO capabilities to support the planning deployment and 48 employment of US forces for dominance in cyberspace 9 93901-403 49 Sec 1 4 Advers Refer to Annex 55 Sec 1 7 e 56 - 57 b U Friendly Refer to the Base Plan 58 59 U The US and our allies are increasingly reliant on automated 60 communications and information-based decision-making systems These 61 systems are vital to US war ghting capabilities The US requires an integrated 62 and approach to maintaining information superiority 63 64 2 U Essential Elements of Friendly Information Refer to the Base 65 Plan 66 67 c U Assumptions Refer to the Base Plan 68 69 2 U Mission Refer to the Base PlanConce of erations This a endix rovides 74 USSTRATCOM with Sec 1 4 a 75 Sec 1 4 a 76 77 78 IUS vital interests and contribute to con ict 79 termination on terms favorable to the US 80 81 1 This appendix provides a variety of preplanned courses of 82 action LCOA that support CDRUSSTRATCOM objectives outlined in the Base 33 plan Sec 1 4 a 84 Sec 1 4 a Us 85 and coalition forces USSTRATCOM will coordinate integrate and 86 DOD IO in support of assigned cyberspace missions identify 10 requirements 87 and capabilities for cyber Operations and when directed plan and or execute 41 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NEBRASKA 681 13 6500 28 February 2008 APPENDIX 3 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U U OPR JFCC GSI J39 INFORMATION OPERATIONS U U References Refer to Base Plan a U CJCSI 3210 01B Joint Information Operations Policy 5 January 07 S b U DODD-3600 01 Information Operations 14 Aug 06 U c U Joint Pub 3 13 1 Joint Doctrine for Electronic Warfare 25 Jan 2007 U d U Joint Pub 3 13 Information Operations 13 Feb 2006 U e_ U Sec 1 7 e 13 Jul 06 U f- U Sec 1 7 e 01 Aug 2007 S g U CJCSI 3210 038 Joint Electronic Warfare Policy3-13 3 Joint Doctrine for Operations Security 29 Jun 06 U Sec 1 7 e U 5 Sep 2003 U k U JP 3-09 Doctrine for Joint Fire Support 13 Nov 2006 U k U JP 3-61 Joint Doctrine for Public Affairs 9 May 2005 U 1 U Sec 1 7 e Sec 1 7 e Jan 2006 1 SW Situation This appendix describes IO activities supporting CONPLAN 8039 10 integrates the core capabilities of and CNO to achieve CDRUSSTRATCOM effects and objectiveslwm 39 14 3 Sec 1 4 a I Sec 1 4 a to ful ll this plans objectives When employed successfully IO 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 Sec 1 4 a 8 U Tasks Refer to Base Plan for additional tasks I Sec 1 7 e For CONPLAN 8039 taskings signi cant interagency support 'may required Access to the interagency will be through the Joint Staff or appropriate liaison elements Refer to Annex Interagency Coordination for further discussion This CONPLAN will not explicitly task the interagency partners 9 U Coordinating Instructions Refer to Base Plan 4 U Administration and Logistics Refer to the Base Plan 5 U Command and Control Refer to the Base Plan and Annex Command Relationships OFFICIAL Mark H Owen Brigadier General USAF Director Plans and Policy KEVIN CHILTON General USAF Commander Appendixes 3 -- Information Operations 8 -- Rules of Engagement 9 -- Intelligence Surveillance and Reconnaissance 16 Critical Infrastructure Protection 17 Network Operations 18 -- Time Sensitive Planning 19 -- Effect Assessment Guidance 20 I C-12 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 SEGR-EF Sec 1 4 a 2 _p_lo erations favor Sec Mr tol b 1 bec 1 4 a 020 1 Sec 1 4 a should consider the impact that a U Sec 1 7 e W Commander s Intent Sec 1 A 8 mu Sec 1 4 a 2 operations favor 63 1 Sec 14 a Sec 1 4 a Sec 1 4 a Sec 1 W Commander s Intent 5901- Sec 1 4 a 2 operations favor Sec 14 a planner should consider 33 14 a 3 Sec 1 4 a 1 The Sec 1 4 a 11- U Sec 1 7 e W Commander s Intent Provide Sec 1 4 a 2 Operations fa_vor Sec 1 4 a Sec 1 4 a Sec 1 4 a C-ll 195 Intelligence Surveillance and 196 Reconnaissance ISR Operations Refer to Appendix 9 Intelligence 197 Surveillance and Reconnaissance to Annex Operations 93 USA AUS I 199 200 7 U Cyberspace Sec 1 7 e 201 U 202 Commander s Intent Support I 203 US government efforts to 204 Sec 1 4 a 205 206 207 2 ann Sec 14 8 1 203 Sec 1 4 a 209 210 211 US national interests if attributed 212 I 213 1 SW Commander s Intent Wm 214 Sec 1 4 a 215 216 217 218 2 WI Sec Ma 219 Sec 1 4 a 220 221 national interests if 222 attributed 360 17 8 224 bx 3 1 Commander s 225 1 ec1 4a 226 227 228 229 Sec 1 7 e Figure 6 U Sample Activities 177 178 I 6 Supporting capabilities In addition to 179 cyberspace capabilities supporting capabilities will be to 180 achieve Iwithin 131 IWh e each planl Sec 1 7 e 132 I there 183 are capabilities that should be considered in any plan 184 U Strategic Communication Refer to Annex Strategic 1 85 Communication 186 U NW1 58 17 3 Refer to Appendix 3 187 mm Sec 17 3 Ito Annex A Task Organization for general 188 189 I 190 I Information Operations IO Refer to Appendix 3 191 Information Operations of Annex Operations for detailed discussion of 192 the integration of each core 10 capabilities in support of CONPLAN 8039 193 Refer to Annex Sec 1 4 a I seem C-9 Sec 1 7 e Figure 5 U Sample Activities 165 166 167 U 53 We Iin support of operations in and 168 through cyberspace I 169 Sec 170 171 includin other as ects samp 8 - to 173 Appendix 3 Information Operations to Annex Operations for 174 additional discussion 175 176 C-8 153 154 155 156 157 158 159 160 161 162 163 164 Sec 1 7 e Figure 43 U Sample cyberspace activities supporting hm sec 117 3 C U Sec 1 7 e loan come from an I Sec 1 7 e Sec 1 7 e to Appendix 3 Information Operations to Annex Operations for additional discussion SEGR-EF 144 3 as a construct for a notional adversary This process should be followed 145 Idesignated inl b 1 Sec 1 7 e I 146 Sec 1 7 e I 147 Sec 1 7 e Figure 33 U Sample cyberspace activities supporting hm Sec 143 I 149 L00 Sec 1 7 e 150 151 other command plans as applicable Consider Figure 4 as a construct 152 where other commanders or other USSTRATCOM plans are supported C-6 Defense Activities Sec 1 7 e Figure 2 U Sample Defense Activities 123 5 Offensive Operations in and through cvberspace USSTRATCOM 124 will provide a range of offensive capabilities inthe cvberspace domain to achievel Sec 1 7 e I 126 Sec 1 7 supported by or in support of I hm 53 17 9 1 133 environments eci c activities should be lanne 134 operations See 135 Sec 1 7 e See 136 to Appendix 3 Information Operations to 137 Annex Operations For purposes of this CONPLAN in accordance with 133 mm Sec me are described as below in 139 Sec 1 7 e I 140 I 141 lib 39 17 3 will be integrated across each of their 142 military functions I 143 Consider Figure - C-5 121 122 Sec 1 7 e Figure 1 U Sample cyberspace Sec 1 7 e c-4 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 SECRET the effects that they could create across all sub-areas of cyberspace A through as outlined in Figure 1 of the Base Plan USSTRATCOM will plan and conduct operations in cyberspace to achieve CONPLAN 8039 objectives The desired effects list found in paragraph 3b 3 c 2d assist with Combatant Commands in establishing a framework to speci c tasks that cyber forces will execute Sec 1 7 e Sec 1 7 e I 3 U Offense Defense Mix To achieve cyberspace superiority forces require situational awareness robust defense in depth of our Cyberspace systems the Sec 1-7 e Eton Sec 1 intent Sec 1 7 e activities are not conducted b 1 Sec 1 7 e I commander Sec 1 7 e improve their defenses Offensive and defensive capabilities will be merged in CONPLAN 8039 to establish cyberspace superiority at times and places critical to the 4 U Defensive Operations in cyberspace CONPLAN 8039 describes cyberspace defense as those actions taken in cyberspace to protect defend monitor analyze detect and respond to unauthorized attacks against the DOD GIG and as directed other US cyberspace For sec g tf'dance defensive purposes of this CONPLAN in accordance with operations are described as below Sec1 7 e Sec 1 7 e cyberspace Iplanners will consider Sec 1 7 e Sec 1 7 e Sec 1 7 e cyberspace Consider Figure 1 as a construct to ensure 33 17 3 Sec 1 7 e in and through cyberspace military functions should be followed for a Sec 1 7 e designated Sec 1 7 e Figure 2 -- I This process of developing operations I Planners will also consider friendly 38 obligations to which the US is a party LOAC customary international law 39 ROEs and national policies 40 2 U Mission Refer to Base Plan 41 3 U Execution 42 a 1 Conduct of Operations Operations in 43 and through cyberspace Em 39 44 taxi Sec 1 4 a 45 46 CDRUSSTRATCOM will provide strategic direction to CC As for 47 Iin and through cvbersnace 43 CDRUSSTRATCOM may establish Ito 49 Sec 1 4 a I 50 I JFCC GSI JFCC NW and 51 JTF GNO will coordinate all requests from CC As prioritize these 52 requests and coordinate for support from the applicable CC As as 53 needed US military operations in cyberspace will be conducted as 54 necessary 55 Sec 1 4 a 56 57 58 59 60 when directed 61 1 U Commander s Intent conducts Operations in 62 and through cyberspace by providing cyberspace effects under two 63 scenarios 64 When CDRUSSTRATCOM is the supported commander for 65 planning within the context of other STRATCOM plans Sec I 66 In this case cyberspace effects will 67 alsol W Sec me Additionally 68 when supported CDRUSSTRATCOM will provide cyberspace effects to 69 byberspace threats - 70 When USSTRATCOM is a supporting commander for another 71 combatant commander effects and activities in support of other plans will 72 be derived via the applicable combatant commander plan For timing and 73 tempo of operations forces will follow the phasing 74 or planned construct resident in that plan 75 2 U Priority Effects Refer to the Base Plan 76 77 Therefore all operations in and through cyberspace must be considered for I C-2 SEQ-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113 6500 28 February 2008 ANNEX 0 TO USSTRATCOM CONPLAN 8039 U U OPR JFCC Nw J5 OPERATIONS U U References Refer to Base Plan 1 U Situation a W General 1 CONPLAN 8039 describes the process for planning and Sec 1413 I This annex discusses the concept of operations for Sec 1 4 a Sec 1 4 a Sec 114 8 command relationships and M0 Sec 14 a Imilitary operations relative to CDRUSSTRATCOM mission to conduct DOD operations in and through cyberspace This annex concerningl bX 36 14 of this plan 2 U Iin cyberspace are currently centered onlmm Sec 1 7 e Sec 1 7 However Sec 1 I 1 line U Area of Concern See Base Plan Sec I See Base Plan U Adversary Capabilities See Base Plan U Frienle Force Capabilities See Base Plan 1 U Assumptions See Base Plan U f Legal Considerations See Appendix 8 Rules of Engagement Legal review is required in the planning and execution of operations in and through cyberspace to ensure compliance with the US Constitution applicable US statutes international treaty agreement C-l INTENTIONALLY BLANK 13 9-4 72 2 U The USSTRATCOM 3 approves requests and mm Sec 1-7 e 73 Ias recommended 4 U Components will secure and 77 identi ed in paragraph 1 78 c U Coordinating Instructions DIRLAUTH is authorized between all 79 coordinating units and the Headquarters USSTRATCOM staff 80 4 U Administration I 81 administrative processing 82 a U 83 Sec 1 7 e 84 85 b Administration Administrative 86 proper reporting are vital parts of the process 87 Iis initiall ublished for National-level 88 consumption and archived at the Contents of the initial report 89 consist of lead examiner date of report 90 030 1 Sec 1 7 e 91 92 93 5 Command and Control I 94 would notify their higher headuarters to inform 95 them of would then immediately implement 96 administrative procedures 9'7 98 Kevin P Chilton 99 General USAF 100 COMMANDER B-9-3 U Mission Refer to Basic Plan 3 U Execution a U Concept of Operations Summarize the general concept governing om Sec 1 7 e Sec 1 7 e Tabs to this Appendix 1 W Upon execution of CONPLAN 8039 CDRUSSTRATCOM I The following topics are covered speci cally in Sec 1 4 a mu Sec 1 4 a Ifor USSTRATCOM USSTRATCOM subordinate commanders will report to J2 for Sec 1 4 a Sec 1 4 a I zo satisfy CDRUSSTRATCOM intelligence requirements 2 W mxn Sec 14 3 lthrough mm Sec 1 4 a lthrough legal channels Q3 W I ma Sec 1 4 a I 14 3 are of great value to USSTRATCOM's IO mission and force protection Operations In Sec 14 8 may provide signi cant information for USSTRATCOM and President and Secretary of Defense Sec 1 4 a b U Tasks I ma Sec 1 7 e Sec 1 7 e List the assigned tasks to each element of the supported and supporting commands At a minimum address tasks for -2 l W Sec 1-7 and component commands 1 U The USSTRATCOM 2 is responsible for leadership oversiht and policy 7 The USSTRATCOM J2 rioritizes requirements operationally controls the intelligence 11-th ON OOHSEQ-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113-6500 26 February 2008 APPENDIX 9 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039-07 U U OPR HQ USSTRATCOM J2 Sec 1 7 e ussc U References a U Sec 1 7 e 18 Sep 86 C b_ U Sec 1 7 e 30 Jun 97 U Sec 1 7 e Aug 87 U d U Joint Pub 2 01 Intelligence Support to Joint Operations 20 Nov 96 U 1 W Situation Sec 1 4 a discovery The information obtained assists 53 Sec 1 4 a I They also provide key information for the W1 Sec 14 3 Sec 1 4 a I It is therefore Sec 1 4 a Sec 1 4 a a 5901- Refer to Annex of the Base Sec 1 7 e Sec 1 7 b 3 a guidance and support 390 14 a Friendlv J2 will provide Sec 1 4 a C Assum tions Sec 1 7 e 1 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 21 1 PAGE INTENTIONALLY LEFT 176 3 U USSTRATCOM Collection Managers can select alternate product 177 delivery methods within 178 179 5 U Command and Control Refer to Annex Intelligence 180 181 182 Kevin P Chilton 183 General USAF 184 COMMANDER 185 186 187 3 8 5 130 U Provide immediate information on and assessments 131 Sec 1 7 e 132 133 134 135 136 U Provide updates and status concerning changes that affect the 137 Sec 1 7 e 138 Ito facilitate the most responsive 139 tasking of assets in support of Commander USSTRATCOM 140 141 3901-7 e support of 142 USSTRATCOM collection requirements 143 144 3 U 39 13 3 Ithrough the 146 standing requirements validated by 147 to reference b 148 149 4 U USSTRATCOM JFCC ISR Ensure proper national-level 150 coordination and approval of Sec 17 3 requirements in 151 support of this CONPLANmonitoring the progress of i 154 requirements and product reporting 155 156 c U Coordinating Instructions Refer to references a through i 157 153 4 U Administration and Legistics 159 160 a U Logistics Not applicable 161 162 b U Reporting 163 164 1 U task appropriate processing I 165 to satisfy validated USSTRATCOM requirements This will be accomplished 166 through Sec1 7 169 170 171 172 173 174 product format or posting location Refer to references and g 175 SEQ-REI- 85 Collection Mana ement will provid 86 W1 Sec 17 9 support to HQs staff elements only USSTRATCOM 87 Centers components and subordinate commands will assume 38 Sec 17 9 Ifunctions for their organizations while keeping HQ 89 informed FCC ISR will closely collaborate with USSTRATCOM 2 to 90 maintain awareness of requirements and to ensure with DOD 91 ISR Ultimately reporting agencies will be responsible to the Command and its 92 subordinate F008 93 94 2 i 95 architecture 96 distributed throughout the DOD bec I I I 97 support USSTRATCOM missions are executed by other organizations to 98 include Sec 1 4 a 131 1 Sec 1 4 a I The DOD 99 100 b U Tasks 101 102 U USSTRATCOM Collection Managers 103 104 U Collection Managers submit Sec 1 7 e 105 reuirements 106 to reference 0 107 108 U USSTRATCOM Centers com onents and subordinate 109 Command Collection Managers will also submit quirements through 110 keeping HQ informed Refer to reference i 111 112 U Users withou 113 mail message or telecom to 114 121m 116 117 U Provide timely responsive processing and validation of 113 USSTRATCOM Commander's me 119 Sec 1 7 e I 120 validation execute 121 requirements validation and tasking for time critical requirements and special 122 circumstances after normal working hours and on weekends Refer to 123 reference e an submit requirements by e- 124 125 U Provide status to USSTRATCOM 23 Intelligence Capabilities 126 Branch of all Commander USSTRATCOM Irequirements 127 Assist in the coordination Jrequirements with other Uni ed 128 Commands National Agencies and Services Refer to reference e 129 SECRET B-8-3 SEQ-REF collection requirements Sec 1-403 outlined in reference b and is not included in this appendix a U Refer to Annex Intelligence b U Friendly Sec 1 7 e lis resoonsible for Sec 1 balancing competing priorities of military and national needs as detailed in reference b 2 Sec 1 7 e land prioritizes collection requirements in line with Sec 1 7 e 3 U Sec 1 7 e will provide timely responsiVe processing and validation of Commander USSTRATCOM Sec 1732 Sec 1 7 e intelligence requirements 3901-709 hm 33 We jfor valldation Ilbl Sec 137 9 ICombatant Command requirements to the a Sec 1 7 e 4 U Sec 1 7 e USSTRATCOM and the Commanders of FCCs with orovide Commander consultation and support in planning activities 5 U Sec 1 7 e Sec 1 7 e and provide Sec 1 7 e will conduct the Sec 17 9 sup sort mission c U Assumptions Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution Refer to Annex Intelligence a U Concept of Operations 8-8-2 SECRET HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113-6500 26 February 2008 1 APPENDIX 8 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U 2 U OPR HQ 3 Sec 1 7 e U 4 5 U References 6 7 a U Intelligence Community Directive-1 Policy Directive for Intelligence 8 Community Leadership 1 May 2006 UTKFebruary 16 1997 U 17 18 e Sec 1 7 U 20 21 f Sec 1 7 8 I 22 December 2005 U 23 24 U Sec 1 7 e I 25 9 June 2006 S 26 27 h U D-R-A-F-T Department of Defense Directive SUBJECT 28 59 17 3 within the Department of Defense Apr 05 U 29 30 i U Implementation Directive Joint Functional Component for 31 Intelligence Surveillance and Reconnaissance JFCC ISR 24 Jan 2005 U 32 33 1 W Situation I 34 Sec 1 4 a I 35 bmseC1'4la I Given the current intelligence tasks in the 36 W1 Sec 14 3 to the overall 37 plan As such this appendix provides a general overview of th 38 organization general responsibilities and procedures for mmsec - a a B 8-l 129 3 U USSTRATCOM JFCC ISR Ensure proper national level 130 coordination and approval of appropriate 131 support of this 132 133 c U Coordinating Instructions Refer to references 134 135 4 U Administration and Logistics 136 137 a U Logistics Not applicable 138 139 b U Reporting 140 141 U Originating Collection Management of ce will task appropriate 142 processing 17 9 W0 satisfy validated USSTRATCOM 143 requirements m1 Sect- 19 144 145 121 146 I Sec 1 4 a 147 148 149 5 U Command and Control Refer to Annex Intelligence 150 151 a Command Relationships Refer to Annex Intelligence 152 153 b Communications Refer to Annex Intelligence 154 155 156 Kevin P Chilton 157 General USAF 153 COMMANDER 159 160 161 162 163 3 7 4 42 USSTRATCOM missions are or may be executed by but not limited to Sec Ha Sec 1 4 a b U Tasks 1 U USSTRATCOM Collection Managers 131 U USSTRATCOM J2 Collection Managers I Sec 1 7 e I JWICS ref 0 U USSTRATCOM Centers components and subordinate command Collection Managers will also submit Sec 1719 line keeping HQ informed ref 1 Sec 1 7 e I U Users withoutl Sec 1 7 e USSTRATCOM 2 Collection Managers 2 U U Provide timelv responsive review and validation of USSTRATCOM See me Sec 1 7 e Ie-mail message or telecorn to b1 U1 Provide status to USSTRATCOM J2 of all Command 1111393171 Sec 1 7 e U Provide immediate information on and assessments of events that impact collection management tools communications and dissemination systems databases collection sensor and systems processing and other support functions U Provide updates and status concerning changes that affect the execution of collection management functions I Ito facilitate the most responsive tasking of assets in support of the Commander USSTRATCOM Sec 1 7 e USSTRATCOM collection requirements I assets in support of SEGREI B-7-3 Sec 1 4 a a U Refer to Annex Intelligence b U Friendly 1 Sec 1 7 e Sec 1 7 e Sec 1 7 e Sec c U Assumptions Refer to Base Plan 2 U Mission Refer to Base Plan 3 U Execution Refer to Annex Intelligence a U Concept of Operations forla msec 177 6 Production 1 U Collection Management USSTRATCOM J2 Intelli ence Capabilities Branch will provide support to HQs staff elements only USSTRATCOM Centers components and subordinate commands will assume 17 9 for their organizations while keeping HQ informed FCC ISR will closely collaborate with USSTRATCOM 2 to maintain awareness of requirements and ensure with DOD ISR Ultimately reporting agencies will be responsible to both the Command and its subordinate FCCs Rm mm Sec 1 4 a I The DOD arc itecture for distributed throughout the Sec 1 4 a required to support SEQ-REF B-7-2 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AFB NE 68113-6500 28 February 2008 1 2 APPENDIX '7 TO ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U 3 U OPR HQ USSTRATCOM J2 4 IU 5 6 U References 7 8 a U Joint Pub 2 01 Joint and National Intelligence Support to Military 9 Operations 7 October 2004 10 11 b Chairman oftheJ i if fIn in 12 28 January 13 I4 15 c I 18 February 16 1997 UNovember 1996 20 21 e 22 22 March 2007 Situation Given the current intelligence tasks in the CONPLAN 32 Sec 1 4 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 26 February 2008 U OPR 3 COMMAND RELATIONSHIPS U 4 References ANNEX TO COMMANDER USSTRATCOM CONPLAN 8039 U 5 a U Uni ed Command Plan UCP TS 7 c U Joint Publication 1-02 Department of Defense Dictionary of 8 Military and Associated Terms 12 April 200 1 As Amended Through 20 March 9 2006 U 10 d U Joint Pub 1 Doctrine for the Armed Forces of the United States 11 14 May 2007 U 12 e U Delegation of Disclosure Authority Letter National Disclosure 13 Policy Committee Case No 6005 00 Multiple Countries U Memorandum of Arrangement between The Department of 15 Defence of Australia The Ministry of Defence of The United Kingdom of Great 16 Britain and Northern Ireland and The Department Of Defense of The United 17 States of America on Information Operations Data Exchange U 2004 National Response Plan NRP Cyber Annex Dec 04 U 19 h U Trilateral Memorandum of Agreement among the Department of 20 Defense the Justice Department and the Intelligence Community Regarding 21 MD See 1 7 e 22 9 May 23 1 U General 24 a U Operational Area s Refer to Base Plan para 1 b 25 b U Scope This Annex de nes the command and cooperative 26 relationships between USSTRATCOM DOD organizations non-DOD USG 27 agencies and civilian entities as they pertain to cyberspace operations J-1 SW Mission CDRUSSTRATCOM plans and directs integrated DOD cyber Sec 1 4 a I M1 Sec 1 4 a defend the DOD networks from aggression and as directed use cyberspace to advance and defend US interests 3 U Execution CDRUSSTRATCOM will plan and carry out the strategic global cyberspace missions for DOD CDRUSSTRATCOM will be designated as the supported commander by the POTUS or SECDEF and CJ CS for strategic global Cyberspace Operations CO and as a supporting commander for geographic regional CO As the DOD military lead for CO CDRUSSTRATCOM serves as a conduit to the As for Operational policy issues and mission operations a U CDRUSSTRATCOM Responsibilities 1 U Coordinate through the USSTRATCOM Director Global Operations 3 all CO support requested by As U Act as A's primary contact for cyber support through the USSTRATCOM J3 via the Global Operations Center GOC As can also request cyber support through any STRATCOM component Such requests will in turn be forwarded to the GOC for internal coordination action U Designate the USSTRATCOM Director Plans and Policy 5 as the staff element responsible for consolidating prioritizing decon icting and assigning USSTRATCOM Cyberspace resources based on commander's guidance U Retain Administrative Control ADCON authority of the deployed USSTRATCOM CO components teams consisting of HQ USSTRATCOM FCC NW JTF GNO and IOWC personnel depending on mission requirements as appropriate 2 U Exercise Coordinating Authority CA with As as de ned by reference above 3 U Develop relationships with the As and external organizations that will maintain and augment existing HQ USSTRATCOM JTF GNO FCC NW JFCC GSI FCC SPACE and JIOWC relationships 4 U Coordinate 33 as appropriate 5 U Evaluate select pursue cyber threats plan and prioritize the desired effects necessary to achieve the appropriate combination of the plan's based on the scenario J-2 U USSTRATCOM Components 1 U Lead Component and assignment of forces CDRUSSTRATCOM designates JTF GNO as the lead component to operate and defend the DOD GIG All other USSTRATCOM components are assigned in a supporting role for the operation and defense of the DOD GIG W CDRUSSTRATCOM will conduct military operations in cyberspace as either the supported or supporting commander CONPLAN 8039 will provide the methodologr for determining 33 will designate a lead component and assign forces for executiOn of speci ed cyberspace missions based upon the nature of the crisis contingency The lead component has the responsibility to integrate offensive and defensive activities see Figure 1 For timing and tempo of operations USSTRATCOM assigned cyber forces I he USSTRATCOM designated lead component i W Will be Iday-to- day management of assigned cyberspace forces in executing the assigned mission as appropriate U 2 W Will support theater operations as directed by CDRUSSTRATCOM U W Will collaborate and coordinate across the USSTRATCOM staff Service component staffs assigned to USSTRATCOM and their respective operations centers Combatant Commanders and other DOD and non-DOD partners to ensure unity of effort in support of military and other national security operations 4 W Will request to establish to plan Sec 1 4 a Sec 1 4 a collaborate and decon ict operations J-3 Sec 1 4 a U Figure 1 Command Structure S REL USA AUS GBR 94 W Assignment of forces In general the 95 following principles applv to the assignment of cvber forces I 96 Sec 1 4 a 97 98 99 100 101 102 103 104 105 106 107 108 109 110 2 U USSTRATCOM Components and Service Components J-4 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 SEQ-REF U USSTRATCOM Components U F999 JTF GNO As directed by CDRUSSTRATCOM JTF GNO supports the Uni ed Command Plan UCP mission of global network operations The UCP 2006 states that USSTRATCOM shall be responsible for planning integrating and coordinating DOD global network operations by directing GIG operations and defense and identifying and advocating these desired characteristics and capabilities CDRUSSTRATCOM through CDR JTF GNO provides the DOD with the direction and oversight to operate and defend the GIG and accommodate interfaces to coalition allied and non-DOD users and systems CDR JTF GNO reports directly to CDRUSSTRATCOM and exercises TACON OPCON of assigned forces JTF GNO upon implementation of CONPLAN 8039 and on behalf of CDRUSSTRATCOM will assume TACON of assigned defensive CO forces Commander JT GNO executes NetOps via assigned forces As required to ful ll mission requirements CDR has authority for direct liaison DIRLAUTH with other DOD components to include As to exchange information germane to cyberspace activities and promote situational awareness relative to hostile acts directed toward DOD networks The following speci c authorities are granted to CDR JTF GNO a U F999 CA for the planning and execution of the GIG NetOps mission U POD-9 OPCON or TACON of assigned NetOps and CND forces as directed 9 U Direct Liaison Authorized DIRLAUTH between JTF GNO and the following USSTRATCOM functional components Service components subordinate organizations Combat Commands and communities of interest USSTRATCOM will be kept informed CDR JTF GNO is encouraged consistent with DOD rules and regulations to develop robust coordinating relationships for information sharing to include non DOD US government organizations intergovernmental organizations nongovernmental organizations multinational military commands alliances and coalitions state and local governments commercial and research communities 2 U JFCC NW On a daily basis FCC NW will conduct operational and tactical level planning and day-to-day employment of assigned and attached forces integration of 03 1 59 17 9 I Sec 1 7 e I effects or that directly support national objectives in and through cyberspace This J i support of other Combatant Commanders as directed At a minimum the FCC NW is required to 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 a U all capabilities for operations in and through cyberspace with the JTF GNO JIOWC and other FCCs as necessary Assume OPCON or TACON where applicable of cyber forces for day-to day and crisis operations 2 U Develop recommendations to alleviate from a global perspective Operational resource con icts for Operations capabilities of cyber forces 9 U Develop Course of Action COA recommendations for operations in and through cyberspace in support of USSTRATCOM and national strategic objectives Support FCC GSI for the integration of operations in and through cyberspace into USSTRATCOM global strike COAs Provide an embedded capability in the Global Operations Center GOC to support FCC GSI mission of operational level integration of USSTRATCOM missions and maintaining situational awareness for the commander U Coordinate and maintain tactical level intelligence as necessary to support components of operations in and through cyberspace provide hm Sec 17 8 U Establish a relationship with mission area experts in the applicable regional commander's Standing Joint Force Headquarters SJ FHQ to provide operational support for NW capabilities This relationship will include the training and periodic quali cation of NW support in SJ FHQs as required U Provide support for headquarters USSTRATCOM and other geographic and functional Combatant Commanders exercise wargames and experimentation requirements Integrate and efforts with USSTRATCOM Training and Exercise Division J37 Support headquarters development of military utility assessments research and development efforts and advocacy of capability needs for the Joint Capabilities Integration Development System JCIDS process U Report operational readiness assessment of assigned mission areas as directed by headquarters WE-9W USSTRATCOM or the requesting CCDR Authority necessary to Sec 1 4 a 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 Sec 1 4 a Sec 1 4 a W The following are operations see Table 4 Subject Sec 1 4 a mm Sec 1 4 a Table 1 Sec 1 4 a USA AUS GBR Sec 1 4 a REL USA AUS GBR 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 SEGR-EF ll SHREL USA I Sec 1 4 a 21 IREL USA AUS Sec 14 a Sec 1 4 a W lcomputers networks information and information systems is authorized only for the purpose of conducting an approved Operation as de ned in this plan Sec 14 8 1 Sec 1 4 a I Sec 1 4 a 4 SHREL USA AUS I Sec 1 4 a FC noti cation is required for W1 Sec 14 8 I CDRUSSTRATCOM may delegate this authority to the CDR FCC NW when acting as supported commander W1 390 4 a Sec 1 4 a 5 WW Supportied 9 W Supported FC approval is required for WW 89 mm Sec 1 4 a - I CDRUSSTRATCOM may delegate this authority to the CDR FCC NW when acting as supported commander which ma be Tam Sec 1 4 a further delegated to a General Of cer F1ag Of cer within FCC NW Sec 1 4 a SW All formal requests for approval I M1 Sec 1 4 a J-8 248 249 250 251 252 253- 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 mu Sec 1 4 a S REL USA AUS GBR Sec 1 4 a Sec 1 4 assigned the following authorities 1 U CA for the planning and execution of the CO mission 2 U OPCON or TACON of assigned cyberspace forces as directed by headquarters U DIRLAUTH between FCC NW and other joint and Service components Combatant Commanders and DOD agencies while' keeping headquarters informed FCC Commanders are encouraged consistent with DOD rules and regulations to develop the robust coordinating relationships to include inter agency and combined forces where required to enhance the mission effectiveness of operations in and through cyberspace U F9149 FCC GSI FCC GSI will act as the overall lead USSTRATCOM component in direct support of the CDRUSSTRATCOM to develop integrated crisis response COAs provide integrated analysis of the Command s global mission capabilities provide execution recommendations for supported and supporting mission tasks execute global strike missions when directed and through a FCC GSI managed GOC that integrates inputs of all components and Service task forces provide the headquarters with situational awareness for all operational responsibilities Provide continuous situational awareness of assigned forces engaged in ongoing global strike operations Provide coordinated tasking from the headquarters to other joint components and Service task forces as necessary for the of all USSTRATCOM operational and tactical mission planning and execution needs IAW USTRATCOM H021 CONOPS At a minimum the FCC GSI is required to a U F-Q-U-Q In accordance with Intelligence Integration CONOPS coordinate with I global strike intelligence requlrements J-9 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 U 17-999 Support USSTRATCOM led efforts to create and maintain strategic level OPLANs Support development and coordination of OPLANs and CONPLANs as directed by headquarters Support other Combatant Commands with global strike operational planning and execution as directed by headquarters Assume OPCON or TACON of Ias directed Sec 1 7 e U POGO Support HQ coordination with geographic and functional Combatant Commanders to support ongoing and future operational requirements for USSTRATCOM global strike capabilities Provide support for HQ USSTRATCOM and other geographic and functional Combatant Commanders exercise war game and experimentation requirements Integrate and efforts with USSTRATCOM Training and Exercise Directorate J7 U 119149 Support headquarters development of global strike mission research and development and advocacy of capability needs for the Joint Capabilities Integration and Development System JCIDS process 3 U Be the central manager of the mm Sec 1 7 e capability Manage the G00 1 U FOB-Q Chair the Information Operations Working Group IOWG i U 17-999 Manage the Joint Integration Working Group lg U FOB-Q Manage the Joint Planning Working Group JPWG U IOWC JIOWC is res onsible for plannin integrating and coordinating the IO core capabilities of and and lin support of FCs JIOWC is also the USSTRATCOM lead for strengthening IO capabilities across the DOD and is responsible for supporting the SC planning efforts of STRATCOM missions and FCs when requested At a minimum the IOWC is required to Sec 1 7 e e a U Enable FCs to plan and execute IO Sec A Emu Sec 1 7 e and CNO 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 SEGR-EF U Interface with the Joint Staff Military Services DOD and non-DOD agencies to coordinate and integrate IO efforts for joint commanders 9 U Participate I U Provide assistance to FC IO intelligence support efforts U Evaluate IO effectiveness in military operations U Provide Joint IO wargaming simulations to support joint exercises and experimentation U Assist with strategic IO planning and theater engagement U The Commander IOWC will deploy task organized 10 support teams to assist As as directed by CDRUSSTRATCOM i U Upon SecDef approval the Chief JIOWC Combatant Commander Support Team will fall under OPCON authority of the supported commander U JFCC SPACE JFCC SPACE will optimize planning execution and force management of the assigned missions and to coordinate space operations FCC SPACE supports CDRUSSTRATCOM in the conduct of space operations and exercises OPCON of designated space and missile- warning forces on behalf of CDRUSSTRATCOM CDR FCC SPACE is designated as the Global Space Coordinating Authority GSCA and the lead USSTRATCOM component for execution of Defensive Space Control DSC which includes the satellite Telemetry Tracking 85 Control TTC portion of cyberspace U FCC IMD FCC IMD serves as the CA on behalf of CDRUSSTRATCOM for planning and execution of the IMD mission JFCC IMD develops and coordinates IMD concepts of operations and supporting operational plans to include OPLANs CONPLANs FUNCPLANs and SUPPLANs as directed by HQ USSTRATCOM FCC IMD assumes OPCON or TACON control as directed of designated IMD capabilities for day-to-day and crisis operations JFCC IMD provides day to day and crisis operational support to missile defense components FCC IMD provides an embedded capability in the G00 to support the FCC GSI tasks of operational level integration of USSTRATCOM missions and maintaining situational awareness for the commander J ll 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 SEGR-EI U JFCC ISR FCC ISR conducts planning to employ DOD ISR resources to meet Combatant Commander national and departmental requirements the Joint Staff U S Joint Forces Command USJFCOM Combatant Commanders the military Services and other mission partners FCC ISR ensures the integration of DOD and national ISR efforts to satisfy Combatant Commander and national operational and intelligence requirements FCC ISR planning the use of national DOD and when feasible Allied Coalition ISR capabilities with employment of theater ISR resources U USSTRAT COM Service Components WW U S Arm Forces USSTRATCOM has COCOM of Sec 1 4 a 2 U US Naval Forces a_ The Sec 1 7 e I Navy forces certi ed for network defense are embedded in the parent force structure of all Navy component commanders assigned by their respective commanders with assignment of additional forces via Naval Component Task Force-ND as required JTF GNO has TACON authority of the NCTF-ND for cyber defense only The Navy Global Operations and Security Center NAVGNOSC is OPCON to JTF GNO In response to network events or activities as determined by CDR USSTRATCOM or CDR JTF GNO the Navy Cyber Defense Operations Command NCDOC shall instantaneously be attached to CDR JTF GNO who will exercise TACON upon contact with the NCDOC until such time that the responses to the events or activities are declared complete by CDR JTF GNO at which time the Navy will resume control of the NCDOC Sec Sec 1 7 e I When directed J-12 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 SEGR-EF bV a Joint Staff deplovment Sec 1 7 e CDRUSSTRATCOM is designated the supported commander b The Marine I IMarine forces certi ed for network defense are embedded in the parent force structure of all Marine component commanders with assignment of additional forces via as required The Marine Corps Network Operations and Security Center MCNOSC is OPCON to JTF GNO for CND Assignment of other Marine forces will be coordinated through MARFORSTRAT a W U S Air Force Forces USSTRATCOM has COCOM of 8 Sec 1 4 a c U Sec 1 7 e 11 Sec 1 4 a 2 U Sec 1 7 e protection See Base Plan up to the Top Secret level for the goal of J-13 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 SEQ-REF strengthening information networks to improve the con dentiality integrity and availability of information systems and improve the prediction detection and response capabilities USSTRATCOM 51 is designated as the United States National Lead JTF GNO is responsible for the operational mission 1 U Alternate Procedures Succession to Command U When the position of the combatant commander is vacant or in the temporary absence or disability of the combatant commander the deputy commander acts as the combatant commander and performs the duties of the combatant commander until a successor is appointed or the absence or disability ceases If a deputy commander has not been designated or is also temporarily absent or disabled interim command shall pass to the next senior of cer present for duty eligible to exercise command regardless of Service af liation U In the event JTF GNO cannot execute command of JTF GNO due to lack of communications or other reasons succession of command is Deputy JTF GNO Commander Marine Forces COMMARFOR Commander Air Force Forces COMAFFOR Commander Global Network Operations and Security Center CDR GNOSC Naval Network Warfare Command NAVNETWARCOM and Commander Army Forces COMARFOR U In the event CDR FCC NW cannot execute command of FCC NW due to lack of communications or other reasons succession of command is Deputy FCC NW U In the event CDR IOWC cannot execute command of IOWC due to lack of communications or other reasons succession of command is Deputy IOWC 4 U Support and Coordination Relationships WW Supporting Military Forces 1 I Sec 1 4 a Sec 1 4 a or the supported regional commander 2 U USSTRATCOM Combatant Commander Liaison USSTRATCOM Liaison Of cers LNOs will assist COCOM's in coordinating USSTRATCOM cyberspace activities Within speci c geographic AORs SEGREF 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 U All cyber forces supporting a CDR USSTRAT COM mission will immediately establish liaison with the USSTRATCOM LNO when arriving in a commander s theater U USSTRATCOM regional LNOs will assist coordination of USSTRATCOM CO activities between USSTRAT COM and the GCCs b Coordinating Authorities Integration 1 U JFCC GSI U Coordinate requirements of the lead Component for non-routine -daily activities functions and objectives W In coordination w JTF GNO JFCC NW JIOWC 85 JFCC cyberspace Assist JIOWC in the development of Sec 1 4 a I operations in and through cyberspace W In coordination with JTF GNO FCC NW JIOWC and JFCC Sew-4 a I to facilitate USSTRATCOM cyber execution when in the supporting role U W Provide initial assessments of operations lessons learned shortfalls and additional requirements or authorities as required SW J3 Assist in the coordination and decon iction with GCCs in support of CONPLAN 8039 Cyberspace Operations 0 Supporting Agencies 1 U The National vaer Response Coordination Group JTF GNO supports and coordinates with the National Cyber Response Coordination Group on behalf of USSTRATCOM Per ref g the CRCG is an interagency forum where organizations responsible for a range of activities technical response and recovery law enforcement intelligence and defensive measures coordinate for the purposes of preparing for and executing an ef cient and effective response to a cyber incident of national signi cance 2 WHMU Sec 1 4 a I for DOD SECRET 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 SECRET computers and DOD computer networks of the GIG Sec 14 3 Sec 1 4 a 3 U Joint Warfare Analysis Center JWAC The JWAC provides Sec 1 7 e this CONPLAN all JWAC support for Operations in and through cyberspace should be coordinated through USSTRATCOM 3 When this CONPLAN is not in effect direct liaison per A policy is customary 4 U National Infrastructure Protection Center NIPC The NIPC serves as the focal point for threat assessment warning investigation and response to threats or attacks against national critical information infrastructures It serves as both a national security and law enforcement organization to detect deter assess warn of respond to and investigate computer attacks intrusion and unlawful acts target against the GIG USSTRATCOM will normally interface with the NIPC through JTF GNO 5 U Sec 1 7 e Sec 1 7 e U Sec 1 7 e Sec 1 7 e U Sec 1 7 e Sec 1 7 e 1 Coordination With Diplomatic Agencies 1 U Department of State DOS The SECDEF will coordinate with the Secretary of State on matters concerning diplomatic relations with foreign J-16 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 M1 Sec 1 7 e SEGR-E-TF governments involved in cyberspace operational matters Under normal circumstances CDRUSSTRATCOM will coordinate with the CJ CS who in turn will coordinate with the DOS when considering or recommending as a cyberspace COA 2 U Department of Commerce DOC The SECDEF will coordinate with the Secretary of Commerce on matters concerning interstate and international commerce There are three main areas of interest related to DOC federal regulatory responsibility concerning computer systems and computer networks 1 regulating foreign sales of such technology 2 the National Bureau of Standards that establishes standards and protocols for such technolog and 3 regulating interstate and international commerce related to such technology Under normal circumstances CDRUSSTRATCOM will coordinate with the CJ CS who will coordinate with the DOC on matters involving the DOD GIG 5 Command and Control Command Posts a W Global Operation Center The GOC Sec 1 4 a b U JTF GNO 1 U The Global NetOps Center GNC is the JTF GNO Command Center responsible for executing the daily operation and defense of the GIG The GNC provides the overall management control and technical direction for GIG NetOps and oversees a collaborative coordination process involving all As supporting the business intelligence and war ghting needs of POTUS SECDEF and the NetOps Community 2 U JTF GNO has a full time LE CI Center for coordinating LE activities in support of cyberspace missions DOD LE organizations have assigned full or part time LE CI agents from each of the LE agencies including Naval Criminal Investigative Service NCIS Defense Criminal Investigative Service DCIS Air Force Of ce of Special Investigations 081 US Army Criminal Investigations Division USACID and Army Intelligence and Security Command INSCOM JTF GNO LE CI Center maintains a coordinating relationship with the IAIP DHS C- U JFCC NW JFCC NW Sec 1 7 e SEQ-REF 588 d U IOWC The IOWC is located at Lackland AFB in san Antonio 589 Texas The organization provides full Spectrum 10 planning support to 590 A's worldwide through COCOM support teams 591 592 593 594 Kevin P Chilton 595 General USAF 596 Commander 597 598 599 Of cial 600 Mark H Owen 601 Brigadier General USAF 602 USSTRATCOM Plans and Policy SEQ-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 26 February 2008 ANNEX TO USSTRATCOM CONPLAN 8039 U U OPR HQ USSTRATCOM J675 COMMAND CONTROL COMMUNICATIONS AND COMPUTER C4 SYSTEMS U U References a U USSTRATCOM Strategic AdministratiVe Instruction SAI 301 6 Collateral Automated Information System AIS Security Policy Current Edition U b U USSTRATCOM Strategic Administrative Instruction SAI 500 1 Information Operations Current Edition U C Sec 1 7 e Sec 1 7 e d U Chairman of the Joint Chiefs of Staff Operation Order CJ CS OPORD 2-FY Survivable Mobile Command Center Operations S e U CJCSI 6510 01D Information Assurance and Computer Network Defense Current Edition U f U CJCSI 3320 018 Electromagnetic Spectrum Use in Joint Military Operations 15 May 06 U 0 l l i l ll i r Ir I 430 U CJCSI Joint Spectrum Interference Resolution 27 Jan 06 S h U 3320 02C Joint Spectrum Interference Resolution 27 Jan 06 U 33 l U Situation 35 b U Friendly See Appendix J 36 U Command Centers See Appendix J 37 I Provides 38 bme 39 4O 41 42 U Systems Experts 43 U Network Management and Payload Control 44 45 UWWE I 46 I 47 U Focal Point for implementation of Commanderl b 7 E I 48 requirements I bme I 49 I 50 UIIWWE 51 bxvxE 52 53 54 U System Expert 55 Network Management and Pavload Control 56 bme 57 C U 58 U Focal Point for Uni ed Commander SMC for authorized 59 networks Uni ed Commander communications planners for requirements 60 4 U1 WE I 61 bumsSECRET 66 U System Expert 67 U Network Monitoring and Payload Control 68 U 69 U Focal Point for Uni ed Commander 7O USSTRATCOM Command Center Joint Staff U System Expert 81 82 U Network Monitoring and Payload Control 83 84 85 U Focal Point for Commander Reuirements Individual 86 Uni ed Commander communications planners or 87 U I 88 89 6 U Other Government and Commercial Satellite Communications 90 9 1 92 93 2- U Mission Provide command and control connectivity for USSTRATCOM 94 operations on a global basis in support of peacetime OPLAN and contingency 95 operations 96 3 U Execution Command and Control C2 of USSTRATCOM assets by 97 their global nature is highly dependent upon military and civilian satellite 98 communications systems USSTRATCOM assists the war ghting Commanders 99 to ensure effective utilization of these systems by coordinating with the Joint 100 Staff and the various System Experts 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 a U Concept Operations Command Control and Communication C3 support Idelineated in the execution paragraph of the base plan b U Tasks 1 U USSTRATCOM Execute oversight of assigned SATCOM in support of the CJ CS Combatant Commands and other agencies - U Evaluate health and status of theater SATCOM systems and develop options for spacecraft movements and or payload con gurations U Recommend spacecraft movements to satisfy war ghting Combatant Commander's SATCOM requirements U Recommend SATCOM payload recon guration when satellite anomalies occur U Propose SATCOM payload con gurations to provide support to CJ CS Combatant Commands and other federal agencies U Recommend augmenting C3 requirements with commercial and Allied SATCOM resources when Military SATCOM is not suf cient U Provide SATCOM support for theater operations through EMU Sec 1 7 e U Develop SATCOM analysis based on developed supporting plans for the Commander and Joint Staff U Develop alternative solutions for identi ed shortfalls U Reassess and evaluate SATCOM environment and adjust plans as needed 2 U Su orted Commands Identif ace related C3 and SATCOM reouirements to Sec 1 7 e 3 U Component Commands Be prepared to execute the C3 portions of this plan as modi ed by CDRUSSTRATCOM SE-GR-EIF 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 c U Special Measures All task organizations will use standard Information Security INFOSEC procedures and equipment For joint actions other than normal operations with Uni ed and Speci ed Commands the Intertheater COMSEC Package ICP will be used 4 U Administration and Logistics a U Logistics N b U Administration The USSTRATCOM Knowledge Integration Web SKIWEB home page is the primary administration tool and can be accessed directly via SIPRNET 5 U Command and Control a U Command Relationships See 8039 Annex J b U Command Control Communications Svstems See Appendices Appendices 1 Information Assurance Not Used 2 - Satellite Communications Not Included 3 - Defense Courier Service Not Used 4 - Foreign Data Exchange Not Used 5 Electromagnetic EM Spectrum Management Not Used Kevin P Chilton General USAF Commander OFFICIAL I CAPTAIN USN Director C2 and Communications Systems K-5 INTENTION ALLY BLANK HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 26 February 2008 ANNEX TO USSTRATCOM CONPLAN 8039 U OPR JFCC SPACE SPACE OPERATIONS U U References a U National Space Policy Oct 06 S b U National Security Space NSS Protection Strategy U CJCSI 3121 01A Standing Rules of Engagement Standing Rules of for US Forces 13 Jun 05 U SRUF d U DOD Directive 3100 10 Space Policy 9 Jul 99 U e U DOD Directive 1 Information Operations 14 Aug 06 S f U Joint Pub 1-02 Department of Defense DOD Dictionary of Military 85 Associated Terms 12 Apr 01 U g U DODI 3100 12 Space Support 14 Sep 00 U h U DODI 3100 14 Space Force Enhancement 12 Jan 01 U i U DODI 3100 15 Space Control 19 Jan 01 U j U Joint Pub 3-14 Joint Doctrine for Space Operations3-13 Joint Doctrine for Information Operations 13 Feb 06 U I U USSTRATCOM Commander's Strategic Concept U United States Strategic Command Sec 1 7 e REL n U STRATCOM DIRECTIVE SD 505 3 Space Support to the Joint Force Commander Designated Space Coordinating Authority515-2 ITWAA Procedures and System Description 03 Oct 05 SECRET p U SD 523-2 Theater Event System Architecture and Ops q U The Commission to Assess United States National Security Space Management and Organization Final Report 2001 U r U AFDD 2-2 1 Counterspace Operations 2 Aug 04 U s U AFDD 2 5 Information Operations 11 Jan 05 U t U 3-1 28 Tactical Employment Space Mar 05 S NF 11 U Space Capstone Threat Assessment March 2006 NAIC SECRET MR v U Horizontal Command and Control 02 Integration H021 Concept of Operations CONOPS 20 Dec 05 N-2 59 1 U Situation 6O 61 a U General 62 63 1 US Cyber Operations are a strategic asset 64 of the United States supporting US National Security Objectives This annex 65 provides an overview of relevant space operations and effects supporting 66 operations executed under CONPLAN 8039 2 WW Some cyberspace capabilities operate in 75 and through the space environment I 76 Sec 1 4 Annex Intelligence sec 13 I W The architecturelwmSec1 4 a 89 I 90 may be different in every GCC Current USSTRATCOMIHSEW Sec 14 9 I 9 1 Sec 1 4 a 92 93 94 capabilities are brie y described below 95 96 USA AUS GBR 97 I 98 Sec 1 4 a 99 100 2 Sec 1 4 a I 101 102 3 bx1 Sec 1 4 a I 103 104 REL USA AUS GBR 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 Sec 1 4 a Sec 1 4 a Sec 1 4 a Sec 1 4 a I Sec 1 4 a C W Sec 1 4 a I A Sec 1 4 a I Sec 1 4 a Sec 1 4 a IAnalyseS 3 Best accuracy bm 33 14 3 I 2 Additional capabilities Refer to law Sec 1 4 a I d U Assumptions Refer to Base Plan 2 U Mission Refer to Base Plan and Annex Operations 3 U Execution Refer 4 U Administration and Logistics WW Services are reSponsible to support forces tasked in this Annex Requirements that cannot be met by a respective service will be coordinated with USSTRATCOM b U Reference Base Plan for additional logistics information 5 U Command and Control a U USSTRATCOM has delegated FCC SPACE to provide space mission expertise to plan support integrate assess and efforts for USSTRATCOM and other combatant commander s operational level requirements for space control operations b U CDRUSSTRATCOM has assigned CDR JFCC SPACE as the GSCA to ensure unity of effort by coordinating developing and conducting operational- level Space campaign planning including contingency and crisis action adaptive planning and COA development and strategy development in SEQ-REF 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 SEGR-EF support of USSTRATCOM and other Combatant Commanders The GSCA is the commander designated by CDRUSSTRATCOM to have Coordinating Authority CA for the conduct and coordination of global space operations CA is a speci c consultation relationship between military commanders and other agencies not an authority by which command and control may be exercised As such the commander who has been designated as the GSCA can require consultation between the agencies involved but cannot compel agreement CDRUSSTRATCOM will specify the common tasks to be coordinated in the establishing directive without disturbing normal organizational relationships in other matters c U The role of the Space Coordinating Authority SCA is described and de ned in Joint Publication JP 3-0 and Strategic Command Directive SD 505-3 Space Support To Joint Force Commander Or Designated Space Coordinating Authority JP 3-0 de nes the SCA as being responsible for coordinating and integrating space capabilities in the operational area and has primary responsibility for joint space operations planning to include ascertaining space requirements within the joint force The SCA normally will be supported by assigned or attached embedded space personnel The processes for articulating requirements for space force enhancement products are established and speci cally tailored to the functional area they support and result in prioritized requirements The SCA recommends prioritized space force enhancement requirements to support the Joint Force Commander's mission and intent Utilizing reachback through the FCC Space at the Joint Space Operations Center direct support relationships are established to provide optimal support to the Joint Force Commander integrating and space effects within the Joint Force Commander's Joint Operations Area To ensure prompt and timely support the supported GCC and CDRUSSTRATCOM may authorize direct liaison between the SCA and applicable component s of USSTRATCOM Joint force Service component commands should communicate their requirements to the SCA or designated representative to ensure that all space activities are properly integrated and d U C4 Systems Refer to Base Plan and Annex C4 Systems e U Refer to Base Plan and Annex Command Relationships for additional Command and Control information 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 Kevin P Chilton General USAF Commander OFFICIAL WILLIAM L SHELTON Lieutenant General USAF Commander JFCC SPACE SEGR-EZF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 28 February 2008 ANNEX TO USSTRATCOM CONPLAN 8039 U U OPR JFCC NW J59 Sec 1 7 e 1 2 3 4 5 U References Refer to the Base Plan 6 7 8 1 Situation This annex capabilities to support CONPLAN 8039 10 2 U Mission Refer to the Base Plan 12 3 U Execution 14 a U Concept of Operations 16 1 anm Sec 1 4 a I 17 prOVideS guidance forming and execution in CONPLAN 8039 This 18 document identi es to planners that USSTRATCOM has chosen tol b 1 Sec 1 4g 19 W1 Sec 1 4 a 23 includes Appendices and Tabs that addresses how apportioned and non 24 apportioned 2 5 Sec 1 4 a I 26 capabilities and would be included in Sec 14 3 I 27 I The complete annex is available on the HQ 28 USSTRATCOM PDAS Website wcess is required to review the annex 29 4 U Administration and Lo'stics Refer to the Base Plan and Exhibit 4 30 Logistics for each in the annex 31 5 U Command and Control Refer to Base Plan Annex Command 32 Relationships and Exhibit 5 Command and Control for eachn 33 the annex Kevin P Chilton General USAF Commander OFFICIAL Mark H Owen Brigadier General USAF Director Plans and Policy 8 2 SEC-REF HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 26 February 2008 ANNEX TO COMMANDER USSTRATCOM CONPLAN 8039 U U OPR INTERAGENCY COORDINATION U References a U Joint Publication 1-02 Department of Defense Dictionary of Military and Associated Terms 12 April 2001 As Amended Through 20 March 2006 b U Joint Publication 3-0 Joint Operations 17 Sep 06 c U CJCS Manual 6510 1D Defense in Depth Information Assurance IA and Computer Network Defense CND U 25 Mar 03 Including Ch 1 10 Aug 2004 current as of 18 Mar 2005 d U APPENDIX 12 TO ANNEX OPERATIONS TO JTF-GNO OPORD 05-01 Global Network Operations INFORMATION OPERATIONS CONDITION INFOCON EXECUTION PROCEDURES C Rel USA AUS CAN GBR NZL 22 May 06 e U Horizontal Command and Control C2 Integration H021 Concept of Operations CONOPS S Rel USA AUS CAN GBR 20 Dec 05 f U Presidential Decision Directive-62 PDD-62 Protection Against Unconventional Threats to the Homeland and Americans Overseas 22 May 98 g U Presidential Decision Directive 63 PDD-63 Critical Infrastructure Program 22 May 99 h U National Security Policy Directive 1 Organization of the National Security Council System 13 Feb 2001 i U National Security Policy Directive 44 Management of Interagency Efforts Concerning Reconstruction and Stabilization 7 Dec 2005 j U 2004 National Response Plan NRP Cyber Annex Dec 04 V-1 SEC-REF 39 k U Homeland Security Presidential Directive 1 Organization and 40 Operation of the Homeland Security Council 29 October 2001 41 42 l U Homeland Security Presidential Directive 7 Critical Infrastructure 43 Protection 17 December 2003 44 45 m U Homeland Security Presidential Directive 8 National 46 Preparedness 17 December 2003 47 48 n U JP 3-08 Vol I 85 II Interagency Intergovernmental Organization 49 and Nongovernmental Organization Coordination During Joint Operations 17 50 March 2006 51 52 0 U National Infrastructure Protection Plan 22-23 Aug 2006 53 p U Trilateral Memorandum of Agreement among the Department of 54 Defense the Justice Department and the Intelligence Community Regarding 55 Computer Network Attack and Computer Network Exploitation Activities 56 JD-IC MOA 9 May 07 57 q U Memorandum of Arrangement between The Department of Defence 58 of Australia The Ministry of Defence of The United Kingdom of Great Britain 59 and Northern Ireland and The Department Of Defense of The United States of 60 America on Information Operations Data Exchange 6 May 03 61 r U 2008 National Response Framework NRF 62 s U DODD 3025 1 Military Support to Civil Authorities January 15 63 1993 64 t U JP 3-28 Civil Support September 14 2007 65 1 U Situation 66 a U General 67 I U Statement This Annex provides the basis for interagency 68 coordination for Cyberspace Operations It de nes the roles and interagency 69 relationships among United States U S Strategic Command USSTRATCOM 70 Department of Defense DOD organizations non-DOD U S Government 71 agencies and civilian entities as they pertain to supporting CONPLAN 8039's 72 Sec 1 7 e 73 74 W Sec 1 7 e 75 U V-2 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 Sec 1 7 e SECRET C Sec 1 7 e I 2 U Politico-Military Situation U S reliance on computer systems and networks is vital to commerce and prosperity and is a critical capability of the nation s power Since adversaries can conduct malicious activities that may jeopardize US interests including mission accomplishment and operations CDRUSSTRATCOM requires proactive and cooperative interagency working arrangements with all agencies involved in cyberspace operations It is imperative that support be given to the deliberate planning process to ensure interagency coordination is formalized and communicated to all those involved in cyberspace operational missions I 3 U Policy Coordination U National Security Council NSC Policy Coordination Committees PCCs Due to its transnational scope CONPLAN 8039 can affect any of the six regional or 11 functional NSC PCCs However the primary NSC PCCs affected by CONPLAN 8039 are U Defense Strategy Force Structure and Planning chaired by the Secretary of Defense 2 U Counter-Terrorism and National Preparedness chaired by the Assistant to the President for National Security Affairs U Proliferation Counter proliferation and Homeland Defense chaired by the Assistant to the President for National Security Affairs U General Guidance The following highlights general functions for staff directorate coordination activities U Coordination Authority JP 1 02 de nes coordinating authority as commander or individual assigned responsibility for coordinating specific functions or activities involving forces of two or more Military Departments two or more joint force components or two or more forces of the same Service The commander or individual has the authority to require consultation between the agencies involved but does not have the authority to compel agreement In the event that essential agreement cannot be obtained the matter shall be referred to the appointing authority Coordinating authority is a consultation relationship not an authority through which command may be exercised Coordinating authority is more applicable to planning and similar activities than to operations 2 U Coordination Relationships USSTRATCOM Will provide the nature of interagency coordination activities and the service categories SECRET V-3 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 SEC-REF Each agency may participate in operations operations support and support as de ned below a U Operations Actions by agencies to help direct and coordinate the plan's see para 1 a above Interagency coordination for CONPLAN execution is delineated in the Base Plan organization and task See the Base Plan I U Operations Support Actions by agencies to provide Indications and Warning analytical support tools and other services 9 U Support Actions by agencies to provide policy doctrine guidance standards research and development and other general support for the cyberspace operations mission 4 U Planning and Execution Coordination The interconnected and critical nature of the Defense Information Infrastructure DII to the National Information Infrastructure NII the Global Information Infrastructure G11 and the GIG fundamentally increases the risk environment for the DOD computers and computer networks of the GIG In this environment there is a shared risk beyond control that extends globally across networks to include the NH G11 and GIG and geographic boundaries Cyberspace defense in this complex environment requires an organization to understand the dynamics of information processing to deveIOp and maintain current situation awareness supported by a Common Operational Picture COP and maintain unity of effort and command To ensure effective cyberSpace operations Commander USSTRATCOM must coordinate regularly with other DOD non-DOD agencies and through the Chairman Joint Chiefs of Staff CJ CS and Joint Staff J S to the POTUS SECDEF and Cabinet Departments to incorporate where applicable all guidance perspectives and available information on cyberSpace operations These include agencies and organizations within DOD federal government agencies state and local government commercial and civilian organizations Interagency coordination will be critical to the support of current POTUS and SecDef directives such as Presidential Decision Directive and and the National Continuity of Operations Plan Commander USSTRATCOM will plan develop and provide recommendations through the CJCS and I Sec 1 7 e b U Assumptions Refer to the Base Plan c U Legal Considerations See Base Plan and Appendix 8 Rules of Engagement to Annex Operations SW Mission Refer to the Base Plan 156 3 U Execution SEC-R511 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 SEC-REF a U Concept of Operations The primary objective of interagency coordination is effective operational execution of the DOD strategic global cyberspace operations mission Interagency coordination is absolutely vital to achieving this objective Commander USSTRATCOM will use interagency coordination to 0 U Assist USSTRATCOM bers ace mission planning and execution supporting the plans I 0 U Leverage the operational value associated with unity of command 0 U Improve operational situation awareness and information sharing Coordinate decon ict and integrate mutual initiatives to include the use of the le1 Sec 14 3 - Sec 1 4 a I 1 U Commander s Intent USSTRATCOM Commander s Intent by be found in the Base Plan Within the Base Plan interagency coordination with respect to planning and authorities is a key event SH-HEW Planning USSTRATCOM may also require I USSTRATCOM will also work with the Of ce of the Secretary of Defense 08D and Joint Staff to W Sec 1-4ta Sec 1 I Authorities Independent of the scale of the cyber engagement criteria the authority will increase as the cyber engagement criteria grows in sophistication the cyber engagement criteria may Sec 1 4 a 2 U Due to the transregional scope of CONPLAN 8039 interagency support will be tailored 17 9 Generally interagency 9C is focused on W Sec jRefer to the Base Plan for Sec 1 4 a cyberspace by understanding 33 14 3 Sec 1 4 a partners will I During this in conjunction with the agency Sec 1 7 e U Continue conducting NetOps mission Continue to develop and re ne cyberspace plans Interagency partners as appropriate 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 a W Continue to assist in de ning the DOD requirements from other agency partners 33 Elam Sec 1 4 a 4 USA AUS Sec 1 4 a W Continue 1 Sec 1 4 a lbw Sec Iwith situational awareness of cyberspace mission SHREL-U-SAT-A-U-STGB-R the Base Plan for military Operations associated with this W1 Sec 1 4 a I I USSTRATCOM in conjunction with the agency partners will i S REL USA AUS GBR 2 W 7 situational awareness to CDRUSSTRATCOM and Sec 1 4 a I M1 Sec 1 4 a I 3 Planl b 1 Sec 1 4 a and other agency 3 W933 Support and facilitate ners lagency W Provide updated interagency assessment to CDRUSSTRATCOM 6 SW Em Sec 1 4 a 1 Sec 1 4 a Sec 1 4 a Em Sec 1 4 a Sec 1 4 a partners mam Sec 1 4 a to Annex A Task 390 14 3 for more information about Sec 1- eratjons 0 WW to the Base Plan for military Operations associated with this Sec 1 4 a in conjunction with the agency partners will i W operations SEC-REF V-6 SEC-REF 235 2 236 cyberspace situational awareness to CDRUSSTRATCOM and Staff as well as 238 W 239 hm sec as appropriate in 33 14 3 other agency partners 240 4 WW Support and facilitate processing 241 Ito and from agency partners 242 U WW Provide updated interagency 243 assessment to the Commander 244 anm 33 14 planning and 245 operations through support to applicable planning and operations groups 246 W Refer to the Base Plan for 247 milit erations associated with this ency 248 effort mm Sec 249 Sec 1 4 a 250 251 252 W1 53 USSTRATCOM 253 in conjunction with the agency partners will 254 SW Continue 255 at appropriate 256 2 W Facilitate 257 operations through effective interagency coordination 258 3 W Support USSTRATCOM 259 p1anning and operations 260 U 4 SW Provide updated assessments to 261 the Commander and agency partners 262 5 W Anticipatel xl Sec 1Ma 263 andl bX 39 operations 264 Refer to the Base Plan for 265 military operations associated with this 3 9 eragency coordination focus 266 um Sec 1 4 a I 267 in conjunction with the agency partners will 268 W 269 appropriate 270 U g W Facilitate the execution of DOD 271 support to the primary or coordinating agency s through interagency 272 coordinating as required SECRET SEC-RESP 273 a W Provide updated assessments to 274 the commander and interagency partners Sec 1 4 a 276 U SHREJTUSATAUSTGB-R Provide the Commander with 277 situational awareness of cyber-related transition requirements from DOD and 278 agency partners for mutual support 279 5 W Anticipatellbm39 14 280 Sec 14 3 Ioperations 281 W Provide updated cyber 282 assessments to the commander and interagency partners regarding conditions 283 in 1-409 284 Refer to the Base Plan for 285 military operations associated with this teragency coordination focus 286 is on providing support as applicable and upon 287 Sec 1 4 a 288 in conjunction with the agency partners will 289 i W Continue WW Sec 14 8 1 290 appropriate 291 U 2 W Facilitate the execution of DOD 292 support to the primary or coordinating agency s through interagency 293 coordinating as required 294 WW Provide the Commander with 295 situational awareness of cyber-relatedIWU 3301-403 and 296 agency partners for mutual support 297 1 W Anticipateresults 298 5 W Provide updated cyber 299 assessments to the commander and interagency partners regarding conditions 300 in the Sec 1 4 a 301 b U Tasks and Milestones 302 1 U USSTRATCOM The following guidance concerning 303 CDRUSSTRATCOM command responsibilities is provided to assist deliberate 304 planning and CONPLAN execution 305 U CDRUSSTRATCOM as the lead Combatant Commander for 306 cyberspace operations and planning advocates cyberspace requirements for all 307 Combatant Commanders plans and develops national cyberspace operational 308 requirements conducts cyberspace operations planning and operations and 309 supports other combatant commander cyberspace operations efforts 310 CDRUSSTRATCOM will focus on planning policy processes mission 311 coordination and integration activities associated with the 312 cyberspace operations mission Combatant Commands Services Agencies SEC-REF V-B 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 As components and supporting forces will focus on operational mission execution CDRUSSTRATCOM will interact with As to include but not be limited to the Joint Staff SecDef the Intelligence Community IC Law Enforcement LE Agencies National Infrastructure Protection Center NIPC and the Department of Homeland Security DHS to integrate support and continuously improve the DOD's cyberspace operations processes W We Sec 1 4 a conce t USSTRATCOM ma deSignate alead component to establish b 1 Sec to plan collaborate and deconflict operations for each scenario provided Sec1 4 a I Sec 1 4 a Sec 1 4 a lcyberspace operations in support of the combatant commander's desired objectives 1 33 1 4 a will be offered the opportunity to assist I Sec 1 4 a concurs will be evaluated and adjudicated by CDRUSSTRATCOM members are requested to leverage their agency's or organization's abilities to support the commander's objectives I military control and under SecDef-delegated military authorities 2 WT-GER Close liaison With all I bxnseCl llal Sec 1 4 a evolve to meet these requ1rements W Forl W1 Sec We the lead USSTRATCOM component for the operation will provide the opportunity to physically and or virtually participate in all planning activities and provide a secure and trusted environment that fosters transparency of operational equities The W3 serve the following purposes a- W Assist in Sec 1 4 a I W Provide information in support Ito Combatant of Sec 1 4 a Commanders customers planners and operators SEC-REF V-9 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 SEC-REF recommendations for the Sec 1 4 a Sec 1 4 a Participate in and make U Assist in coordination collaboration and decon iction or courses of action in response to combatant commander s requirements for both deliberate and crisis action planning U W Consider advise and recommend solutions on all risks posed by planned or ongoing operations I U Act as a representative authority or liaison as determined by each member's organization or agency on issues related to or surfacing from planned or on-going operations U g SW Assist in the formal coordination between the lead USSTRATCOM component and interagency senior of cials which must also be in coordination with the Joint Staff W An adjunct membership to the Sec 1 4 a I Sec 1 cyberspace operations in some cases with differing restrictions or legal requirements The Sec 1 4 a cyberspace env1ronment i W Them Sec 14 8 lat and other participants as invited to assess and 1 1 Sec 1 4 a authority level or make recommendations for Sec 14 3 does not have approval authority U HQ USSTRATCOM 2 and Components will coordinate with the IC and its apprOpriate organizations to identify manage monitor and advocate for cyberspace intelligence requirements standardized reporting m1 390 17 3 - and general intelligence support In addition speci ed component s will alsol xl 59 17 9 39 17 3 activities to focus monitorin collection and analysis activities The primary goal is to provide and value added analysis for the CDRUSSTRATCOM to conduct global cyberspace missions lead U USSTRATCOM will organize advocate and coordinate cyberspace operational exercises across As USSTRATCOM will advocate for standardized training and education requirements and coordinate cyberspace operational modeling and simulation efforts with applicable SEC-REF 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 SEC-REF agencies USSTRATCOM will conduct deliberate and crisis action planning and produce a Joint Readiness Review J MRR for the DOD cyberspace operational mission and force structure This will be based in large measure on inputs from the FCC NW the JTF GNO JIOWC and also on frequent interaction with As U USSTRATCOM will develop coordinate and advocate for cyberSpace operations deliberate planning concepts policy doctrine land mission-level requirements In addition USSTRATCOM will assist in development and support of command and DOD partnerships with selected industry academia and allies including development of the necessary Memoranda of Agreement Understanding This will include establishing policies and resolving policy issues U USSTRATCOM will support development of partnerships and relationships with DOD and non-DOD agencies private industry and coalition partners In addition USSTRATCOM will help develop and advocate for common education training and awareness standards for users operators and administrators Finally they will help ensure cyberspace operational requirements are re ected in plans requirements and Courses of Action COAQ U The USSTRATCOM 006 will provide the required legal interpretations liaison related services and inputs to support this plan J006 will interpret appropriate legal policies and procedures in the development of partnerships and relationships with DOD and non-DOD agencies private industry and coalition partners and allies 006 will also work closely with the LE centers in developing potential COAs which fall under appropriate LE authorities and coordinate with LE legal staffs 2 U Coordination with Combatant Commanders U JTF GNO U JTF GNO has directive authority with DOD agencies other than IC agencies to counter strategic global network attacks and intrusions and has coordinating authority for responding to attacks and intrusions directed at DOD intelligence networks The coordinating authority with respect to DOD Intelligence networks shall be exercised consistent with the Defense Criminal Investigative Service s responsibility for the network security for intelligence systems 2 U JTF GNO receives agency incident reports and responses in compliance I land national directives as appropriate JTF GNO also coordinates with the Sec 1 7 e Sec 1 7 e Sec 1 7 e Ito maintain status of DOD IC networks and signi cant incidents or threats to those networks The IC will SECRET V-11 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 SEC-REF exercise management and security oversight of the DOD IC networks while maintaining routine coordination with and reporting to JTF GNO U JTF GNO also supports and coordinates with the National Response Coordination Group on behalf of USSTRATCOMinteragency forum where organizations responsible for a range of activities technical response and recovery law enforcement intelligence and defensive measures coordinate for the purposes of preparing for and executing an ef cient and effective response to a cyber incident 4 U Sec 1 7 e IJTF GNO cyberspace Sec 1 7 e 17 9 Iadministrative logistics resource management public affairs and personnel support JTF GNO maintains an Sec 1 7 e may provide operational and technical analytical resources to augment JTF GNO Sec 1 7 e I f ceives operational direction from JTF GNOfull-time LE Center for coordinating LE CI activities in support of cyberspace operations DOD LE agencies have assigned full and or part time LE agents to support the JTF GNO mission from each of the LE agencies including Naval Criminal Investigative Service Defense Criminal Investigative Service Air Force Of ce of Special Investigations AFOSI Army Criminal Investigations Command and Army Intelligence and Security Command A SJA provides necessary legal advice to the Commander FCC NW Commander JTF GNO and their staffs The SJA works closely with the LE Center in developing potential COAs which fall under appropriate LE authorities and coordinates with LE CI legal staffs WW JFCC NW See Annex J Command Relationships c U Coordinating Instructions This CONPLAN cannot task the Interagency partners The following are recommendations for the conduct of the CONPLAN 8039 mission 1 U USSTRATCOM Coordination Activities Within mission and resource constraints USSTRATCOM will coordinate with appropriate national agencies As and other agencies for cyberspace operations planning and execution USSTRATCOM will coordinate with the following organizations SECRET V-12 480 481 482 433 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 U Sec 1 7 e 1 Sec 1 7 e U Intelligence Community IC Provide USSTRATCOM with intelligence standards policy and guidance for intelligence support for cyberspace operations and foreign disclosure 0 U National Infrastructure Protection Center NIPC Provide USSTRATCOM with NH and LEA alerts and warnings federal agency and private sector coordination and decon iction forensic analysis LE advice and support NII situational awareness COP reporting for cyberspace operations standardized processes and procedures GIG coordination decon iction intelligence warning I85W and planning and execution support U Of ce of the Assistant Secretary of Defense Networks and Information Integration NII will provide USSTRATCOM with DOD policy oversight and guidance and support C31 Computers Intelligence Surveillance and Reconnaissance C4ISR resource priorities for cyberspace operations In addition will provide Information Assurance IA training and certi cation standards Information Technology architecture standards acquisition support and research and technologi CDRUSSTRATCOM will coordinate with N11 to advocate A cyberspace operations requirements and priorities coordination feedback and policies U Joint Staff J S Provide USSTRATCOM with rules of engagement ROE cyberspace operational requirements validation joint policy and doctrine joint exercise support and plans and policy support USSTRATCOM will coordinate with the for cyberspace operational execution combatant commander cyberspace operational requirements and resource priorities C4ISR training readiness plans and policy coordination and situational awareness SA U Supporting Combatant Commanders Provide USSTRATCOM with operational impact assessments cyberspace operational plans operations and Information Security INFOSEC implementation cyberspace operations resource requirements and priorities cyberspace operations reporting Information Operations Condition INFOCON implementation and component cyberspace operations readiness USSTRATCOM will coordinate with all Combatant Commanders for planning operations and resource requirements cyberspace operational integration coordination and decon iction cyberspace operations intelligence warning attack assessment and situational awareness U Services Provide USSTRATCOM with operations impact and technical assessments plans operations and INFOCON implementation resource priorities and requirements cyberspace operations readiness and SEGREF 3 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 SEC-REF reporting and LE CI intelligence support USSTRATCOM will coordinate with the Services for intelligence and vulnerability information red teaming cyberspace operational integration intelligence and attack assessments The Services will advocate their requirements and priorities contribute to overall situational awareness conduct cyberspace Operations coordination and ensure systems and operations integration and decon iction Provide USSTRATCOM Sec 1 7 e UJI W1 Secl1-P f bvide CDRUSSTRATCOM bxn Sec 1 7 e 1 Sec 1 7 e Sec for requirements and priorities standards policy and procedures operational direction and situational awareness U Sec 1 7 e Sec 1 7 e U Law CI DOD agencies will provide USSTRATCOM with full and or part time LE agents from each of the LE agencies including NCIS DCIS AFOSI USACID and INSCOM Sec 1 7 e V-14 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 SEC-RESP U Department of State DOS Coordinate and provide guidance for COAs requiring diplomatic action or have diplomatic rami cations U Department of Commerce DOC Coordinate and provide guidance for COAs requiring economic action or have economic rami cations 0 U Department of Justice DOJ Per ref n in exceptional circumstances and with appropriate authorization military forces may also conduct missions to help the Department of Justice or other Federal law enforcement agencies LEAs assist federal state or local LEAs Accordingly USSTRATCOM could be called upon to coordinate and provide guidance for cyber related COAs requiring legal action or have legal rami cations U Department of Homeland Security DHS U Coordinate with USSTRATCOM and provide guidance for COAs related to homeland security and the protection of the United States 2 U Per ref Department of Homeland Security Infrastructure Analysis and Infrastructure Protection National Cyber Security Division NCSD will act as the focal point for the security of non DOD US interests in cyberspace for purposes of analysis warning information sharing vulnerability reduction mitigation and aiding national recovery efforts for critical infrastructure information systems U In conjunction with the DOS DHS will coordinate with USSTRATCOM and the interagency community to work with foreign countries and international organizations to strengthen the protection of US critical information infrastructures and those foreign critical information infrastructures on which the United States relies and may impact DOD networks U USNORTHCOM USSTRATCOM will coordinate with USNORTHCOM for domestic cyber related incidents which will likely result in requests for assistance RFAs from other federal state tribal and local agencies if their capabilities are exceeded The Primary Agency in need of cyberspace support submits a Request for Assistance RFA to the Of ce of the Secretary of Defense OSD Executive Secretary for planning and assessment if established the Defense Coordinating Of cer DCO will validate the requirements on the RFA the RFA will be forwarded to the Joint Director of Military Support JDOMS and the Assistant Secretary of Defense for Homeland Defense a copy is provided to USNORTHCOM J3 DOMS produces an EXORD for approval and the Secretary of Defense SECDEF in coordination with approves it and DOMS issues the SECDEF-approved EXORD When directed USJFCOM in coordination with USSTRATCOM provides conventional forces to the Commander US Northern Command for Defense Support of Civil Authorities in support of other Federal state tribal and local government agencies for cyber related domestic incidents SECRET 5 606 607 608 609 610 611 612 613 614 615 616 61 7 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 SECRET 2 U Additional USSTRATCOM Coordination Activities U Joint Activities Joint Activities can provide a wealth of information enabling tools data and analysis to enhance ability to identify critical nodes networks and other points of in uence regarding adversaries and US vulnerabilities that can affect US interests in cyberSpace Some of the Joint Activities that USSTRATCOM can leverage when planning for cyberspace operations are the Joint Warfighting Center Joint Warfare Analysis Center Joint C4ISR Battle Center Joint Program Of ce for Special Technical Countermeasures J PO-STC National Defense University NDU and Service War Colleges Defense Advanced Research Projects Agency DARPA and Space and Naval Warfare Systems Command SPAWAR U Federal Government As stated in ref n The Homeland Security Act of 2002 established the DHS whose mission is to lead the uni ed national effort to secure America by preventing and deterring terrorist attacks and protecting against and resPonding to threats and hazards to the nation As such DHS is the lead federal agency for homeland security While the most visible support occurs during domestic emergencies or major disasters the majority of efforts are directed toward civilian law enforcement or intelligence agencies This assistance is known as civil support within the defense community because the assistance will always be in support of a lead federal agency Requests for assistance from another agency may be predicated on mutual agreements between agencies or stem from a Presidential designation of a Federal Disaster Area or a Federal State of Emergency DOD typically only responds after the resources of other federal agencies state and local governments to include National Guard and GOs have been exhausted or when military assets are required The DOD works closely with other Federal agencies in various domestic arenas In addition to participating in interagency steering groups and councils DOD is a partner in several national level incident management and emergency response plans such as the Federal Response Plan as modi ed by the Initial National Response Plan Cyber Annex It is possible that USSTRATCOM could be called upon to assist in the event of a cyber related disaster or domestic emergency Accordingly USSTRATCOM will coordinate possible supporting efforts and plan with the Critical Infrastructure Assurance Of ce National Security Telecommunications and Information Systems Security Committee Of ce of the Manager of the National Communications System National Institute of Standards and Technology and Department of Energy National Laboratories Outside of JTF GNO's responsibility to coordinate with the as stated above all domestic cyber-related incidents which will likely result in RFAs from other federal agencies will be coordinated through USNORTHCOM U Intelligence Community Intelligence support provides the FC with a timely complete and accurate understanding of the environment and potential adversaries The method for collecting intelligence in support of cyberspace operations is generally the same as that for any other military SECRET V-16 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 SECRET operation and is conducted in accordance with JP 2 01 Joint and National Intelligence Support to Military Operations Managing the cyber intelligence collection analysis production and dissemination for a CONPLAN 8039 crisis action may be complicated by non-USG civilians especially members of IGOs and NGOs who may be sensitive to the perception that they are being used to gather intelligence This sensitivity may be based on the viewpoint that intelligence gathering is a provocative act and damages an individual s claim to impartiality However general information provided by personnel from IGOs and NGOs may corroborate intelligence gained from other sources Generally the best approach to information sharing with the NGOs and international civilian community is to keep the focus on complete transparency in sharing operational information and developing a shared situational awareness and understanding of the objectives to achieve the mission However classi ed information will only be shared with or released to individuals with the appropriate security clearance and need to know In addition to IGOs and NGOS USST RAT COM will coordinate with the National Intelligence Council and the national intelligence agencies to support intelligence needs set forth in this plan U Coalition Partners Unity of effort is essential to coordinate cyberspace operations in joint and multinational environments requiring coordination not only between Services and US agencies but also among all coalition partners USSTRATCOM must consider cyber related priorities between DOD requirements and those of other USG agencies the country team coalition or UN forces NGOs and any international cyber-related organizations that may be established Close communications should be established with all elements to ensure that their cyberspace requirements are fully understood by the USSTRATCOM lead component to enable effective planning and effective cyberspace operations USSTRATCOM will coordinate with the North Atlantic Treaty Organization NATO and other bilateral and multilateral coalitions as required U Commonwealth Nations The Commonwealth of Nations usually known as the Commonwealth is a voluntary association of 53 independent sovereign states all of which are former possessions of the British Empire except for Mozambique and the United Kingdom itself The Commonwealth is an international organization through which countries with diverse social political and economic backgrounds cooperate within a framework of common values and goals These include the promotion of democracy human rights good governance the rule of law individual liberty egalitarianism free trade multilateralism and world peace Currently USSTRATCOM has two cyber-related agreements with Commonwealth nations 1 W Tri lateral Memorandum of Agreement on 10 data exchange mu Sec 1 4 a 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 71 1 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 SEC-REF and the Department of Defense of the United States of America are signatories of a tri-lateral MOA on IO data exchange The objective of this Sec 1 4 a 2 U International Computer Network Defense Coordination Working Group The International Computer Network Defense Coordination Working Group ICCWG is composed of ve participating militaries Australia Canada New Zealand United Kingdom and United States The ICCWG was established to exchange and conduct multilateral information assurance computer network defense IA CND up to the T0p Secret level for the goal of strengthening information networks to improve the con dentiality integrity and availability of information systems and improve the prediction detection and response capabilities USSTRATCOM 51 is designated as the United States National Lead JTF GNO is responsible for the operational m1ss1on U Educational Activities Far reaching changes are concurrently taking place in every major area of human life perhaps most notably in how we conduct cyberspace warfare Further we expect information technologr to continue its spectacular climb greatly impacting cyberSpace operations Therefore it is imperative that USSTRATCOM engage with educational activities and industry to understand and acquire new cyberspace operational capabilities that may affect DOD cyberspace Some educational activities USSTRATCOM engages with are Sec 1 7 e Sec 1 7 e and Security and Service postgraduate schools - 3 U Indusm Relationships For many of the same reasons outlined above USSTRATCOM engages with educational activities it will also coordinate with industry through the National Security Telecommunications Advisory Committee NSTAC Critical Infrastructure Sector Coordinators and Industry Information Sharing and Analysis Centers USSTRATCOM may selectively establish relationships with industry that leverage councils and committees with both government and industry members These top-level relationships will provide USSTRATCOM with a forum for gaining and sharing insights on common and developing telecommunications and security issues major developments and advanced technologies Industry participants on NSTAC will gain an understanding of DOD requirements and priorities as well as insights into possible synergies between the DOD and industry for cyberspace Operations SEC-REF V-18 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 SEC-RESP 4 U Government-Industrv Forums The USSTRATCOM staff participates in the established 39 17 9 I Sec 1 7 e operations Concurrently National Science Foundation participants gain an understanding of USSTRATCOM technology needs and priorities for cyberspace operations and information assurance 5 U US Army See Annex Command Relationships 6 U Navy Forces NAVFOR See Annex Command Relationships U Marine Forces MARFOR See Annex Command Relationships 8 U Commander Air Force Forces COMAFFOR See Annex Command Relationships 9 U GNOSC The GNOSC consists of the Operations Center and DOD CERT and is co-located with JTF GNO The GNOSC provides both the network operations View to JTF GNO and is the technical arm of JTF GNO via the DOD CERT 10 U JWRAC The JWRAC is assigned administratively to DISA and is under TACON of JTF GNO Comprised of Reserve Component personnel the JWRAC has the mission to conduct analysis of content and data resident on publicly accessible DOD web sites across the full range of military operations Kevin P Chilton General USAF Commander Of cial Mark H Owen Brigadier General USAF Director of Plans and Policy V-19 INTENTIONALLY BLANK V-20 HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113 6500 26 February 2008 2 U ANNEX TO CDRUSSTRATCOM CONPLAN 8039 U 3 U OPR 4 STRATEGIC COMMUNICATION U 5 6 U References Refer to the Base Plan 7 8 a U National Security Strategy of the United States of America 9 March 2006 U 10 b U National Defense Strategr of the United States of America 11 March 2005 U 12 c U National Military Strategy of the United States of America 2004 U 13 d U US National Strategy for Public Diplomacy and Strategic 14 Communication 2007 U 15 e U Presidential Decision Directive PDD 68 30 April 1999 International 16 Public Information U 17 f U 2005 Contingency Planning Guidance U 18 g U Strategic Planning Guidance 22 March 2006 U 19 h_ S Sec 1 4 a 20 Sec 1 4 a 21 1 Sn Rel USA GBR 59 1-4 8 22 Sec 1 4 a I 23 j U Quadrennial Defense Review QDR Execution Roadmap for Strategic 24 Communication 25 Sep 2006 U 25 k U National Strategr to Public Diplomacy and Strategic Communications 26 1 U Situation 27 a U General 28 1 U The United States faces a growing threat from hostile state and 29 non-state actors with the intent and capability to threaten US vital interests Y l Effective SC by the whole of government is critical to deterring attacks by hostile actors America must effectively use words actions and images to demonstrate the country s will and means to impose costs while encouraging restraint According to the 2006 QDR Execution Roadmap the term strategic communication SC is de ned as Focused U S government processes and efforts to understand and engage key audiences in order to create strengthen or preserve conditions favorable to advancing national interests and policies through the use of coordinated information themes plans programs and actions with other elements of national The POTUS directs the nation s overall SC effort Based on Presidential guidance DOS leads America s public diplomacy efforts with foreign state and non-state actors DOD provides extensive lethal and non lethal capabilities that should supplement efforts by DOS and other USG agencies to engage key audiences to advance US interests and policies USSTRATCOM planners must consider that words actions and images from the highest to lowest ranking members of the Armed Forces can profoundly impact the success or failure of USG policies and interests The CDRUSSTRATCOM must be in continuous contact with the leaders in Washington and other Combatant Commanders as required to ensure USSTRATCOM efforts are in concert with the overall USG SC effort pursuant to Presidential guidance 2 U USG Guidance USG guidance is uid in nature responsive to the global gee political situation internal US politics mood of the American populace and opinions of key US and world leaders USG policies and objectives are delineated through Speeches statements and documents by the POTUS Secretary of State Congress and other in uential leaders USSTRATCOM SC efforts should support the new US National Strategr for Public Diplomacy PD and Strategic Communication dated June 2007 which provides three strategic objectives for engaging foreign audiences 1 America must offer a positive vision of hope and opportunity that is rooted in our most basic values 2 With our partners we seek to isolate and marginalize violent extremists who threaten the freedom and peace sought by civilized people of every nation culture and faith 3 America must work to nurture common interests and values between Americans and peoples of different countries culture and faiths across the world The 2006 N88 establishes eight national security objectives 1 To champion human dignity 2 To strengthen alliances against terrorism 3 To defuse regional con icts 4 To prevent threats from weapons of mass destruction 5 To encourage global economic deveIOpment 6 To expand the circle of development 7 To cooperate with the other centers of global power and 8 To transform America s national security institutions to meet the challenges and opportunities of the 'I wenty First Century Additional clari cation on national objectives as they pertain to speci c hostile state and non state actors are available via multiple open source channels 3 W Countrv Regional Perspective Military planners must consider the perceptions attitudes and beliefs of each actor or Y-2 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 target audience Although communications may be conducted in space or cyberspace the target audiences reside within Geographic Combatant Command GCC areas of responsibility Every country and region across the globe is unique with varying opinions and attitudes Sec 1 4 a le 39 land the respective Geographic Combatant Command s Public Affairs Of ce SC Working Group and Joint Interagency Coordination Group b U Adversary See Annex I Sec 1 7 e c U Friendly 1 U See Base Plan for the general friendly situation 2 U The DOS-led SC and PD Policy Coordinating Committee PCC supports USG policy and interests as directed by the POTUS In June 2007 this interagency committee published the US National Strategy for Public Diplomacy and Strategic Communication under the guidance of Amb Karen Hughes This strategy which supplements the N88 and NMS provides overarching USG guidance for US diplomatic and communication efforts A DOD link to the State Department is the DOD Strategic Communication Integration Group SCIG Secretariat which serves as a conduit for the Combatant Commands to surface SC issues for interagency consideration via an Executive Committee to the Deputy Secretary of Defense Other conduits to the State Department include joint inter-agency task forces joint inter agency coordination groups political advisors and for USSTRATCOM J5 and JIOWC LNOs at the Pentagon plus conferences meetings seminars and other means as appropriate 4 U Geographic Combatant Commands GCCs The GCCs use varying processes and organizational structures to plan execute and assess SC efforts Based on Department of State DOS and Of ce of the Secretary of Defense Public Affairs OSD PA guidance the GCCs develop themes messages and talking points for target audiences in their AORs USSTRATCOM planners should leverage existing processes and organizations SEGR-EF Y-3 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 such as the GCC SC Working Groups and Strategic Effects Cells Divisions as well as the GCC Support Teams to ensure unity of effort 5 U See base plan and Annex A Task Organization for 8039 s friendly force capabilities which are drawn from USSTRATCOM global mission areas for full-spectrum capabilities sec We 6 U See applicable OPLAN and force deployment lists for the Combatant Commands that will be involved in the operation 7 U Assumptions Refer to the Base Plan 2 U Mission Refer to the Base Plan 3 U Execution a U Concept of Operations 1 W The purpose of CONPLAN 8039 is to ensure that the US military can operate in cyberSpacellb Sec 14 3 I Imam Sec 1 4 a I providing our own forces the freedom of action in cyberspace The USG Sec 1 4 a provides public affairs guidance to the GCC Public Affairs Of ces PAOs reinforcing Sec 1 4 a in coordination'with DOS efforts This annex provides a framework to facilitate the integration and of DOD SC capabilities as part of an overarching USG cohesive effort to accomplish the mission focusing on Sec 1 4 a En 53 14 3 SC efforts should support US strategic objectives and considerations _Ias identi ed in the base plan 2 U Overall Plan Obiectives and End State Refer to the Base Plan 3 WwanSectqa I SC actions sec 14 8 perations- Dav-tO-day operations should emphasize W 3901-40 Sec 1 4 a 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 Sec 1 4 a SC planners are tasked to develop a communications strategy that 5901-4 a Sec 1 4 a power to be effective Sec 1 4 a coordinated with the applicable 5901-418 The planning execution and assessment of SC actions lshould be closely mu Sec 1 4 a 4 WHMU Sew-4 3 SC planners should revise SC actions based on assessed success or failure to achieve desired Sec 1 4 a 5 USA AUS Sec 1 4 a 6 1 SC efforts will continue Sec 1 7 e conduct of operations in Cyberspace SC actions should focus on lmm 59 1 Sec 1 7 e 7 Sec 1 4 a I The overall SC effort I Sec 1 4 a SEGR-EF Y-5 208 209 210 21 1 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 Sec 1 4 a 8 Wu Sec 1 4 a Sec 1 4 a USSTRATCOM will Sec I In addition USSTRATCOM will provide support to the effected GCC as required for Sec 1 4 a U Desired SC Effects which help or Sec 1 7 e U Minimize adversary cyberspace activities to conduct aggressive actions against US interest cyberspace activities by adversaries Sec 1 7 e supported by the following actions 2 SW Sec 1 4 a Cyberspace Sec 1 4 a 3 W Conduct cyberspaceEW Sec 1 4 a W W1 Sec 1 4 a lcyberspace Sec 1 4 a U a W Protect and defend friendly information systems and content SEGR-EIF 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 W W1 390 14 a Sec 1 4 a cyberspace capabilities 9 W USSTRATCOM Role Sec 1 4 a have been tailored for audiences in their AORs USSTRATCOM SC planners should also leverage the habitual working relationships between the IOWC and the GCCs to ensure unity of effort 10 W1 End State The common end-state for all mm Sec 1 4 a 11 U Speci c Guidance U The SC goal is for DOD to plan integrate disseminate and 39 17 6 Sec 1 7 e U CDRJIOWC is SC lead and as such must be kept informed of all USSTRATCOM 59 17 9 In times of crisis the IOWC Operations Center OPCENTER will maintain continuous contact with the USSTRATCOM Headquarters HQ GOC USSTRATCOM senior leadership POLAD and FAQ The entire IOWC will be matrixed as required to support SC planning execution assessment and decision making The JIOWC 880 17 8 I Sec 1 7 e Sec 1 7 e USSTRATCOM staff and other personnel working SC 1ssues as requ1red U GCC SC staffs should leverage capabilities such as the USST RAT COM J2 J3 and J5 PAO JFCC NW and IOWC The GCC Support Teams and SSC provide additional sources of SC planning experience across multiple GCC AORs SEGR-EF Y-7 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 32 1 322 323 324 325 326 327 328 329 330 331 332 SEQ-REF W FCC SCC planners should surface key SC related issues especially those involving interagency coordination primarily through the GCCs Joint Interagency Coordination Groups JIACGS POLADs and Strategic Communications Working Groups The CDR IOWC serves as the USTRATCOM link to the DOD SCIG Secretariat The Secretariat holds weekly SC Video-Telecommunication Conferences VTCs attended by the Combatant Commands Joint Public Affairs Support Element and other organizations involved in the DOD SC planning process This VTC provides a forum for planners to surface key SC issues that may impact deterrence operations execution or planning U SC plans must be tailored for diverse target audiences such as Sec 1 7 e I I Sec 1 7 e 12 U Sec 17 9 I SC planners need to determine if the disseminated USG communications Sec 1 7 e Sec 1 7 e IUSSTRATCOM related actions such as key speeches by the command leadership The IOWC via the USSTRATCOM J2 can I Sec 1 7 e I 13 U LOW 33 17 9 the impact of USG communication efforts requires baseline data bylibm 33 17 3 Sec 1 7 e hm Sec we USSTRATCOM maintains a limitedml Sec 17 9 I Sec 1 7 e I b U Tasks 1 U USSTRATCOM Public Affairs Of ce See Annex Public Affairs FAQ will provide PA guidance for the command and conductor 6 i A statements or speeches made by USSTRATCOM leadership SECRET Y-8 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 coordinates the development of PA guidance to include talking points with and other Combatant Commands as required 2 U JIOWC JIOWC will coordinate SC planning efforts with the GCCs JIOWC provides SC planning support to USSTRATCOM components and GCCs as required During crisis situations JIOWC will maintain continuous contact with the USTRATCOM GOC SCIG and GCC staffs as required 3 U FCCs and JTF GNO will maintain continuous contact with the USTRATCOM GOC during crisis situations USSTRATCOM Component Commands should coordinate SC related efforts with the JIOWC leveraging the GCC Support Team s relationships with the GCC SC and I0 staffs as 4 U See Base Plan for tasks withinl Sec 1 7 e appropriate c U Coordinating Instructions 1 U This document is effective for planning upon recei and execution upon approval of the overall base plan as well as the Sec 1 7 e I 2 WLUSSTRATCOM Component Commands will integrate planning efforts to with the applicable GCCs Commands should leverage JIOWC GCC Support Learns to conductl b 1 Sec 1 4 a I Sec 1 4 a 3 W CDRUSSTRATCOM will coordinate with Combatant Commanders in order to develop and provide those commanders See CDRUSSTRATCOM support plans for speci c details d U De nitions 1 U Public Diplomacv PD Those overt international public information activities of the USG designed to promote US foreign policy Sec 1 7 e institutions and their counterparts abroad JP 3-53 and JP 1 02 The DOS has the lead within the USG for PD 2 U Sec 1 7 e Sec 1 7 e DOD activities Y-9 370 371 372 373 3'74 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 communication Sec 17 9 environment in support of USG information activities through efforts that may include Sec 1 7 e Sec 1 7 e 3 U Military Diplomacy MD The ability to support those activities and measures U S military leaders take to engage military defense and government officials of another country to communicate USG policies and messages and to build defense and coalition relationships Derived from March 2004 National Military Strategic Plan for the War on Terrorism 4 U Public Affairs PA Those public information command information and community relations activities directed toward both the external and internal publics with interest in the DOD JP 3-61 USTRATCOM FAQ is lead for the command and will coordinate with and the applicable GCC PAC 5 U Military Information Operations 10 The integrated employment of the core capabilities 03 1 Sec 1 7 e Iin concert with speci ed supporting capabilities information assurance physical security counter-intelligence physical attack and combat communications and related capabilities public affairs civil military operations and defense support to public 3_ 13 Feb 07 USSTRATCOM components should leverage the existing working relationships between the JIOWC GCC Support Teams and the GCC IO staffs to integrate and SC with 10 efforts to achieve the Combatant Commander s desired effects on local regional and global audiences 4 U Administrative and Logistics See Base Plan a U SC personnel and administrative support will be furnished by supporting commands in accordance with Service directives Command Arrangements Agreements CAA Memorandums of Understanding MOU Task Force CONOPS and the logistics concept for support operations outlined in CDRUSSTRATCOM plans and directives b IOWC will coordinate with USSTRATCOM Strategic Effects Cells and other DOD to help SC across the interagency Y-10 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 SEQ-REF 5 U Command and Control CDRJIOWC is SC lead and as such must be kept informed of all USSTRATCOM 59 17 9 I In times of crisis the IOWC DC will maintain continuous contact with the USTRATCOM HQ GOC USSTRACOM senior leadership POLAD and FAQ The JIOWC will be matrixed as required to support SC planning execution assessment and decision making The IOWC GCC Support Teams will maintain continuous contact with the applicable GCC SC planning staffs The Joint SC Support Cell will maintain close contact with the SCIG at the Pentagon USSTRATCOM staff and other personnel working SC issues as required See paragraph 5 Command and Control of Base Plan Annex Command Relationships and Annex Command Control Communications and Computers C4 Systems to Base Plan as appropriate Kevin P Chilton General USAF Commander Y-ll BLANK Omde'Irh-wMH DI-bu HEADQUARTERS US STRATEGIC COMMAND OFFUTT AIR FORCE BASE NE 68113-6500 28 February 2008 ANNEX 2 TO USSTRATCOM CONPLAN 8039 U U OPR DISTRIBUTION U Z l 44 45 46 4'7 U Table Of Distribution U OFFICE DISTRIBUTION CODE Joint Staff J7 CWPD J7 OSD CHIEF OF STAFF US ARMY CHIEF OF NAVAL OPERATIONS CHIEF OF STAFF USAF CMDT MARINE CORPS CMDT COAST GUARD - DISA DLA NGA NSA DIA DTRA USCENTCOM J3 J5 USEUCOM ECJ3 ECJ5 USNORTHCOM J3 J5 USPACOM J3 J5 USSOCOM SOJ3 SOJ5 USSOUTHCOM SCJ3 SCJ5 USJFCOM J2 J3 J5 USTRANSCOM J5 USELEMNORAD US ONLYHHl an A SEGR-EF DISTRIBUTION HQ AMC HQ AFSPC NNSOC NETWARCOM COMMARFORSTRAT HQ SMDC 8 AF 20 AF HQ USAFE HQ PACAF JWAC HQ AIA DEFENSE SUPPLY CENTER 20th IS TMF Cheyenne Mountain Operations Center 480 IG DET 1 608 AOG Of ce Naval Intelligence ONI COMNAVMETOCCOM AFGW Agency HQ Air Force Reserve Command National Guard Bureau Commander HQ AFOSI Director NCIS OFFICE CODE A3 A4 XO TACC IWF DOME TFC 214 A8 A8 J3 1 A3 AFWIC 671w NASIC DSCP- 0MP CCOZ J5 SMD A3 A3 00223 Z-3 NO COPIES 48 49 50 OFFICE DISTRIBUTION CODE USSTRATCOM Internal J1 DistributionGISC Joint Functional- Component J3 Command Global Strike and J5 Integration JFCC GSI Joint Functional Component J5 Command Integrated Missile J3 Defense JFCC IMD Joint Functional Component OPS Command Intelligence PLANS Surveillance Reconnaissance JFCC ISR Joint Functional Component J3 Command Network Warfare J5 JFCC NW Joint Functional Component Command Space JFCC SPACE Joint Information Operations Warfare Command JIOWC STRATCOM Center for Combating Weapons of Mass Destruction SCC WMD Joint Task Force Global Network J3 Operations JTF GNO J5 NSA Rep to USSTRATCOM CIA Rep to USSTRATCOM DIA Rep to USSTRATCOM NGA Rep to USSTRAT COM RO Rep to USSTRATCOM NASA Rep to USSTRATCOM DISA Rep to USSTRATCOM USSTRATCOM NAOC Plans SEQ-REF NO Kevin P Chilton General USAF Commander OFFICIAL Mark H Owen Brigadier General USAF Director Plans and Policy INTENTIONALLY BLANK Z-6 This document is from the holdings of The National Security Archive Suite 701 Gelman Library The George Washington University 2130 H Street NW Washington D C 20037 Phone 202 994-7000 Fax 202 994-7005 nsarchiv@gwu edu