OCR of the Document

View the Document >>

Director of Central Intelligence, Director of Central Intelligence Directive 7/3, "Information Operations and Intelligence Community Related Activities," June 5, 2003. Secret.

C01035142 SECRET SECRET1j Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 fX I DIRECTOR OF CENTRAL INTELLIGENCE DIRECTIVE 7 3 U INFORMATION OPERATIONS AND INTELLIGENCE COMMUNITY RELATED ACTIVITIES Effective 01 July 1999 Administratively updated 5 June 2003 1 REFERENCES a b c d e f g h i j k 1 rn n o 2 U DCID 5 1 Espionage and Counterintelligence Activities Abroad 19 Dec 1984 U NSCID 5 U S Espionage and Counterintelligence Activities Abroad 19 Dec 1984 U NSCID 6 ''Signals Intelligence 17 Feb 1972 U NSD 42 National Policy for the Security of National Security Telecommunications and Information Systems • 05 Jul 1990 U Presidential Decision Directive NSC-63 PDD-63 Critical Infrastructure Protection 22 May 1998 U Memorandum of Agreement on Oversight Board for Private Sector Relationships 05 Jun 1998 U Charter of the National Special Communications Working Group NSCWG 07 Jan 1997 U Memorandum of Agreement concerning Deconfliction of Computer Network Operations CNO 01 Jul 1999 U Charter of the Bilateral· Information Operations Steering Group BIOSG 14 Apr 1998 U DCID 5 6 Intelligence Disclosure Policy 30 Jun 1998 U National Security Act NSA of 1947 as amended U Title 10 U S Code Armed Forces U MOA Between DoD and the IC Regarding the Information Operations Technology Center OTC 04 Mar 1997 U Concept of Operations CONOP for the Information Operations Technology Center OTC 04 Mar 1997 U Title 50 U S Code 11 PtTRPOSE UNDER AUTHORITY OF THE INTERAGENCY SECURITY CLASSIFICATION APPEALS PANEL E O 13526 SECTION 5 3 b 3 I ISCAP APPEAL NO 2008-049 document no 18 I DECLAS l ICATl N DATE Dec mber 02 2016 ------····_J SECRETJ __ ____ t Xl Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 SECRET C01035142 SECRET rl _ Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 ____ lrx 1 U This directive sets forth the responsibilities of Intelligence Community IC components in the conduct and coordination of • • • 3• U Information Operations IO U Intelligence and related support to IO and U Deconfliction of specific computer network operations CNO conducted by National Foreign Intelligence Program NFIP agencies AtJ'l'BOllI 'fI ES • U This DCID does not affect the authorities responsibilities and restrictions relating to components of the IC and the Department of Defense DoD that are set out in existing statutes executive orders and policy directives such as Presidential Decision Directives PDDs National Security Council Intelligence Directives NSCIDs and other DCIDs in particular the requirements under reference a for coordination of espionage and counterintelligence activities abroad This DCID clarifies the DCI authorities under which IC elements may carry out computer network attack CNA and computer network exploitation CNE using NFIP funds 1 4• DEl'INI TIONS A U The definition of information operations IO is Actions taken to affect adversary information and information systems while defending one's own information and inform tion systems B O Information Operations is an integrating strategy Although still evolving the fundamental concept of IO is to integrate different activities to affect decision making processes information systems and supporting information infrastructures to achieve specific objectives as well as to protect and defend friendly information and information infrastructures IC IO-related activities include CNE and other supporting intelligence activities 5 DISCUSSION A U The concept of Information Operations IO emerged against the backdrop of the explosive growth of information technology IO has made use of electronic warfare EW psychological operations PSYOP military deception operational security OPSECl and physical destruction The rapid spread of computers and computer networks has led to their inclusion as instruments for attacking and influencing information infrastructures Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 I S C section 3507 SECRET __ _ Vx1 2 SECRET C01035142 SECRET Withheld under statutory authority of the Central Intelligence Agency Act of 1949 SO U S C section 3507 SECRE'f '----'jrx I B U F ouol Computer network operations CNOl comprises computer network exploitation CNE -- denoting a broad range of intelligence collection activity computer network attack CNA -· - denoting attacks on computer systems and networks and computer network defense CNDl - denoting actions taken to protect U S computer systems and networks and possibly those of allies and coa lition partners CNE is an intelligen_ce collection activity and while not viewed as an integral pillar of DoD IO doctrine it is recognized as an IO-related activity that requires deconfliction with IO There are interdependencies and relationships among CNE CNA CND and other IC activities in support of IO which may require mechanisms to ensure proper deconfliction or coordination among those NFIP funded IC elements that engage in these activities C U F Pt10' IC IO activities include conducting with proper authorization covert action including CNA IC elements authorized to conduct CNA under DCI authorities in peacetime will be specified by a Presidential Finding D Ul • • • • • 6 IC IO-related activities include Ul Collecting processing analyzing and disseminating foreign intelligence and counterintelligence on IO U Conducting CNE in accordance with the authorities described in references · b and c Ul Supporting other U S government organizations in the conduct of their IO missions U Ensuring effective warning and defense against IO U Performing computer network defense CND activities -commensurate with established legal statutes or the technical direction provided by NSA CSS as specified in reference d or the National Infrastructure Protection Center NIPC as set forth in reference e DBCONl'LtC'l'ION' A U While this DCID does not address every contingency IO and IO-related activities specified in paragraphs 6 C and 6 D shall be deconflicted and mutually supporting Deconfliction mechanisms shall be established to guarantee compatibility within areas of common concern B U To support the establishment of deconfliction processes it is important to initially identify the applicable authority for an action so that a tivities can be conducted within an appropriate legal context and oversight requirements can be satisfied The nature and the context of an activity will determine the applicable legal authority for the activity i e the authority under which an activity is conducted The following guidelines shall apply SECRET 1 __ _-'l X I 3 SECRET i Withheld under statutory authority of the Central Intelligence Agency Act of 1949 SO U S C section 3507 C01035142 E GRET Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 SECR ET __ ___ x I 1 U The criterion for identifying the applicable authority for a proposed activity shall be the primary purpose of the activity For example if the primary purpose of an activity is foreign intelligence FI collection FI collection authorities shall prevail notwithstanding the fact that the activity may have other purposes 2 U The nature and context of the activity and not the U S Government entity that conducts it shall determine the applicable authority D C 1 8 ' The Oversight Board for Private Sector Relationships reference f and the National Special Communications Working Group NSCWG reference g exist to deconflict mission related industrial relations and special communications respectively They shall be expanded to include new membership as appropriate 0 D 1--8 7 CNA E Deconfliction process CIA and NSA will jointly manage as an IC service of common concern an Interagency Target Register ITR to deconflict IC CNA and CNE operations IC elements conducting CNA or CNE operations under DCI authorities shall deconflict their operations within the ITR structure according to ITR procedures and appropriate access negotiated with the principal signatories to the MOA cited in reference h The IC recognizes a need to establish procedures for deconflicting CNE activities with other appropriate U S agencies ' E I E O 13526 section l 4 c Withheld from public release under §6 of the National Security Act of 1959 50 U S C 3605 P L 86-36 7 IMPLEMENTATION U Except where covered by existing policies responsibilities are listed below A IC IO-related U The Deputy Director of Central Intelligence for Community Management DDCI CM shall I £ECRE rA -- '''X I 4 ECRET Withheld under statutory authority of the Central Intelligence Agency Act of 1949 SO U S C section 3507 C01035142 £EGRET Withheld under statutory authority of the Central Intelligence Agency Act of 1949 SO U S C section 3507 SECRET __ _ t1x1 1 2 3 4 B U Serve as the IC focal point for IO strategic planning and policy coordination within the IC and with the Bilateral Information Operations Steering Group BIOSG per reference i U Represent IC organizations that are not already represented on the BIOSG U Provide administrative and staff support to the Secretariat of the BIOSG per reference i U Oversee implementation of this DCID U The Assistant Secretary of State for and Research I R shall Intelligence l U Support the Chiefs of Mission in their review of the implications of contemplated IO for foreign affairs and diplomatic relations pursuant to reference 2 U Pursuant to reference j review the implications of contemplated sharing of intelligence on foreign IO programs with allies or other foreign entities a C U The National Intelligence Officers NIOs for Warning and for Science Technology shall jointly provide the DCI and other IC elements with appropriate strategic warning against IO D U Consistent with the National Security Act of 1947 reference k the DCI has assigned the following tasks which pursuant to lO·USC 113 reference' 1 the Secretary of Defense has directed the DoD components listed below to execute l U The Director National Security Agency Chief Central Security Service DIRNSA CSS shall i U Integrate CNA CNE and CND tools techniques and technology into the SIGINT and INFOSEC communities ii U Train equip and organize the U S Cryptologic System to support the CNE CNA and CND requirements needs of its customers iii U Provide IO-related military targeting support iv U Provide intelligence gain loss assessments in response to CINC IO targeting v U Develop and support analytic modeling and simulation techniques to support CNA CNE efforts -SECRETA __ ___ l X l 5 SECRET ---- Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 C01035142 ECRE F l X I SECRETij 2 Withheld under statutory authority of the Central Intelligence Agency Act of 1949 SO U S C section 3507 U The Director Defense Intelligence Agency D DIA shall i U Ensure that DIA is postured to support the full range of IO activities both offensive and defensive including psychological operations military deception electronic warfare computer network operations operations security and physical destruction ii U Train and equip the Defense HUMINT Service DHS to support the IO requirements of its customers iii U Provide IO-related military targeting support · iv U Perform all-source analysis production dissemination and provision of military and military-related intelligence on foreign information infrastructures and foreign information threats for the Secretary of Defense Joint Chiefs of Staff other defense components and as appropriate non-defense agencies v U Pursuant to existing DoD directives instructions and other guidance conduct Human Factors intelligence support for the full range of IO vi U Pursuant to DoD requirements provide strategic indications and warning for IO vii U Provide political-military assessments in response to CINC IO targeting 3 U The Director National Imagery and Mapping Agency D NIMA shall i U Conduct imagery and geospatial analysis to identify critical foreign information infrastructures and assess their interdependencies ii Ul In partnership with other IC elements provide targeting support to IO This includes identifying physical targets developing targeting packages and preparing combat assessments iii U With approved tasking help identify vulnerabilities to key U S infrastructures CONUS and OCONUS in order to contribute to more effective defensive IO practices iv U Provide o her imagery and geospatial information support to IC and DoD IO efforts in a timely and effective manner v U Ensure IO requirements are included in any delineation and assessment of future requirements SECRET j _ _ __ ltX l_ _ _ _ _ _ _ _ _ _ _ _ _ __ __ 6 S GRE T Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 C01035142 8ECRE'f Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 _gi c RE'fr·J __ ____ lrx 1 4 I 25Xl E 0 13526 5 U The Director of the Information Operations Technology Center D IOTC shall execute responsibilities in accordance with references m and n E U The Director Federal Bureau of Investigation D FBI shall 1 2 3 4 5 F U Provide available releasable information and operational support that may assist in the planning or execution of an IO activity by IC and DOD U ' Assist other agencies in assessing the risks of planned IO activities to the U S information infrastructure U Keep the U S private sector and Government at all levels informed of threats to the U S information infrastructure that may arise from IO activities without divulging U S plans or intentions U Develop and deploy tools to reduce the risk of penetration corruption and disruption of critical U S information systems and networks U Investigate IO intrusions ·and attacks against information networks and systems in the United States U 1 All IC Element Heads shall U Provide the DDCI CM with the information required to assist the DCI in implementing this directive _- t x1 7 _r-___ -- Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 C01035142 SECRET j x l SECRCf j 2 3 8 Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 t S1 Cooperate closely with the IOTC to ensure consistency between the CNA and dual purpose CNE techniques contained in the Toolbox and any other developing or employed capabilities U Take reasonable steps to protect their own systems from hostile CNA and CNE REVIEW U The DDCI CM shall coordinate the IC's annual review of this DCID for currency and completeness s J uly 1 1999 George J Tenet DIR BC'l'OR OF CENTRAL IN l'ELLIGENCE DA'l'E Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 yx1 ECRHr1 8 ' SECRET DCID 7 3 APPENDIX A Definitions of Terms Osed in this Directive U Operations to manipulate disrupt deny degrade or destroy information resident in computers and computer networks or the computers and networks themselves Computer Network Attack CNA Ul Efforts to defend against the CNO of others especially that directed against U S and allied computers and networks Computer Network Defeuse CND U Intelligence collection and enabling operations to gather data from target or adversary automated information s sterns AIS or networks Computer Network Exploitation CNE I E O 13526 section I 4 c Computer Network Operations CNO U CNE CNA an d CND collectively U Refer to Section 503 of the National Security Act of 1947 Title V 50 u s c 413-413b references k and o and related legislation Related legislation includes the 1991 Intelligence Authorization Act and 102d Congress Report SENATE First Session 102-85 and House Conference Report 102-166 Section 503 refers to covert action as an activity or activities of the United States Government to influence political economic or military conditions abroad where it is intended that the role of the United States Government will not be· apparent or acknowledged publicly but does not include-- Covert Action U activities the primary purpose of which is to acquire intelligence traditional counterintelligence activities traditional activities to improve or maintain the security of United States Government programs or administrative activities traditional diplomatic or military activities or routine support to such activities traditional law enforcement activities conducted by United States Government law _enforcement agencies or routine s upport to such trx SECRET 9 SECREiT C01035142 SECRET Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 IZCRE'f j __ ___ XI activities or activities to provide routine support to the overt activities of other United States Government agencies abroad Special Activities is a euphemism for covert action as such it is redundant to include it here Deception U Th ose measures designed to mislead an ·adversary by manipulation distortion or falsification of evidence to induce him to react in a manner prejudicial to his interests 25Xl E 0 13526 Electronic Warfare U The use of electromagnetic and directed energy to control the electromagnetic spectrum or to attack an adversary Human Factors U The psychological cultural behavioral and other human attributes that influence decision making the flow of information and the interpretation of information by individuals or groups at any level in a· state or organization Znformation Operations ZO s U Actions taken to affect adversary information and information systems while defending one's own information and information systems Information System U The organizations personnel and components that collect process store transmit display disseminate and act on information Operations Security OPSEC U A process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to a Identify those actions that can be observed by adversary intelligence systems b Determine indicators hostile intelligence systems might obtain that could be interpreted or pieced together to derive critical information in time to be useful eo adversaries c Select and exec te measures that eliminate or reduce to an acceptable level the vulnerabilities of friendly actions to adversary exploitation Physical Destruction U Referred to in Joint military doctrine as one of the core di sciplines of IO Note Not all physical destruction is IO nor related to it Physical destruction can be used to further tactical operational and or strategic IO objectives Examples include destroying command and control facilities communications links and components supplying energy to power communications Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 -- '-- C01035142 SECRET Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 SECREl A __ __ jtx I Psycholo ical OparatioDs U Planned operations to convey selected information and indicators to foreign audiences to influence their emotions motives objective reasoning and · ultimately the behavior of foreign governments organizations groups and individuals The purpose of psychological operations or PSYOPs is to induce or reinforce foreign attitudes and behavior favorable to the originator's objectives Special Commu DicatioDs U The relay of U S government or allied signals from or into areas typically characterized by an intense counterintelligence or operational security environment usually in support of covert or clandestine intelligence or military operations or sensitive overseas law enforcement activities SECRE'f f __ _ ------------------------ Withheld under statutory authority of the Central Intelligence Agency Act of 1949 50 U S C section 3507 L ---- --------- -------------------- _ rx l 11 -SEC E 1- -----······- -------