Computer Network Operations

1
Computer Network Operations

• Consideration for DND/CF Requirements
• Colonel David Neasmith
• Commander
• Canadian Forces Information Operations Group
• 11 January 2005

2
Outline

• Elements of CNO
• Legal Considerations for CNO
• CFIOG and the CFNOC

3
New Imperatives

• Pervasive and ill-defined threats
• Continental Defence and Security versus National
  Sovereignty
• Balance Security versus Privacy
• Intelligence Information sharing
• From Need to Know to Need to Share
• Network Centric Warfare
• Network environment as a battlespace

4
THE NETWORK CHALLENGE
Deployed

• Common Functionality
• Common Information
• Common Interface

5
Information Operations (IO)

• IO is the military component of an overall GoC
  or coalition information strategy based on
  diplomacy, information, military and economics
• Computer network operations (CNO) is a subset of
  IO

6
Computer Network Operations

• Actions taken to defend, exploit and/or attack
  information resident on Information Systems
  and/or the Information Systems themselves.
• DND IO Policy

7
Elements of CNO
CNE
CNA
CND
8
DND CND Legal Considerations

• CND activities are bounded by legislative
  considerations for privacy (ATIP) and the
  interception of communications (CCC).
• CND activity that impinges on privacy and
  interception is addressed under new legislation
• Bill C-36
• authorizes CSE personnel, under MA, to intercept
  private communications if it is essential to
  identify, isolate or prevent harm to Government
  of Canada computer systems or networks.
• Bill C-14
• amended CCC, providing lawful exception for
  intercepting private communications for network
  mgmt and defence
• Bill C-7
• Provides that DND/CF personnel, under MA, can
  intercept private communications if it is
  essential to identify, isolate or prevent harm to
  DNDs computer systems or networks
• Law will not be put into force

9
Coordination of Operational CND Issues

• Need to establish within government the process
  for the coordination of CND operational issues
• Roles of PSEPC, CSE, RCMP, CSIS, and DND for CND
  incidents within the GoC National Emergency
  Response System (NERS)
• Within DND/CF, CFNOC coordinates all CND
  operational activities

10
DND/CF CND Coordination

• Internally
• Operational Staffs
• Network operators and engineering staffs
  (deployed and in Canada)
• GoC
• PSEPC
• Other Government Departments and Agencies
• Other Militaries
• AUS/CAN/NZ/US/UK military Computer Network
  Defence community
• Industry
• Bell Nexxia
• FIRST, CERT CC
• ISPs

11
DND CNE Legal Considerations

• Legal framework
• Changes introduced by Bill C-36
• Targeting and other control measures
• Considered an essential activity to meet the
  targeting requirements for CNA

12
Coordination of Operational CNE Issues

• There are a number of GoC departments and
  agencies who may have interests in CNE activity
  based on their mandates.
• Need GoC mechanism for mission management and
  de-confliction, both nationally and
  internationally

13
CNE
Spectrum of CNA Effects
0
Equivalent to Armed Attack
Covert
Limited
Covert
None
Effects do not include significant
physical damage or injury
Physical damage and/or serious injury
(Definition of significant will vary based upon
the socio / economic / political circumstances of
target)
CNE
CNA
CND
14
DND CNA Legal Considerations

• When CNA effects meet
• use of force threshold
• Targeting process will require specialized
  expertise for CNA actions
• Use of CNA must honour key operational
  principles, including
• Distinction of targets
• Proportionality of effects
• Legal implications of civilians taking a direct
  part in these CNA actions
• ROE will be required

• When CNA effects fall short of use of force
  threshold
• Same targeting process must be used to make this
  determination

15
CNE / CNA Common Activities
CNE
CNA
CND
Thomas C. Wingfield, The Law of Information
Conflict National Security Law in Cyberspace
(Falls Church Aegis Research Corporation, 2000)
29.
16
CFIOG

• Provides assigned Information Operations
  capabilities to the DND/CF
• Network-Centric capabilities
• Skills, Knowledge and Process
• Oversight
• Technology
• Capabilities to both Defend and Exploit the
  information space

17
Computer Network Operations
Mil Operations Centres
Assistant Deputy Minister (IM)
DGIMO / J6
CFIOG Commander
Comm Res
DGEAS
CFNOC
CFSOC
CFEWC
DGIMPD
DGIMSD
CFS Leitrim
CFS Alert
DGKMI
18
CFNOC Standup

• Created 3 Sep 2002
• Integration of Network and Security Operations
• Integration of kinetic operations visibility into
  the cyber domain
• Being able to answer the question So What?

19
CFNOC Mission Areas

• National System Ops
• Incident Management
• Security Operations
• Computer Network Defence
• Computer Incident Response Team (CIRT)
• Network Vulnerability Assessment Team (NVAT)
• ITI Situational Awareness
• Coordination
• Impact Assessments

20
Summary

• CNO is not a set of three clearly distinct
  functions
• Governance for these activities must be built to
  address the flow required between functions for
  effective, timely operations
• A coordinated GoC approach is necessary to
  optimize these activities

21
Questions and Discussion
22
(No Transcript)