DoD Joint Terminology for Cyberspace Operations

Joint Terminology for Cyberspace Operations

  • 16 pages
  • November 2010
  • 3.48 MB


The following definitions align key cyberspace operations (CO) concepts with doctrinally accepted terms and definitions used in the other joint operational domains. For explanatory purposes, in each case, the current Information Operations (IO) doctrinal definition for some aspect of CO is presented, followed by its conventional analogue, if any, and the current terminology it would replace. Where an existing JP 1-02 doctrinal definition is applicable as written or with very minor modifications, that definition is used with the modification, if any, noted.

Note 1: Because IO doctrine uses just three terms (CNA, CNE, and CND) to encompass all mission areas, each of those terms is replaced here by more than one standard joint term, reflecting the broad array of discrete missions that comprise CO as they are executed today.

Note 2: This lexicon does not attempt to include every cyber-related term, but rather is focused on those for which the current cyber terminology does not align with an analogous traditional military term. Thus many terms, especially those related to NetOps, are not captured here because they reflect missions that have no analogue in the other domains–those terms are unaffected by this lexicon, but remain important to any comprehensive understanding of cyberspace operations.

Collateral Effect – unintentional or incidental effects including, but not limited to, injury or damage to persons or objects that would not be lawful military targets under the circumstances ruling at the time. Includes effects on civilian or dual-use computers, networks, information, or infrastructure. Such effects are not unlawful as long as they are not excessive in light of the overall military advantage anticipated from the activity. In cyberspace operations, Collateral Effects are categorized as:

• “High”: Substantial adverse effects on persons or property that are not lawful targets from which there is a reasonable probability of loss of life, serious injury, or serious adverse effect on the affected nation’s national security, economic security, public safety, or any combination of such effects.

• “Medium”: substantial adverse effects on persons or property that are not lawful targets.

• “Low”: Temporary, minimal or intermittent effects on persons or property that are not lawful targets.

• “No”: Only adversary persons and computers, computer-controlled networks, and/or information and information systems are adversely affected.

Computer Network Attack (CNA)- (DOD) A category of fires employed for offensive purposes in which actions are taken through the use of computer networks to disrupt, deny, degrade, manipulate, or destroy information resident in the target information system or computer networks, or the systems/ networks themselves. The ultimate intended effect is not necessarily on the targeted system itself, but may support a larger effort, such as information operations or counterterrorism, e.g., altering or spoofing specific communications or gaining or denying access to adversary communications or logistics channels.

Computer Network Exploitation (CNE)- (DOD) Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data about target or adversary automated information systems or networks. See also computer network attack; computer network defense; computer network operations.

Countermeasures – That form of military science that, by the employment of devices and/ or techniques, has as its objective the impairment of the operational effectiveness of undesirable or adversarial activity, or the prevention of espionage, sabotage, theft, or unauthorized access to or use of sensitive or classified information or information systems.

• Defensive Countermeasures includes actions to identify the source of hostile cyber activities; protection/ mitigation at the boundary (e.g., Intrusion Protection Systems (IPS), pre-emptive blocks, blacklisting); hunting within networks (actively searching for insiders and other adversaries or malware); passive and active intelligence (including law enforcement) employed to detect cyber threats; and/ or actions to temporarily isolate a system engaged in hostile cyber activities.

• Offensive countermeasures might include electronic jamming or other negation measures intended to disrupt an adversary’s cyber capabilities during employment.

Cyber attack: A hostile act using computer or related networks or systems, and intended to disrupt and/ or destroy an adversary’s critical cyber systems, assets, or functions. The intended effects of cyber attack are not necessarily limited to the targeted computer systems or data themselves-for instance, attacks on computer systems which are intended to degrade or destroy infrastructure or C2 capability. A cyber attack may use intermediate delivery vehicles including peripheral devices, electronic transmitters, embedded code, or human operators. The activation or effect of a cyber attack may be widely separated temporally and geographically from the delivery.

Offensive Cyberspace Operations (OCO): Activities that, through the use of cyberspace, actively gather information from computers, information systems, or networks, or manipulate, disrupt, deny, degrade, or destroy targeted computers, information systems, or networks. This definition includes Cyber Operational Preparation of the Environment (C-OPE), Offensive Counter-Cyber (OCC), cyber attack, and related electronic attack and space control negation.

Sensitive Reconnaissance (CJCSI-3250.0 1): Reconnaissance operations which, by virtue of their collective objectives, means of collection, or area of operation , involve significant military risk or political sensitivity.

Special Reconnaissance (SR) (JP 3-05, JP 1-02): Reconnaissance and surveillance actions conducted as a special operation in hostile, denied, or politically sensitive environments to collect or verify information of strategic or operational significance, employing military capabilities not normally found in conventional forces. These actions provide an additive capability for commanders and supplement other conventional reconnaissance and surveillance actions.

Weapon effect: A direct or indirect objective (intended} result a weapon action, typically specified by a specific target scope, desired effect type (material, behavioral) and level, and start time and duration. A direct (or first-order) effect is an outcome created directly by the weapon’s action. An indirect effect is an outcome that cascades from one or more direct or other indirect effects of the weapon’s action (also known as second, third, nth order effects, etc.). Because of the interconnected nature of cyberspace, indirect effects must be determined to the greatest extent possible and evaluated for acceptability before weapon use. These assessments will feed the Weapon Categorization process.

Share this: