Page:United States Army Field Manual 3-13 Information Operations.djvu/41

Infannntion ¤p¤ni!i¤ns Elnmams and Rntami Activities 2~41. The Army Computer Emergency Response Team (ACERT) deters, de- tects, coordinates, responds, and ruports Army INFOSYS security incidents. Regional computer emergency response teams (RCERTs) deter. detect. coun diuate, iespond, and report Army INFOSYS security incidents. Both the ACERT and RCERTs unify CND efforts across networks, They assist G-Ss in die war against hackers, intrusions, and viruses, and pmvide other technical assistance wlnm needed. They cn-Insane with the United States Army Nev work Operations and Security Center (ANOSC; see appendix F), enabling the staffs to work closely together to protect networks and INFOSYS, Normally, the network operations (NETOPS) centers identify a potential network at— tack, either by direct observation or reports through the G-6 hom impacted users, and pass it in the ACERT for :1 response. (Sue appendix F for command relationships.) 2-42. The complex nature of the Global lmlirmation Grid (GIG) requires close coordination of all CND activities between the operutilons, intelligence, com· munications, counteziutulligcnce, law cnnmwmcnt, and other government agencies. COMPUTER NETWORK EXPDOITATION 243. Computer network exploitation consists of enabling operations and intelligence collection to gather data {rom target or adversary automated information systems on- networks, (This definition is cousis» rem with joint initiatives and is being staffed as s possible joint detinstlom Contribution 244, CNE contributes m intelligence collection at echelnn above corps. (See appendix F for command relationships.) SUPPORTING ELEMENTS 245, The supporting IO elements am physical destruction, IA, physical secu· rity, eniinterintebjgence, cnunt.erds.~ccpLien, and munterpropaganda, Physical destruction can be employed as an additional means xxi intluence decision- maker or groups, ur to target INFOSYS in support of information superiority. lnihrmatinn assurance activities and network operations may be conducted independently or may be initiated in response to evexmdriven CND opera- tional guidance. Physical security can support IO by preventing unauthorized physical access to personnel, equipment, installations, materiel, and dncus ments, (`ounterintelligence investigations, operations, mllwtion, analysis! pmduction, and dynamic functional services can be employed in support of IO. Counturduception contributes to situational understanding and defensive IO by protecting iriendly C2 systems and deuisionmnkers from adversary deception. Counterpmpagzmda reduces the ability of adversary propaganda to influence hrieudly Rirces and nthers in thc AO. It attacks adversary pmpaganda. PHYSICAL DESTRUCTION 2-46, Physical destruction is the application of combat power to de- stroy or degrade adversary forces, sources of information, command 2-11