Information Operations (United States)

Information Operations is a category of direct and indirect support operations for the United States Military. By definition in Joint Publication 3-13, "IO are described as the integrated employment of electronic warfare (EW), computer network operations (CNO), psychological operations (PSYOP), military deception (MILDEC), and operations security (OPSEC), in concert with specified supporting and related capabilities, to Information Operations (IO) are actions taken to affect adversary information and information systems while defending one's own information and information systems.

History of Information Operations in the U.S. Military
The modern U.S. military can trace its use of information operations back to World War 2 when the Army activated the 23rd Headquarters Special Troops, known as the "Ghost Army", on January 20, 1944. This secretive unit was responsible for executing 22 large-scale military deceptions in Europe using techniques such as inflatable vehicles, false radio transmissions, loud-speaker sound effects, and phone generals. Specific operations the 23rd was noted for having success was D-Day and Operation Viersen. Today the 23rd, has been attributed as saving the lives of 15,000 to 30,000 American service members. In the Pacific, the Navy successfully conducted its first electronic warfare activities later in the war when TBM Avenger aircraft were fitted with receivers and rudimentary jammers to locate and jam Japanese air search radars.

Despite the success of the 23rd, deception was never used in a significant way in Korean War, however psychological warfare was routinely conducted by the Eighth Army, predominantly in the form of airborne leaflets, including a weekly "news" leaflet dropped on communist forces, but also included radio and loudspeaker broadcasts. During the war forces under United Nations Command used electronic jamming, much like the Navy at the end of World War 2, against radar on radar-directed anti-aircraft guns, particularly during Operation Strangle. Though these examples fall within the capabilities associated with information operations, they were applied in specific circumstances for particular missions and not de-conflicted or synchronized for maximum effect. Because of their discrete applications, information operations was not fully exercised during the war as it is known today.

Much the same as in the Korean War, deception was also disregarded as a practice during the Vietnam War.

In the mid-1990s, the U.S. Department of Defense began characterizing doctrine known as Command and Control Warfare (C2W) which was described as a strategy to attack the decision-making, or command and control (C2) capabilities of an adversary while protecting the decision-making capabilities of friendly forces. It focused on a robust targeting system and defined five core capabilities, called pillars, it leverages: operations security, military deception, psychological operations, electronic warfare, and physical destruction.

On December 9, 1996, the Deputy Secretary of Defense, John P. White approved the Department of Defense release of a then Secret Directive S-3600.1 that codified the concept of Information Operations. This directive mandated the U.S. Armed Services to develop their own doctrine, training, and equipment, to execute information operations.

Shortly after the release of DODD S-3600.1, the U.S. Army stood up the Land Information Warfare Activity/Information Dominance Center (LIWA/IDC), which would eventually transition into the 1st Information Operations Command (Land), and established the Information Operations functional area in April 1999 to specially train and assign commissioned officers to plan and conduct IO.

During this time, the Army National Guard began to engage in developing their own information operations capabilities, establishing ad hoc information operations field support teams (FSTs), and vulnerability assessments teams (VATs), coordinated with the LIWA/IDC. National Guard units from Washington, Iowa, Vermont, and Texas were part of this early development.

Information Operations (IO)
Information Operations is considered an umbrella term to describe the coordination activities required to plan, synchronize, and assess operations, activities, and investments typically related to the non-lethal capabilities of psychological operations, cyberspace operations, civil-military operations, public affairs, operations security, and military deception. Operational U.S. military units at the flag-officer level typically have an Information Operations directorate known as the G-39 (for Army or Marine headquarters) or J-39 (for joint headquarters), for example, following the ConStaff system. These directorates typically have an array of personnel from information operations generalists, intelligence analysts, psychological operations specialists, and cyber and electronic warfare officers. Different headquarters have included civil affairs, space and cyberspace operations within the directorate while others have organized them under separate directorates within the staff.

In recent years, the U.S. military has stood up unique task forces solely focused on information operations, such as the U.S. Pacific Fleet's Fleet Information Warfare Command Pacific.

U.S. Department of Defense Information Operations
The Joint Information Operations Warfare Center (JIOWC) was created by the U.S. Strategic Command (USSTRATCOM) sometime around 2004 or 2005 at Lackland Air Force Base, Texas, with the intent of coordinating and executing U.S. information operations at the strategic level. On September 12, 2011, by executive order, the JIOWC was chartered as a Chairman's Controlled Activity aligned under the Joint Staff. The JIOWC falls within the Joint Staff Operations Directorate (J3), through the Deputy Director Global Operations, J39 (DDGO).

U.S. Army Information Operations
U.S. Army Combined Army Center includes the U.S. Army Information Operations Proponent (USAIOP) whose mission is to executes Total Army Force Modernization responsibilities across the DOTMLPF-P to meet the Army's requirement for Information Operations.

In the United States Army, units division-sized or larger have an IO staff directorate, known as the G-39, responsible for the integration of information operations capabilities. These directorates are often augmented by IO Field Support Teams from the following Army IO units:


 * US Army 1st Information Operations Command SSI.png 1st Information Operations Command at Fort Belvoir, Maryland
 * 56th Theater Information Operations Group Distinctive Unit Insignia.jpg  56th Theater Information Operations Group (ARNG) at Joint Base Lewis–McChord, Washington
 * 71st Theater Information Operations Group Distinctive Unit Insignia.jpg 71st Theater Information Operations Group (ARNG) at Camp Mabry, Texas
 * 151st Theater Information Operations Group Unit Crest.png   151st Theater Information Operations Group (USAR) at Fort Totten (Queens), New York
 * 152nd_Theater_Information_Operations_Group_Distinctive_Unit_Insignia.jpg 152nd Theater Information Operations Group (USAR) at Camp Parks, California (Deactivated)

Information Operations Qualification
In the Army, only commissioned officers are formally qualified in the Information Operations functional area, known as FA30. Officers can qualified through one of two courses:
 * IO Qualification Course (IOQC) - a 12-week, 480-hour resident course taught at the Combined Army Center, Fort Leavenworth, KS.
 * IO Qualification Course - Reserve Component (IOQC-RC) - a two-phase course taught by the National Guard Information Operations School, 3-124th Information Operations (IO) Battalion, Vermont Army National Guard. Phase one consists of 415 hours of study consisting of 20 four-hour synchronous class periods held weekly. Phase 2 is a 15-day resident exercise held at the Regional Readiness Training Center collocated with Norwich University in Northfield, Vermont.

Most Army commissioned officers, warrant officers, and noncomissioned officers have the option of earning the P4 Information Operations Additional Skill Identifier (ASI) by attending one of two 10-day courses:


 * Tactical Information Operations Planners Course (TIOPC)
 * Army Information Operations Planners Course (AIOPC)

U.S. Navy & Marine Corps Information Operations
In the United States Navy, information operations are often supervised by a Navy Information Operations Command (NIOC), for example in the United States Tenth Fleet which has several NIOCs.

In the United States Marine Corps, the proponent for information operations is the Marine Corps Information Operations Center (MCIOC) at Marine Corps Base Quantico, Virginia.

U.S. Air Force Information Operations
The United States Air Force bases its Information Operations doctrine from Air Force Doctrinal Publication (AFDP) 3–13, Information in Air Force Operations.

Air Force officers can serve as Information Operations Officers, Air Force Specialty Code (AFSC) 14FX, after completing the Information Operations Professional Course (IOPC).

U.S. Air Force Information Operations Units:
 * 39thPatch2008Update Small.jpg 39th Information Operations Squadron at Hurlburt Field, Florida.

Many U.S. Air Force units have redesignated between Information Operations, Cyberspace Operations, and Intelligence. For example, the 39th IO Sqdn's official website identifies itself as a subordinate organization of the 688th Information Operations Wing, however the Wing's official website identifies itself as a Cyberspace Operations unit.

Electronic Warfare (EW)

 * Electronic warfare (EW) refers to any action involving the use of the electromagnetic spectrum or directed energy to control the spectrum, attack an enemy, or impede enemy assaults via the spectrum. The purpose of electronic warfare is to deny the opponent the advantage of, and ensure friendly unimpeded access to, the EM spectrum. EW can be applied from air, sea, land, and space by manned and unmanned systems, and can target communication, radar, or other services. EW includes three major subdivisions:
 * Electronic Attack (EA)
 * Electronic Protection (EP)
 * Electronic warfare Support (ES)
 * EW supports information operations by using offensive and defensive tactics and techniques in a variety of combinations to shape, disrupt, and exploit adversarial use of the electromagnetic spectrum (EMS) while protecting friendly freedom of action in that spectrum. Expanding reliance on the EMS for informational purposes increases both the potential and the challenges of EW in IO. The increasing prevalence of wireless telephone and computer usage extends both the utility and threat of EW, offering opportunities to exploit an adversary's electronic vulnerabilities and a requirement to identify and protect our own from similar exploitation. As the use of the EMS has become universal in military operations, so has EW become involved in IO. All of the core, supporting, and related IO capabilities can either directly use EW or indirectly benefit from EW. In order to coordinate and deconflict EW, and more broadly all military usage of the EMS, an Electronic Warfare Coordination Cell (EWCC) may be established to reside with the component commander most appropriate to the operation. In addition, all joint operations require a joint restricted frequency list (JRFL). This list specifies protected, guarded, and taboo frequencies that should not normally be disrupted without prior coordination and planning, either because of friendly use or friendly exploitation. This is maintained and promulgated by the communications system directorate of a joint staff (J-6) in coordination with J-3 and the joint commander's electronic warfare staff (or EWCC, if delegated).
 * Domination of the Electromagnetic Spectrum. DOD now emphasizes maximum control of the entire electromagnetic spectrum, including the capability to disrupt all current and future communication systems, sensors, and weapons systems. This may include: (1) navigation warfare, including methods for offensive space operations where global positioning satellites may be disrupted; or, (2) methods to control adversary radio systems; and, (3) methods to place false images onto radar systems, block directed energy weapons, and misdirect unmanned aerial vehicles (UAVs) or robots operated by adversaries.

Computer Network Operations (CNO)

 * CNO as an IO Core Capability. The increasing reliance of unsophisticated militaries and terrorist groups on computers and computer networks to pass information to C2 forces reinforces the importance of CNO in IO plans and activities. As the capability of computers and the range of their employment broadens, new vulnerabilities and opportunities will continue to develop. This offers both opportunities to attack and exploit an adversary's computer system weaknesses and a requirement to identify and protect our own from similar attack or exploitation.
 * Computer network attack (CNA). Actions are taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.
 * Computer network defense (CND). Actions are taken through the use of computer networks to protect, monitor, analyze, detect and respond to unauthorized activity within the Department of Defense information systems and computer networks.
 * Computer network exploitation (CNE). Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary automated information systems or networks.

Psychological Operations (PSYOP)

 * PSYOP as an IO Core Capability. PSYOP has a central role in the achievement of IO objectives in support of the JFC. In today's information environment even PSYOP conducted at the tactical level can have strategic effects. Therefore, PSYOP has an approval process that must be understood and the necessity for timely decisions is fundamental to effective PSYOP and IO. This is particularly important in the early stages of an operation given the time it takes to develop, design, produce, distribute, disseminate, and evaluate PSYOP products and actions. All PSYOP are conducted under the authority of interagency-coordinated and OSD approved PSYOP programs. The PSYOP program approval process at the national level requires time for sufficient coordination and resolution of issues; hence, JFCs should begin PSYOP planning as early as possible to ensure the execution of PSYOP in support of operations. A JFC must have an approved PSYOP program, execution authority, and delegation of product approval authority before PSYOP execution can begin. JFCs should request PSYOP planners immediately during the initial crisis stages to ensure the JFC has plenty of lead time to obtain the proper authority to execute PSYOP. PSYOP assets may be of particular value to the JFC in pre-/post-combat operations when other means of influence are restrained or not authorized. PSYOP must be coordinated with CI, MILDEC, and OPSEC to ensure deconfliction and control, CI operations are not compromised, and that all capabilities within IO are coordinated to achieve the objectives established in planning. There must be close cooperation and coordination between PSYOP and PA staffs in order to maintain credibility with their respective audiences, which is the purpose of the IO cell. PSYOP efforts are most effective when personnel with a thorough understanding of the language and culture of the TA are included in the review of PSYOP materials and messages. As the information environment evolves, the dissemination of PSYOP products is expanding from traditional print and broadcast to more sophisticated use of the Internet, facsimile messaging, text messaging, and other emerging media. The effectiveness of PSYOP is enhanced by the synchronization and coordination of the core, supporting, and related capabilities of IO; particularly public affairs (PA), MILDEC, CNO, civil-military operations (CMO), and EW.
 * Psychological operations are planned operations to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior of foreign governments, organizations, groups, and individuals.
 * 4th Psychological Operations Group

Military Deception (MILDEC)

 * MILDEC is described as being those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions (or inactions) that will contribute to the accomplishment of the friendly forces' mission. MILDEC and OPSEC are complementary activities – MILDEC seeks to encourage incorrect analysis, causing the adversary to arrive at specific false deductions, while OPSEC seeks to deny real information to an adversary, and prevent correct deduction of friendly plans. To be effective, a MILDEC operation must be susceptible to adversary collection systems and "seen" as credible to the enemy commander and staff. A plausible approach to MILDEC planning is to employ a friendly course of action (COA) that can be executed by friendly forces and that adversary intelligence can verify. However, MILDEC planners must not fall into the trap of ascribing to the adversary particular attitudes, values, and reactions that "mirror image" likely friendly actions in the same situation, i.e., assuming that the adversary will respond or act in a particular manner based on how we would respond. There are always competing priorities for the resources required for deception and the resources required for the real operation. For this reason, the deception plan should be developed concurrently with the real plan, starting with the commander's and staff's initial estimate, to ensure proper resourcing of both. To encourage incorrect analysis by the adversary, it is usually more efficient and effective to provide a false purpose for real activity than to create false activity. OPSEC of the deception plan is at least as important as OPSEC of the real plan, since compromise of the deception may expose the real plan. This requirement for close hold planning while ensuring detailed coordination is the greatest challenge to MILDEC planners. On joint staffs, MILDEC planning and oversight responsibility is normally organized as a staff deception element in the operations directorate of a joint staff (J-3).
 * MILDEC as an IO Core Capability. MILDEC is fundamental to successful IO. It exploits the adversary's information systems, processes, and capabilities. MILDEC relies upon understanding how the adversary commander and supporting staff think and plan and how both use information management to support their efforts. This requires a high degree of coordination with all elements of friendly forces' activities in the information environment as well as with physical activities. Each of the core, supporting, and related capabilities has a part to play in the development of successful MILDEC and in maintaining its credibility over time. While PA should not be involved in the provision of false information, it must be aware of the intent and purpose of MILDEC in order not to inadvertently compromise it.
 * A message targeted to exploit a fissure between a key member of the adversary's leadership who has a contentious relationship with another key decision maker is an example. That message could cause internal strife resulting in the adversary foregoing an intended course of action and adopting a position more favorable to our interests.
 * Article title

Operations Security (OPSEC)

 * OPSEC as an IO Core Capability. OPSEC denies the adversary the information needed to correctly assess friendly capabilities and intentions. In particular, OPSEC complements MILDEC by denying an adversary information required to both assess a real plan and to disprove a deception plan. For those IO capabilities that exploit new opportunities and vulnerabilities, such as EW and CNO, OPSEC is essential to ensure friendly capabilities are not compromised. The process of identifying essential elements of friendly information and taking measures to mask them from disclosure to adversaries is only one part of a defense-in-depth approach to securing friendly information. To be effective, other types of security must complement OPSEC. Examples of other types of security include physical security, IA programs, computer network defense (CND), and personnel programs that screen personnel and limit authorized access.
 * What occurs, often, is that data is either leaked, stolen, or hacked online and the enemy has access to and can decipher what that information may say. This is especially true for defensive operational security.  US servicemen and servicewomen may have Facebook, multiple blogs, or upload photos, which can lead to the enemy knowing troop movements and locations.  With this information, setting up ambush and wreaking havoc on US and support personnel becomes much easier.  Geo-tagging features of cellular phones especially, may cause this type of breach in OPSEC.

EC-130
The EC-130E Airborne Battlefield Command and Control Center (ABCCC) was based on a basic C-130E platform and provided tactical airborne command post capabilities to air commanders and ground commanders in low air threat environments. This EC-130E ABCCC has since been retired.

The EC-130E Commando Solo was an earlier version of a United States Air Force and Air National Guard psychological operations (PSYOPS) aircraft. This aircraft also employed a C-130E airframe, but was modified by using the mission electronic equipment from the retired EC-121S Coronet Solo aircraft. This airframe served during the first Gulf War (Operation Desert Storm), the second Gulf War (Operation Iraqi Freedom) and in Operation Enduring Freedom. The EC-130E was eventually replaced by the EC-130J Commando Solo and was retired in 2006.

The EC-130J Commando Solo is a modified C-130J Hercules used to conduct psychological operations (PSYOP) and civil affairs broadcast missions in the standard AM, FM, HF, TV, and military communications bands. Missions are flown at the maximum altitudes possible to ensure optimum propagation patterns. The EC-130J flies during either day or night scenarios with equal success, and is air-refuelable. A typical mission consists of a single-ship orbit which is offset from the desired target audience. The targets may be either military or civilian personnel. The Commando Solo is operated exclusively by the Air National Guard, specifically the 193d Special Operations Wing (193 SOW), a unit of the Pennsylvania Air National Guard operationally gained by the Air Force Special Operations Command (AFSOC). The 193 AOW is based at the Harrisburg Air National Guard Base (former Olmstead AFB) at Harrisburg International Airport in Middletown, Pennsylvania.

The United States Navy's EC-130Q Hercules TACAMO ("Take Charge and Move Out") aircraft was a land-based naval aviation platform that served as a SIOP strategic communications link aircraft for the U.S. Navy's Fleet Ballistic Missile (FBM) submarine force and as a backup communications link for the USAF manned strategic bomber and intercontinental ballistic missile forces. To ensure survivability, TACAMO operated as a solo platform, well away from and not interacting with other major naval forces such as sea-based aircraft carrier strike groups and their carrier air wings or land-based maritime patrol aircraft Operated by Fleet Air Reconnaissance Squadron THREE (VQ-3) and Fleet Air Reconnaissance Squadron FOUR (VQ-4), the EC-130Q was eventually replaced by the U.S. Navy's current TACAMO platform, the Boeing 707-based E-6 Mercury.

Stuxnet
Stuxnet is a computer worm discovered in June 2010. It initially spreads via Microsoft Windows, and targets Siemens industrial software and equipment. While it is not the first time that hackers have targeted industrial systems, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.

In May 2011, the PBS program Need To Know cited a statement by Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we – the US and its allies – are doing everything we can to make sure that we complicate matters for them", offering "winking acknowledgement" of US involvement in Stuxnet. According to the British Daily Telegraph, a showreel that was played at a retirement party for the head of the Israel Defense Forces (IDF), Gabi Ashkenazi, included references to Stuxnet as one of his operational successes as the IDF chief of staff.

Suter
Suter is a military computer program developed by BAE Systems that attacks computer networks and communications systems belonging to an enemy. Development of the program has been managed by Big Safari, a secret unit of the United States Air Force. It is specialised to interfere with the computers of integrated air defence systems. Suter was integrated into US unmanned aircraft by L-3 Communications.

Three generations of Suter have been developed. Suter 1 allows its operators to monitor what enemy radar operators can see. Suter 2 lets them take control of the enemy's networks and direct their sensors. Suter 3, tested in Summer 2006, enables the invasion of links to time-critical targets such as battlefield ballistic missile launchers or mobile surface-to-air missile launchers.

The program has been tested with aircraft such as the EC-130, RC-135, and F-16CJ. It has been used in Iraq and Afghanistan since 2006.

U.S. Air Force officials have speculated that a technology similar to Suter was used by the Israeli Air Force to thwart Syrian radars and sneak into their airspace undetected in Operation Orchard on 6 September 2007. The evasion of air defence radar was otherwise unlikely because the F-15s and F-16s used by the IAF were not equipped with stealth technology.

Radio in a Box


Radio is the dominant information tool to reach wide audiences in isolated, mountainous regions. The US military has deployed RIABs throughout Afghanistan in order to communicate with the residents. Due to a 70 percent illiteracy rate and lack of education in Afghanistan, radio is a vital communications tool used to broadcast information where radio ownership exceeds 80 percent. The United States military operates approximately 100 RIABs and hire local Afghan DJs in Afghanistan to broadcast information and host call-in shows. The United States Army employed RIAB systems to broadcast anti-Taliban and anti-Al Qaeda messages and countered Taliban propaganda by pushing onto Taliban frequencies in Paktia Province. One advantage of employing RIAB systems is the ability to broadcast vital information immediately to a large audience in the event of a crisis. One Afghan DJ has 50,000 listeners. Nawa District Governor Abdul Manaf uses the local RIAB station to conduct weekly call-in shows and believes the RIAB system is one of his best communication tools to inform a large audience. In Afghanistan's Paktika province, which has a literacy rate of two percent, an estimated 92 percent of the residents listen to the radio every day. Radio programs transmitted using RIAB systems provide beneficial information to Afghan farmers in remote areas. In the isolated, mountainous Wazi Kwah district of Paktika Province, a RIAB system supplies the only source of outside news. Afghan National Army commanders use the RIAB to communicate to villagers and elders and provide thoughts to the community. Afghans can use information distributed by the United States military such as how to react to an approaching military convoy or purpose or use of U.S.-sponsored agriculture programs. For general news, Afghans can also use other information outlets such as the BBC or VOA because RIAB systems are controlled by the US military. Special Operations first employed RIAB systems in Afghanistan in 2005 which improved their ability to supply information to and communicate with the local population in their areas of operation.

B (SOMS-B)
--The SOMS-B is a ground-based HMMWV mounted radio and television broadcast system. Like the EC-130C/J it can broadcast on AM, FM, SW and VHF television frequencies. The SOMS-B also has the capability to produce programming or radio and television broadcasts
 * Special Operation Media Systems – B (SOMS-B)

Radio Azadi
Radio Aazadi, formerly known as Radio Free Afghanistan (RFA) is the Afghan branch of Radio Free Europe / Radio Liberty's (RFE/RL) broadcast services. It broadcasts 12 hours daily as part of a 24-hour stream of programming in conjunction with Voice of America (VOA). RFA first aired in Afghanistan from 1985 to 1993 and was re-launched in January 2002. RFA produces a variety of cultural, political, and informational programs that are transmitted to listeners via shortwave, satellite and AM and FM signals provided by the International Broadcasting Bureau. RFA's mission is "to promote and sustain democratic values and institutions in Afghanistan by disseminating news, factual information and ideas".

Terrorists (IO from US Perspective)
"Terrorists are adept at integrating their physical acts of violence with IO. They make audio and video recordings of the incidents for distribution over the Internet and on television.  Their violence becomes theater, staged for its psychological impact, and replayed over and over again in the media as IO."
 * "Terrorists employ all the IO capabilities of U.S. military doctrine, including the five core capabilities of PSYOP, military deception, EW, CNO, and OPSEC, and the supporting and related capabilities. They use IO to support both offensive operations (acts of terrorism) and defensive operations (e.g., protecting their hiding places). They use IO strategically in support of broad objectives. While terrorists do not speak and write of "IO", they demonstrate an understanding of the value and methods of IO capabilities. Terrorists appear to be particularly adept at PSYOP, PA, counterpropaganda, and certain forms of OPSEC and deception, driven by their desire to simultaneously reach desired audiences and hide from their enemies. They recognize the value of various media, including the Internet, and exploit it to support their cause. Terrorists and their supporters have a CNO capability, with CNA manifesting itself as "electronic jihad" rather than as acts of terror."

Computer network operations
There are many examples of CNA and are generally done in support of other operations. Terrorists have integrated cyber attacks into their thinking, strategies, and operations as an extremely cost-effective way to harm the US and other adversaries.

The same can be said for CNE, which is about penetrating computer networks before actually attacking them. Gaining access to specific networks is seen to be as part of the CNA process for terrorists (they do not distinguish between the two).

As for CND, terrorists are aware of keeping data secure and websites running because they use the Internet. Hamas and Hizballaha have had to defend their websites from Israeli hackers who in the past have defaced them. The methods they use include access controls, encryption, authentication, firewalls, intrusion detection, anti-viral tools, audits, security management, and security awareness and training.
 * "The Taliban have in recent months waged an intensifying information war with NATO forces in the country, distributing anti-government messages on mobile phone networks and using Twitter to claim largely improbable successes as most foreign combat troops look to leave the country by 2014. A day rarely passes without a Taliban spokesman using Twitter to claim the destruction of numerous NATO armoured vehicles and the deaths of scores of Western or Afghan security forces, with NATO quickly countering in its own Twitter feeds. The Taliban also employ a sophisticated network of spokesmen to distribute messages and even have their own mobile radio broadcast service, which frequently moves location to avoid the threat of retaliatory airstrikes by NATO warplanes."
 * The Taliban HAVE to rely on CNO and integrate it into their IO campaign as it is the most cost-effective method of disrupting Western forces. This is a prime example of how CNO is used in conjunction with PSYOP to achieve their objectives.

Steganography
When one considers that messages could be encrypted steganographically in email messages, particularly e-mail spam, the notion of junk e-mail takes on a whole new light. Coupled with the "chaffing and winnowing" technique, a sender could get messages out and cover their tracks all at once.



Rumors about terrorists using steganography started first in the daily newspaper USA Today on 5 February 2001 in two articles titled "Terrorist instructions hidden online" and "Terror groups hide behind Web encryption". In July the same year, an article was titled even more precisely: "Militants wire Web with links to jihad". A citation from the article: "Lately, al-Qaeda operatives have been sending hundreds of encrypted messages that have been hidden in files on digital photographs on the auction site eBay.com". Other media worldwide cited these rumors many times, especially after the terrorist attack of 9/11, without ever showing proof. The Italian newspaper Corriere della Sera reported that an Al Qaeda cell which had been captured at the Via Quaranta mosque in Milan had pornographic images on their computers, and that these images had been used to hide secret messages (although no other Italian paper ever covered the story). The USA Today articles were written by veteran foreign correspondent Jack Kelley, who in 2004 was fired after allegations emerged that he had fabricated stories and sources.

In October 2001, The New York Times published an article claiming that al-Qaeda had used steganography to encode messages into images, and then transported these via e-mail and possibly via USENET to prepare and execute the 11 September 2001 terrorist attack. The Federal Plan for Cyber Security and Information Assurance Research and Development, published in April 2006 makes the following statements:
 * "...immediate concerns also include the use of cyberspace for covert communications, particularly by terrorists but also by foreign intelligence services; espionage against sensitive but poorly defended data in government and industry systems; subversion by insiders, including vendors and contractors; criminal activity, primarily involving fraud and theft of financial or identity information, by hackers and organized crime groups..." (p. 9–10)
 * "International interest in R&D for steganography technologies and their commercialization and application has exploded in recent years. These technologies pose a potential threat to national security. Because steganography secretly embeds additional, and nearly undetectable, information content in digital products, the potential for covert dissemination of malicious software, mobile code, or information is great." (p. 41–42)
 * "The threat posed by steganography has been documented in numerous intelligence reports." (p. 42)

Moreover, an online "terrorist training manual", the "Technical Mujahid, a Training Manual for Jihadis" contained a section entitled "Covert Communications and Hiding Secrets Inside Images."

By early 2002, a Cranfield University MSc thesis developed the first practical implementation of an online real-time Counter Terrorist Steganography Search Engine. This was designed to detect the most likely image steganography in transit and thereby provide UK Ministry of Defence Intelligence Staff a realistic approach to "narrowing the field", suggesting that interception capacity was never the difficulty but rather prioritising the target media.

Military deception
A police search of a British, al-Qaeda member's home, uncovered what is now called "The al-Qaeda Training Manual", a techniques instruction book on deception, forgery, "blending in", hiding places, and the use of covers to blend into the terrorist area of operation (usually cities with large civilian populations). The philosophy the MILDEC is for the concealment of activities rather than misleading adversaries.

PSYOP
Terrorist PSYOP differs from American PSYOP in one two major areas. First, US PSYOP targets foreign adversaries and information is coordinated with many other agencies and screened before it is published. Second, while PSYOP by US and coalition forces is "designed to bring an end to violence and save lives, terrorist PSYOP is frequently directed toward promoting violence and threatening civilian populations with death and destruction. Suicide bombers are portrayed as martyrs rather than killers of innocent people."

The Internet is the main resource to spread propaganda with al-Aqaeda and other terrorist groups. "According to Bruce Hoffman, before it was taken down, al-Qaeda's website Alneda.com emphasized three themes: 1)the West is implacably hostile to Islam, 2) the only way to address this threat and the only language the West understands is the logic of violence, and 3) jihad is the only option"

Terrorists also like to use the Internet to recruit and persuade children to their cause. As Dorothy Denning has found, "Children are being taught to hate Jews and Westerners, and to take up arms against them [through cartoons and comic-book style web pages, bedtime stories, and computer games]".

OPSEC
All terrorists practice a high level of OPSEC since their need to be secret is how they can be successful. Whether it is the al-Qaeda training manual, online magazines targeted for the world, or the training of youth in Jihad camps, OPSEC is one of the first priorities for terrorists.

Secure communications are big as well. The 11 September hijackers, for example, accessed anonymous Hotmail and Yahoo! accounts from computers at Kinko's and at a public library. Messages are also coded. Three weeks before the attacks, Mohamed Atta reportedly received a coded email message that read: "The semester begins in three more weeks. We've obtained 19 confirmations for studies in the faculty of law, the faculty of urban planning, the faculty of fine arts, and the faculty of engineering." The faculties referred to the four targets (twin towers, Pentagon, and Capitol).

The list of methods goes on and on and is very similar to the methods used in organized crime around the world.

Criticism

 * In 2011, Lt. Col. Michael Holmes, a member of the Army's 71st TIOG serving on the NATO Training Mission-Afghanistan staff, communicated alleged use of illegal PSYOP on visiting U.S. dignitaries, claiming such orders originated from Lt. Gen. William Caldwell.  Among the alleged targets were American Senators John McCain and Carl Levin, government ministers, and European diplomats. Holmes' disclosure resulted in several news articles, most notably a Rolling Stone article titled, "Another Runaway General: Army Deploys Psy-Ops on U.S. Senators" authored by Michael Hastings who recently earned fame for his reporting on General Stanley McChrystal the previous year. Hastings' article "The Run Away General" ultimately led to McChrystal's firing by President Obama. Media reports stated that the Holmes' IO unit was subjected to a retaliatory campaign when it resisted the order to influence the targets, including a subsequent reprimand against Lt. Col. Holmes. Army investigators ultimately determined Holme's claims of illegal psychological operations were "not substantiated."
 * "In [stability, reconstruction, and COIN operations], the most important targets of influence are not enemy commanders, but individuals and groups, both local and international, whose cooperation is vital to the mission's success. Granted, joint and Army IO doctrine publications do not ignore these targets – PSYOP and counterpropaganda can be designed to influence them.  But it is notable that the activities most directly aimed at influencing local and international audiences – functions such as public affairs, civil affairs, CMOs, and defense support to public diplomacy – are treated only as 'related activities' in IO doctrine, if they are mentioned at all"
 * "There must be a fundamental change of culture in how ISAF approaches operations. StratCom should not be a separate Line of Operation, but rather an integral and fully embedded part of policy development, planning processes, and the execution of operations. Analyzing and maximizing StratCom effects must be central to the formulation of schemes of maneuver and during the execution of operations. In order to affect this paradigm shift, ISAF HQ must synchronize all stratCom stakeholders. Implicit in this change of culture is the clear recognition that modern strategic communication is about credible dialogue, not a monologue where we design our systems and resources to deliver messages to target audiences in the most effective manner. This is now a population centric campaign and no effort should be spared to ensure that the Afghan people are part of the conversation. Receiving, understanding, and amending behavior as a result of messages received from audiences can be an effective method of gaining genuine trust and credibility. This would improve the likelihood of the population accepting ISAF messages and changing their behavior as a result."