Joint Task Force-Computer Network Operations

The Joint Task Force–Computer Network Operations (JTF-CNO) (formerly the Joint Task Force–Computer Network Defense) is the primary Department of Defense entity for coordinating and directing internal activities to detect computer-based attacks, contain damage, and restore computer functionality when disruptions occur. The unit was established in 1998 to serve as one organization with overall authority for directing defensive actions against computer-based attacks across the entire Department. As such, JTF-CNO is supported by the Departments of the Army, Navy, and Air Force and the Marine Corps computer emergency-response teams and other Defense components.

In April 2001, the JTF-CNO’s scope of responsibility was expanded to include a new operational mission: computer network attack. In addition to expanding mission responsibilities, the JTF-CNO is growing in size and depth to better meet increased network defense responsibilities. The JTF-CNO expansion significantly increases its ability to perform the following:

(1) preventive activities, such as conducting security reviews and issuing vulnerability alerts; (2) coordination and monitoring detection activities performed by components, including monitoring automated intrusion-detection systems; (3) investigative and diagnostic activities; and (4) event handling and response activities, which involve disseminating information and providing technical assistance to system administrators so that they can appropriately respond to cyberattacks.

JTF-CNO maintains a close relationship with the CERT/CC, the NIPC, and FedCIRC by participating in joint technical exchanges, working groups, and countermeasure development teams.