What are TTP
TTP or Tactics, Techniques, & Procedures are the essential activity required for operations. Each activity is defined in the following manner.
- Tactics is the employment and ordered arrangement of forces in relation to each other. Joint doctrine focuses this term on planning and executing battles, engagements, and activities at the tactical level to achieve military objectives assigned to tactical units or task forces.
- Techniques are the non-prescriptive ways or methods used to perform missions, functions, or tasks.
- Procedures are the standard, detailed steps that prescribe how to perform specific tasks.
Although, utilizing TTP does not guarantee success in operations, utilizing TTP does improve operational effectiveness. The perspective taken on TTP analysis on this site is based on the fundamental ideas presented within CJCSI 5120.02B and the JP 3 series.
The following activities when employed utilizing TTP can create catastrophic effects on Information and Information Systems.
- Destroy Destroy is to damage a information system so badly that it cannot perform any function or be restored to a usable condition without being entirely rebuilt. Destruction is most often the use of lethal and nonlethal means to physically render opposition information useless or INFOSYS ineffective unless reconstituted. It is most effective when timed to occur just before adversaries need to execute a C2 function or when focused on a resource-intensive target that is hard to reconstitute.
- Disrupt Disrupt is a tactical operational task in which a Cyber Attacker integrates direct and indirect attacks, and obstruction to upset an opposition’s operation and interrupt his timetable. It means breaking or interrupting the flow of information between selected C2 nodes. It may be desired when attack resources are limited, to comply with rules of engagement, or to create certain effects.
- Degrade Degrade, in Cyber Operations, is using nonlethal or temporary means to reduce the effectiveness or efficiency of oppositions command and control systems, and information collection efforts or means. Offensive Cyber Operation can also reduce the target’s worth or value, or reduce the quality of opposition’s decisions and actions.
- Deny Deny, in Cyber Operations, entails withholding information about a Cyber Attacker’s capabilities and intentions that adversaries need for effective and timely decision making. Effective denial leaves opponents vulnerable to offensive capabilities. OPSEC is the primary nonlethal means of denial. It applies throughout the spectrum of cyber conflict.
- Deceive Deceive is to cause a person to believe what is not true. In Cyber Operations deception seeks to mislead opposition decision makers by manipulating their understanding of reality. Successful deception causes them to believe what is not true.
- Exploit Exploit, in Cyber Operations, is to gain access to adversary information systems to collect information or to plant false or misleading information.
- Influence Influence is to cause adversaries or others to behave in a manner favorable to ones cause. It results from applying perception management to affect the target’s emotions, motives, and reasoning. Perception management also seeks to influence the target’s perceptions, plans, actions, and will to oppose friendly forces. Targets may include those who want to support opposition friendly force missions or not resist friendly force activities. Perception management achieves the influence effect by conveying or denying selected information to targets.