Department of Defense Cyber Crime Center

DoD Cyber Crime Center
Agency overview
Formed	1998
Headquarters	Linthicum, Maryland
Parent agency	Department of Defense
Website	www.dc3.mil

Last updated March 03, 2024

The Department of Defense Cyber Crime Center (DC3) is designated as a Federal Cyber Center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23,^[1] as a Department of Defense (DoD) Center Of Excellence for Digital and Multimedia (D/MM) forensics by DoD Directive 5505.13E,^[2] and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program.^[3] DC3 operates as a Field Operating Agency (FOA) under the Inspector General of the Department of the Air Force.^[4]

Mission

Deliver superior digital and multimedia forensic services, cyber technical training, vulnerability sharing, technical solutions development, and cyber analysis within the following DoD mission areas: cybersecurity and critical infrastructure protection, law enforcement and counterintelligence, document and media exploitation, and counterterrorism.^[4]^[5]

Cyber Forensics Laboratory

The Cyber Forensics Laboratory performs Digital and Multimedia (D/MM) forensic examinations, repairs damaged devices and extracts otherwise inaccessible data from them, and provides expert testimony in legal proceedings for DC3 customers. The lab's robust intrusion and malware analysis capability supports law enforcement, counterintelligence, and Defense Industrial Base activities and operations. The CFL also works with the Defense Cyber Operations Panel (which consists of Defense Criminal Investigative Organizations and Military Department Counterintelligence Organizations) to develop requirements and set standards for digital investigations as new technologies emerge and evolve. The CFL is an accredited lab under ISO 17025 by the ANSI National Accreditation Board, and its operations are subject to strict quality control and peer review. The CFL produces results which are valid and reliable, based on conditions and methods which are repeatable.

Digital and Multimedia (D/MM) forensic examinations
Device Repair
Data Extraction
Expert Testimony for DC3 Customers

^[6]^[7]

Cyber Training Academy

The DoD Cyber Crime Center – Cyber Training Academy has been actively engaged in its mission since 1998, working towards providing top-notch cyber training for Department of Defense (DoD) personnel. Over the years, the academy has played a crucial role in training various defense entities, including Defense Criminal Investigative Organizations (DCIOs), Military Department Counterintelligence Organizations, Cyber Mission Forces (CMFs), Cyber Protection Teams (CPTs), Mission Defense Teams (MDTs), and others within the broader DoD enterprise. "The CTA offers more than 30 unique courses of classroom, online, and Instructor-Led Virtual (ILV) cyber training to both individuals and organizations within the DoD charged with protecting defense information systems from unauthorized use, criminal and fraudulent activities, and foreign intelligence/counterintelligence efforts." —CTA^[8]

Technical Solutions Development

Technical Solutions Development (TSD) tailors innovative software and system solutions engineered to the specific requirements of digital forensic examiners and cyber intrusion analysts. TSD validates digital forensic tools from commercial off-the-shelf, government off-the-shelf, and open-source domains to ensure relevancy and reproducibility as to expected use. In coordination with its cooperative partners, TSD:

Leads the way by proactively identifying, researching and evaluating relevant new technologies, techniques and tools
Actively participates in the development of industry standards, including Structured Threat Information eXpression (STIX) and Cyber-investigation Analysis Standard Expression (CASE)
Shares in-house-developed tools with federal, state, and local law enforcement partners
Maintains the Counterintelligence Tool Repository (CITR), a warehouse of classified and unclassified tools that support digital forensics and counterintelligence needs.^[9]

DIB Cybersecurity

DoD-Defense Industrial Base Collaborative Information Sharing Environment (DCISE)—DCISE is the operational hub of the Defense Industrial Base (DIB) Cybersecurity Program of the Department of Defense, focused on protecting intellectual property and safeguarding DoD content residing on, or transiting through, contractor unclassified networks. The public-private cybersecurity partnership provides a collaborative environment for crowd-sourced threat sharing at both unclassified and classified levels. DCISE provides cyber resilience analyses for Cleared Defense Contractor (CDC) companies and offers unmatched Cybersecurity-as-a-Service capabilities. DCISE performs cyber threat analysis and diagnostics, offers mitigation and remediation strategies, provides best practices, and conducts analyst-to-analyst exchanges with DIB participants ranging in size from small to enterprise-sized companies.^[10]

Operations Enablement

Operations Enablement Directorate (OED) The mission and principal focus of the OED is to amplify the effects of DoD-wide law enforcement and counterintelligence (LE/CI) investigations and operations, and by extension, the effects of the U.S. Intelligence Community at large. That charge encompasses:

Conducting expert technical and all-source analysis (resulting in more than 493 products released in FY21) focused on countering foreign intelligence threats to DoD and the U.S. government as a whole
Integrating disparate and emerging technologies to enhance collaboration, interoperability, and the collective capabilities of DoD and Federal LE/CI, cybersecurity, and acquisition communities
Providing focused oversight and integration with the LE/CI and intelligence communities through liaison officers and embeds with:
- Air Force Life Cycle Management Center (AFLCMC)
- Army Military Intelligence
- U.S. Cyber Command
- Defense Counterintelligence and Security Agency (DCSA)
- FBI
- National Cyber Investigative Task Force (NCIJTF)^[11]

Vulnerability Disclosure

The mission of the DoD VDP is to function as the single focal point for receiving vulnerability reports and interacting with crowd-sourced cybersecurity researchers supporting the DoDIN.1 This improves network defenses and enhances mission assurance by embracing a previously overlooked, yet indispensable, resource: private-sector white hat researchers. In January 2021, the DoD VDP scope was officially expanded from public-facing websites to all publicly accessible information systems throughout the DoD. This broadens the protection for the DoD attack surface and offers a safe harbor for researchers while providing more asset and technology security. The success of the program relies solely on the expertise and support of the security researcher community, and the program's success contributes to the overall security of the DoD.^[12]

Related Research Articles

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

<span class="mw-page-title-main">Naval Criminal Investigative Service</span> Law enforcement agency of the U.S. Navy and Marine Corps

The United States Naval Criminal Investigative Service (NCIS) is the primary investigative law enforcement agency of the U.S. Department of the Navy. Its primary function is to investigate major criminal activities involving the Navy and Marine Corps, though its broad mandate includes national security, counterintelligence, counterterrorism, cyberwarfare, and the protection of U.S. naval assets worldwide. NCIS is the successor organization to the former Naval Investigative Service (NIS), which was established by the Office of Naval Intelligence after the Second World War.

The Air Force Office of Special Investigations is a U.S. federal law enforcement agency that reports directly to the Secretary of the Air Force. OSI is also a U.S. Air Force field operating agency under the administrative guidance and oversight of the Inspector General of the Department of the Air Force. By federal statute, OSI provides independent criminal investigative, counterintelligence and protective service operations worldwide and outside of the traditional military chain of command. Proactively, OSI identifies, investigates, and neutralizes serious criminal, terrorist, and espionage threats to personnel and resources of the Air Force, Space Force, and the U.S. Department of Defense, thereby protecting the national security of the United States.

The Defense Criminal Investigative Service (DCIS) is the criminal investigative arm of the Office of Inspector General, U.S. Department of Defense. DCIS protects military personnel by investigating cases of fraud, bribery, and corruption; preventing the illegal transfer of sensitive defense technologies to proscribed nations and criminal elements; investigating companies that use defective, substandard, or counterfeit parts in weapon systems and equipment utilized by the military; and stopping cyber crimes and computer intrusions.

<span class="mw-page-title-main">Defense Counterintelligence and Security Agency</span> Agency in the U.S. Department of Defense

The Defense Counterintelligence and Security Agency (DCSA) is a federal security and defense agency of the United States Department of Defense (DoD) that reports to the Under Secretary of Defense for Intelligence. DCSA is the largest counterintelligence and security agency in the federal government and is responsible for providing personnel vetting, critical technology protection, counterintelligence, training, education and certification. DCSA services over 100 federal entities, oversees 10,000 cleared companies, and conducts approximately 2 million background investigations each year.

<span class="mw-page-title-main">Federal Law Enforcement Training Centers</span> U.S. government agency

The Federal Law Enforcement Training Centers serves as an interagency law enforcement training body for 105 United States government federal law enforcement agencies. The stated mission of FLETC is to "...train those who protect our homeland". Through the Rural Policing Institute (RPI) and the Office of State and Local Training, it provides tuition-free and low-cost training to state, local, campus and tribal law enforcement agencies.

The Australian Intelligence Community (AIC) and the National Intelligence Community (NIC) or National Security Community of the Australian Government are the collectives of statutory intelligence agencies, policy departments, and other government agencies concerned with protecting and advancing the national security and national interests of the Commonwealth of Australia. The intelligence and security agencies of the Australian Government have evolved since the Second World War and the Cold War and saw transformation and expansion during the Global War on Terrorism with military deployments in Afghanistan, Iraq and against ISIS in Syria. Key international and national security issues for the Australian Intelligence Community include terrorism and violent extremism, cybersecurity, transnational crime, the rise of China, and Pacific regional security.

The Federal Criminal Police Office of Germany is the federal investigative police agency of Germany, directly subordinated to the Federal Ministry of the Interior. It is headquartered in Wiesbaden, Hesse, and maintains major branch offices in Berlin and Meckenheim near Bonn. It has been headed by Holger Münch since December 2014.

The Office of Intelligence and Counterintelligence (OICI), also abbreviated IN, DOE-IN, DOE/IN, I&CI, or OIC, was established in 2006 by the merger of pre-existing Energy Department intelligence and security organizations. It is an office of the United States Department of Energy (DOE) responsible for all intelligence and counterintelligence activities throughout the DOE complex; due to this central role, OICI is designated DOE's Headquarters Intelligence. As a component of the United States Intelligence Community in addition to the Department of Energy, OICI reports to both the Director of National Intelligence and Secretary of Energy.

The Department of the Army Criminal Investigation Division (CID), previously known as the United States Army Criminal Investigation Command (USACIDC) is the primary federal law enforcement agency of the United States Department of the Army. Its primary function is to investigate felony crimes and serious violations of military law & the United States Code within the US Army. The division is an independent federal law enforcement agency with investigative autonomy; CID special agents, both military and civilian, report through the CID chain of command to the CID Director, who reports directly to the Under Secretary of the Army and the Secretary of the Army. Unlike their counterparts at OSI and NCIS, Army CID does not have primary counterintelligence responsibilities.

The 1st Information Operations Command (Land), formerly the Land Information Warfare Activity Information Dominance Center (LIWA/IDC), is an information operations unit under the operational control of U.S. Army Cyber Command (ARCYBER) and headquartered at Fort Belvoir, Virginia.

The Pentagon Police Division (PPD) is the uniformed division of the Pentagon Force Protection Agency (PFPA).

Howard Anthony Schmidt was a partner with Tom Ridge in Ridge Schmidt Cyber LLC, a consultancy company in the field of cybersecurity. He was the Cyber-Security Coordinator of the Obama Administration, operating in the Executive Office of the President of the United States. He announced his retirement from that position on May 17, 2012, effective at the end of the month.

The United States Marine Corps Criminal Investigation Division is a federal law enforcement agency that investigates crimes against people and property within the United States Marine Corps.

<span class="mw-page-title-main">Gordon M. Snow</span>

Gordon M. Snow was an Assistant Director of the FBI over the Cyber Division through 2012, the FBI Director of Counterintelligence for the Middle East in 2001, and currently directs Global Security Operations for Cleveland Clinic.

Eoghan Casey is a digital forensics professional, researcher, and author. Casey has conducted a wide range of digital investigations, including data breaches, fraud, violent crimes, identity theft, and on-line criminal activity. He is also a member of the Digital/Multimedia Scientific Area Committee of the Organization for Scientific Area Committees. He helps organize the digital forensic research DFRWS.org conferences each year, and is on the DFRWS Board of Directors. He has a B.S. in Mechanical Engineering from the University of California, Berkeley, an M.A. in Educational Communication and Technology from New York University, and a Ph.D. in Computer Science from University College Dublin.

United States Army Counterintelligence (ACI) is the component of United States Army Military Intelligence which conducts counterintelligence activities to detect, identify, assess, counter, exploit and/or neutralize adversarial, foreign intelligence services, international terrorist organizations, and insider threats to the United States Army and U.S. Department of Defense (DoD).

The Criminal, Cyber, Response, and Services Branch (CCRSB) is a service within the Federal Bureau of Investigation (FBI). The CCRSB is responsible for investigating financial crime, white-collar crime, violent crime, organized crime, public corruption, violations of individual civil rights, and drug-related crime. In addition, the Branch also oversees all computer-based crime related to counterterrorism, counterintelligence, and criminal threats against the United States.

Sean M. Joyce was the 14th Deputy Director of the Federal Bureau of Investigation.

The following outline is provided as an overview of and topical guide to computer security:

References

↑ "DoD Computer Forensics Laboratory and Training Program". defense.gov. Archived from the original on 19 December 2014.
↑ "Archived copy" (PDF). Archived from the original (PDF) on 26 October 2011. Retrieved 30 June 2015.{{cite web}}: CS1 maint: archived copy as title (link)
↑ "32 CFR 236 - DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES". gpo.gov.
1 2 "About DC3 < Defense Cyber Crime Center (DC3)". Archived from the original on 6 February 2015. Retrieved 29 June 2015.
↑ "Department of Defense Cyber Crime Center (DC3) > About DC3 > DC3 Leadership > Mission and Vision".
↑ "ASCLD/LAB - American Society of Crime Laboratory Directors / Laboratory Accreditation Board". ascld-lab.org.
↑ "CFL Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.
↑ "CTA Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.
↑ "TSD Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.
↑ "DCISE Overview". Defense Cyber Crime Center (DC3). Retrieved 11 October 2022.
↑ "OED Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.
↑ "VDP Overview". Defense Cyber Crime Center (DC3).

"Cybersecurity Policy" (PDF). Federation of American Scientists (FAS). National Security Presidential Directive (NSPD), Homeland Security Presidential Directive (HSPD). 8 January 2008. p. 15. NSPD-54, HSPD-23.

External links

DC3 Official webpage

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "DoD Computer Forensics Laboratory and Training Program". defense.gov. Archived from the original on 19 December 2014.

[2] "Archived copy" (PDF). Archived from the original (PDF) on 26 October 2011. Retrieved 30 June 2015.{{cite web}}: CS1 maint: archived copy as title (link)

[3] "32 CFR 236 - DEPARTMENT OF DEFENSE (DOD)-DEFENSE INDUSTRIAL BASE (DIB) VOLUNTARY CYBER SECURITY AND INFORMATION ASSURANCE (CS/IA) ACTIVITIES". gpo.gov.

[dc3.mil-4] 1 2 "About DC3 < Defense Cyber Crime Center (DC3)". Archived from the original on 6 February 2015. Retrieved 29 June 2015.

[5] "Department of Defense Cyber Crime Center (DC3) > About DC3 > DC3 Leadership > Mission and Vision".

[6] "ASCLD/LAB - American Society of Crime Laboratory Directors / Laboratory Accreditation Board". ascld-lab.org.

[7] "CFL Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.

[8] "CTA Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.

[9] "TSD Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.

[10] "DCISE Overview". Defense Cyber Crime Center (DC3). Retrieved 11 October 2022.

[11] "OED Overview". Defense Cyber Crime Center (DC3). Archived from the original on 21 March 2023. Retrieved 11 October 2022.

[12] "VDP Overview". Defense Cyber Crime Center (DC3).

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]