United States Army. Criminal Investigation Command. Hunting The Hackers CCIU Detectives Deliver Digital Justice

Similar documents
Federal Bureau of Investigation (FBI)

The FBI s Field Intelligence Groups and Police

UNCLASSIFIED. UNCLASSIFIED Air Force Page 1 of 7 R-1 Line #198

UNCLASSIFIED. UNCLASSIFIED Air Force Page 1 of 5 R-1 Line #199

United States Army. Criminal Investigation Command. I ll raise you two 4-stars! Army Senior Leader s Recognize NCO Special Agent

systemic issues are documented and incorporated into the training schedules.

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Ministry of Internal Affairs

Directive on United States Nationals Taken Hostage Abroad and Personnel Recovery Efforts June 24, 2015

Department of Defense INSTRUCTION

Chapter 17: Foreign Policy and National Defense Section 2

North Carolina Information Sharing and Analysis Center NCISAAC

NCRIC ALPR FAQs. Page: FAQ:

NIAGARA FALLS POLICE DEPARTMENT GENERAL ORDER

UNCLASSIFIED. Cost To Complete Total Program Element : TECH SURVEIL COUNTER MEAS EQPT. FY 2016 Base FY 2016 OCO

Department of Defense DIRECTIVE. DoD Executive Agent (EA) for the DoD Cyber Crime Center (DC3)

Subj: DEPARTMENT OF THE NAVY CYBERSECURITY/INFORMATION ASSURANCE WORKFORCE MANAGEMENT, OVERSIGHT, AND COMPLIANCE

Commonwealth of Kentucky NASCIO Recognition Awards Nomination Category: Government to Government. Kentucky ewarrants

Department of Defense INSTRUCTION

Cleveland Police Deployment

Crime Gun Intelligence Disrupting the Shooting Cycle

Cyber Attack: The Department Of Defense s Inability To Provide Cyber Indications And Warning

Cybersecurity United States National Security Strategy President Barack Obama

BERKELEY POLICE DEPARTMENT. ISSUE DATE: September 18, 2012 GENERAL ORDER N-17

December 21, 2004 NATIONAL SECURITY PRESIDENTIAL DIRECTIVE NSPD-41 HOMELAND SECURITY PRESIDENTIAL DIRECTIVE HSPD-13

SIA PROPRIETARY NOTE: All speaker comments are off-therecord and not for public release

National Intellectual Property Rights Squad: ASA ANNUAL CONFERENCE

EXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES

DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON, DC

BERKELEY POLICE DEPARTMENT. ISSUE DATE: November 9, 2016 GENERAL ORDER N-17

Statement of FBI Executive Assistant Director for Intelligence Maureen A. Baginski. Before the House Permanent Select Committee on Intelligence

GENERAL ORDER DISTRICT OF COLUMBIA I. BACKGROUND

EXCERPT FROM THE FOLLOWING: CALIFORNIA PENAL CODE SECTION 297 ARTICLE 3. DATABASE APPLICATIONS

Planning Terrorism Counteraction ANTITERRORISM

EXECUTIVE ORDER

POLICE LOGISTICS SERGEANT

2011 MAR 31 AM 10: 5-' CIT Y SEC RE TA t< 'r DALLAS. TE XAS

PISMO BEACH COUNCIL AGENDA REPORT

file:///s:/web FOLDER/New Web/062602berger.htm TESTIMONY Statement of Chief Bill Berger

National Security Agency

UNCLASSIFIED. Cost To Complete Total Program Element : TECH SURVEIL COUNTER MEAS EQPT. FY 2016 Base FY 2016 OCO

Alcoa Police Department General Order Type/Action:

UNDER SECRETARY OF DEFENSE 4000 DEFENSE PENTAGON WASHINGTON, D.C

GIS Coordinator U.S. Department of Homeland Security FEMA Region X. Technical Services Branch Chief FEMA ERT-N Red Team

Signature: Signed by GNT Date Signed: 1/21/2014

DEPARTMENT OF THE NAVY CYBERSPACE INFORMATION TECHNOLOGY AND CYBERSECURITY WORKFORCE MANAGEMENT AND QUALIFICATION

TECHNICAL SUPPORT WORKING GROUP. Perry Pederson Infrastructure Protection Subgroup

AFOSI CYBER THREAT PURSUIT: THE AIR FORCE S OUTSIDE THE BOX RESPONSE TO CYBER EXPLOITATION

WILLIAM E. CONRAD November 15, 2010

Department of Defense DIRECTIVE

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

Subj: MARINE CORPS POLICY ON ORGANIZING, TRAINING, AND EQUIPPING FOR OPERATIONS IN AN IMPROVISED EXPLOSIVE DEVICE (IED) ENVIRONMENT

Marine Security Guards

Federal Law Enforcement

Coast Guard Cyber Command. Driving Mission Execution CAPT John Felker Deputy Commander, CGCYBERCOM August 2011

Department of Defense DIRECTIVE

Police Department. Organization. Mission Statement. Police Department Function & Structure

FINGERPRINT IDENTIFICATION EXPERT, 1157 PRINCIPAL FINGERPRINT IDENTIFICATION EXPERT, 1158

dektor RESUME OF MICHAEL PETER KRADZ COUNTERINTELLIGENCE AND SECURITY, INC.

U.S. Department of Justice United States Attorney Eastern District of Virginia 2100 Jamieson Avenue (703) Alexandria, Virginia NOTICE

SHERIFF S OFFICE OF HIGHLANDS COUNTY

Statement of. Michael P. Downing Assistant Commanding Officer Counter-Terrorism/Criminal Intelligence Bureau Los Angeles Police Department.

Prepared Remarks for the Honorable Richard V. Spencer Secretary of the Navy Defense Science Board Arlington, VA 01 November 2017

Daniel Michael Jennings (702)

GREGORY A. SCOVEL. Work Experience Bent Creek Terrace Leesburg, VA (703)

SECRETARY OF THE ARMY WASHINGTON

By 2020, light-emitting diodes will reduce worldwide electrical consumption by 1,400 terawatt-hours annually.

Department of Defense INSTRUCTION

JAN ceo B 6

INTELLIGENCE COMMUNITY DIRECTIVE NUMBER 304

The Criminal Justice Information System at the Department of Public Safety and the Texas Department of Criminal Justice. May 2016 Report No.

DEPUTY SECRETARY OF DEFENSE 1010 DEFENSE PENTAGON WASHINGTON, DC

UNCLASSIFIED. UNCLASSIFIED Army Page 1 of 7 R-1 Line #9

Submitted by: Alison Bernstein, Chairperson, Police Review Commission

Updates on the Special Victims Counsel/Victims Legal Counsel Program 10:30 a.m. 12:00 p.m.

Wise County Job Description

Santa Ana Police Department

National Insider Threat Special Interest Group (NITSIG)

December 17, 2003 Homeland Security Presidential Directive/Hspd-8

Helmholtz-Inkubator INFORMATION & DATA SCIENCE

Capital Offence June www orld.com.cbrnew

Department of Defense INSTRUCTION

Collateral Misconduct and Unsubstantiated Reports Issue DOD/JCS USARMY USAF USNAV USMC USCG

Judicial Proceedings Panel 14 November 2014 Speaker Biographies

HIPAA Notice of Privacy Practices DFD Russell Medical Center Effective April 14, 2003 Updated April 10, 2013

Virginia Commonwealth University Police Department

Department of Defense INSTRUCTION

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release January 17, January 17, 2014

To be prepared for war is one of the most effectual means of preserving peace.

Fdle Evidence Submission Manual 2013

National Response Plan ESF #13 Public Safety and Security Annex & Terrorism Incident Law Enforcement and Investigation Annex

Applicable To: Division and section commanders, Homicide Unit sworn employees. Signature: Signed by GNT Date Signed: 2/18/2014

P.O. Box 5735, Arlington, Virginia Tel: (Fax)

JFHQ DODIN Update. The overall classification of this briefing is: UNCLASSIFIED Lt Col Patrick Daniel JFHQ-DODIN J5 As of: 21 April 2016 UNCLASSIFIED

Church Safety and Security

No February Criminal Justice Information Reporting

DOD INSTRUCTION REGISTERED SEX OFFENDER (RSO) MANAGEMENT IN DOD

National Security Law: Up Close and Personal, An Introduction

19 Nov 13. Information Paper

DOD INSTRUCTION ARMED FORCES MEDICAL EXAMINER SYSTEM (AFMES) OPERATIONS

Transcription:

United States Army Criminal Investigation Command Media contact: 571-305-4041 FOR IMMEDIATE RELEASE Hunting The Hackers CCIU Detectives Deliver Digital Justice By Colby Hauser CID Public Affairs QUANTICO, VA, Jan 7, 2013 No other environment within the modern era has evolved as rapidly and as exponentially as the Internet. Traversing this virtual jungle, a global community of users takes advantage of almost unlimited access to news, information and services by the simple click of a mouse or a tap on a Smartphone. In today s digital age time waits for no one, unfortunately neither does crime. Throughout the world legions of cyber predators hunt, stalk, plot, and attack unsuspecting systems, networks and users in an effort to advance their criminal enterprise. And yet another apex predator inhabits this world, the U.S. Army CID s Computer Crimes Investigative Unit (CCIU), turning the tables on those would-be predators to where the hunters now have become the hunted. CCIU is the U.S. Army s sole entity for conducting worldwide criminal investigations of computer intrusions and related national security threats affecting U.S. Army computers, networks, data and personnel, said Special Agent Daniel Andrews, the director of CCIU. Intruders range from non-malicious hackers to those intent upon disrupting a network or website, to foreign intelligence probes, so that makes our mission extremely important not just for CID, but the United States Army. Dependency on computer technology has saturated almost every aspect of our lives, both within the Army and the civilian world, so the opportunity for cyber crime will only continue to increase, he added. Just up the road from the FBI National Academy on Marine Corpes Base Quantico, Virginia, and within the labyrinth of the Defense Department s Russell-Knox Building,

2-2-2 CCIU lays the command and control of the Army s digital detectives. As the sole entity for conducting criminal investigations involving Army computer networks, CCIU maintains a constant watch and a continuous presence over the Army s digital footprint. Our investigations have led to arrests of Soldiers, civilians and foreign nationals throughout the world who were engaged in cybercrime directed at the U.S. Army, Andrews said. Regardless of where a crime is committed or the judicial venue in which it s prosecuted, if you commit a crime against the Army, we will find you and bring you to justice. With personnel assigned to subordinate field elements at various domestic and overseas locations, the special agents, attorneys and information technology professionals of CCIU are tasked with a very challenging and growing mission. Army CID recognized the expanding role of computers in criminal activities and investigations, and provisionally established CCIU as the Computer Crime Investigative Team in January of 1998. Prior to this, only a single forensic examiner at the U.S. Army Criminal Investigation Laboratory (USACIL), was dedicated to investigating computer crime. Andrews explained that the CCIU was originally created out of the Field Investigative Unit (FIU), a specialized unit within CID that investigates classified and special access programs, and given the primary responsibility for investigating intrusions into U.S. Army computer networks. In November of 1999 we separated from FIU, becoming a subordinate element of the 701st Military Police Group (CID), Andrews said. In January 2000, CCIU was officially established as a criminal investigative unit within CID. Because investigations of this nature require a specialized level of computer expertise, CCIU is comprised of civilian Special Agents, many of whom served in uniform as CID Special Agents, before specializing in computer crimes and cyber security. There is always a digital evidence component to every investigation we do, said Special Agent Edward Labarge, a former Marine CID special agent, now an agent with CCIU. That number has increased significantly over the last couple of years as advances in both hardware and software are exploited and employed by those people who would target the Army. This fact has greatly impacted conventional CID investigations as well. Answering this call, training opportunities exist for active duty CID special agents, such as the Digital Forensic Examiner (DFE) program that serves as an outstanding bridge to becoming a CCIU special agent. The program covers a myriad of different tactics and techniques specific to processing digital evidence for law enforcement purposes.

3-3-3 CCIU Labarge said although all CCIU special agents are qualified to serve as a DFE, that mission is primarily performed by CCIU s Digital Forensic Research Branch (DFRB). When we execute a warrant, we routinely collect lots of digital evidence such as hard drives, digital images of servers, but we turn that over to the DFRB so we can focus on the actual criminal investigation, he said. Agents assigned to CCIU receive advanced computer training from the Defense Cyber Investigations Training Academy, the Federal Law Enforcement Training Center and from other technical experts. CCIU Special Agents also use their specialized knowledge of information technology to provide guidance to other CID Special Agents who conduct investigations involving computers and other electronic media. Since its creation, CCIU has been a key element in the successful prosecution of numerous computer intrusion matters and has been recognized around the globe. A recent example of the far-reaching digital arm of CCIU involved a suspected Romanian hacker who attempted to illegally gain access to both the U.S. Army and NASA computer networks. Andrews explained that although CCIU was unsuccessful in getting the case prosecuted in the U.S., CCIU continued to press on with the investigation and joined forces with their international law enforcement partners. Not only did we stop this individual from gaining access, but we were able to successfully prosecute him in Romania, he said. Just because a person commits the crime overseas doesn t mean that our investigation stops or that justice won t be carried out. We simply adapt to ensure that in the end, justice is served. With quite an impressive track record, CCIU, as well as Special Agents and alumni, have been honored for their expertise and development of technological products in the realm of cyber security. CCIU is one of the best outfits working in cyber law enforcement today, said Howard Schmidt, a former Special Assistant to the President of the United States and Cyber Security Coordinator. Schmidt, a retired CID Special Agent, was appointed by President Obama to head cyber security for the White House while serving at CCIU. Without my time in CID and government service, I don t know if I would have had the insight and depth of understanding of government and how it relates to cyber security, Schmidt said. I think that staying involved in those communities helped tremendously. Regarding technological products developed at CCIU, the Rapid Extraction and Analysis Program or REAP software has been worth its weight in gold. Time, manpower and a global mission, often prevents agents from physically responding to every cyber incident and CCIU needed a solution to help. The REAP program was that solution. The REAP program allows our agents to conduct a virtual autopsy on hacked systems and extract digital evidence so we can track down those responsible and bring them to

4-4-4 CCIU justice, Andrews said. This allows our special agents to adapt to any given situation during the course of an investigation. The program was developed in-house, at no cost to the government, and allowed non- CCIU personnel to deploy the program across various Army computer platforms. Once deployed, the program preserves collected digital evidence in an automated manner following computer intrusions, expedites critical threat information to network defenders, and analyzes malicious software. Currently, the REAP program is deployed with the Army s Computer Emergency Response Team (ACERT) and all of the Regional Computer Emergency Response Teams (RCERT). Andrews said as a testament to REAP s effectiveness, the interagency Technical Support Working Group has funded the program for further development as Government Off-The-Shelf software that can be freely shared with any federal agency. Looking towards the future, CCIU continues to do what has to be done, and encourages their fellow special agents to be mindful of the digital battleground. As the Army continues to move forward by incorporating technology into all aspects of operations, they will become a target of opportunity for cyber criminals, Andrews said. But we will be here to stop them, dead in their tracks. For more information on Army CID visit www.cid.army.mil -30- Embedded Photos attached

5-5-5 CCIU Special Agent Edward Labarge, an agent with the Computer Crimes Investigative Unit (CCIU) at Quantico, VA, conducts investigative research into a suspected network populated by computer hackers intent on illegally accessing a restricted Army network. (U.S. Army photo by Colby T. Hauser, CID PAO)

6-6-6 CCIU Mr. Mark Johnson, a digital forensic examiner with the Computer Crimes Investigative Unit (CCIU) at Quantico, VA, pulls digital information off of a confiscated hard drive for further examination. (U.S. Army photo by Colby T. Hauser, CID PAO) For more information on Army CID visit www.cid.army.mil -30-

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback