This computer system is strictly reserved for authorized DOD use. Any misuse could lead to disciplinary actions and the suspension or cancellation of access privileges.

CCMD commanders should view cyberspace from an international viewpoint rather than localizing actions purely geographically. Doing so will enable us to keep pace with adversaries that move more swiftly across air, land and sea environments than us.

DoD Cyber Crime Center

The Department of Defense Cyber Crime Center (DC3), an operating agency under the Secretary of the Air Force, offers world-class digital and multimedia forensics, cyber training courses and technical solution development as well as analytics that support DoD mission areas including cybersecurity protection, law enforcement counterintelligence operations document exploitation as well as counterterrorism efforts. DC3 is one of seven designated Federal Cyber Centers responding to National Security Presidential Directive 54 and Homeland Security Presidential Directive 23 as well as serving as a center of excellence within DoD.

The DC3 Cyber Division oversees domestic law enforcement response to cyber intrusions, tracks victim notification and coordinates with other national agencies through CyWatch – its 24-hour operation. In addition, they operate the National Cyber Investigative Joint Task Force which coordinates investigations of foreign criminal and terrorist cyber activity against the United States and its allies.

DC3’s Cyber Division performs several other crucial duties, such as the development and deployment of cyber tools, managing DoD’s global cyber threat intelligence sharing community, collecting, processing and analyzing information about international cyber threats facing U.S. military personnel and the Defense Industrial Base via various mechanisms – one being DCISE which acts as a clearinghouse and focal point for referrals of intrusion events on unclassified DOD industrial base networks.

DC3 also operates two divisions under its Cyber Division – Defense Computer Forensics Laboratory and Defense Cyber Investigations Training Academy. The former academy offers nationally accredited cyber investigations training to DoD elements and federal law enforcement agencies; courses include incident response, Windows-based forensics, network intrusion in Windows, Linux and Solaris Unix environments and much more.

The latter provides an interactive forum in which DoD cyber investigators, law enforcement personnel and other experts share knowledge and best practices. Held each year in Atlanta, Georgia, this conference features presentations on a range of topics – with attendees eligible for continuing education units (CEUs).

DoD Cyber Exchange

The DoD Cyber Exchange is an online portal designed to provide cybersecurity training and guidance to military service members, civilian employees of the federal government, contractors and their subcontractors. It features courses and modules at both an introductory and intermediate level for its target users; additionally it gives access to a database of tools and resources which may be utilized by its staff and contractors.

The Department has implemented several initiatives to strengthen cybersecurity, such as the Defense Industrial Base Collaborative Information Sharing Environment (DIB CISE). This program serves to protect DoD content on contractor networks while exchanging best practices between DoD civilian IT staff and private-sector organizations. Furthermore, DoD Cyber Information Technology Exchange Program (CITEP) serves to expand knowledge sharing between these groups.

The Pentagon operates not only the DoD Cyber Exchange but also an international network of security centers and research laboratories to support Department of Defense security operations. Their centralized command and control center is in Maryland but their facilities span globally; with more than 240 data centers globally. Furthermore, DoD Cyber Exchange hosts an encrypted website providing health and wellness advice to over 2 million service members and their families enrolled with DoD programs.

The DoD Cyber Exchange serves as a hub for over 50 security agencies around the globe, enabling its users to securely exchange information and collaborate. This system can be accessed via two networks, Non-Secure IP Router NETwork (NIPRNet) and Secret IP Router Network (SIPRNet), and its functions include providing DoD and federal agency personnel a virtual workplace to collaborate in. Furthermore, its resources sharing feature makes this an essential resource. All who utilize the DoD Cyber Exchange are known as “cyber citizens.” To stay safe online and protect our privacy, all individuals – military or not – should utilize DOD’s Cyber Security Awareness Month campaign, which offers helpful advice and tips for staying secure online. Even taking small steps towards online safety can make a tremendous impactful difference!

eMASS

eMASS is an innovative Government off the Shelf (GOTS) solution that automates an array of services for comprehensive fully integrated cybersecurity management, from dashboard reporting and system security authorization packages generation, to cyber attack prevention via stringent process control mechanisms and authorization to connect information systems to DOD networks.

eMASS can assist the DOD in improving its cybersecurity and speeding ATO accreditation through various functions beyond supporting DIACAP, including reports, automation of manual and machine configuration management, integration with Splunk and bulk processing of RMF security controls; saving both time and effort when processing multiple RMF packages at the same time.

eMASS also allows DOD to keep an accurate picture of its Functional Requirement Codes across all DOD locations, providing DOD with the capability of tracking changes in configurations that may necessitate updating their security assessment and possibly identify potential threats more accurately than any other tool could.

SteelCloud’s ConfigOS has long been considered one of the leading cybersecurity automation solutions and recently received a significant upgrade that makes loading bulk checklists even faster. Users can now automatically integrate documentation, manual configuration management and machine configuration management directly into eMASS at one time with this update also enabling SteelCloud to send it directly to Splunk for analysis.

Most eMASS databases can only be accessed via NIPRNET with a DoD Common Access Card (CAC), making off-site contractors’ use more challenging. Commercial training providers offer comprehensive online and classroom courses designed to teach contractors the necessary skills required to utilize eMASS. Please keep in mind that outages do occur on occasion so it’s wise to visit DOD eMASS website regularly for updates; DOD also sends emails outlining any outage announcements as a preventative measure.

SIPR

SIPR system is a United States military network designed to transfer classified information of SECRET classification. As part of the Defense Information Systems Network – along with NIPRNet and JWICS – SIPR employs packet switching in a secure environment for data transfer as well as providing electronic mail and document access; access is only granted with valid security clearance credentials.

Defense Information Systems Agency, a division of USDOD, manages this network. It serves various functions such as real-time communication between military personnel, President and Secretary of Defense, Combatant Commands and combatant command headquarters; military intelligence collection; research & development and training activities; record keeping for operations conducted overseas as well as records related to those operations.

At present, the Defense Department has moved SIPRNet to a virtual environment, making it less vulnerable to cyber attacks and other threats and providing future networking capabilities enhancement. Furthermore, this switch allows converged access as well as software-defined networking.

This move will enable the Department of Defense (DoD) to strengthen its cyber defenses while cutting costs, increasing bandwidth and decreasing storage needs, while making connections easier across networks and partners.

Additionally, the Pentagon is taking additional measures to secure SIPRNet and other military computers, such as expanding use of software that detects suspicious or unusual data access/storage activity (similar to credit card companies’ ways of spotting fraudulent charges).

The Pentagon has issued a requirement that requires all military personnel to have a password-protected USB drive with its own unique identifier to store files on SIPRNet. This will prevent people from downloading documents onto one and illegally sharing or distributing them; furthermore it ensures the USB drive cannot be erased by accident.

SIPRNet is used by millions of soldiers and government employees around the country, who rely on its sensitive national security data for protecting against terrorist attacks, nuclear proliferation, and other potential threats to US national security. Furthermore, intelligence agencies use SIPRNet to gather intelligence about terrorist activity.

Categorized in: