DoD CI in Cyberspace Initiative
Abstract
This activity detects, identifies and neutralizes malicious activities directed by foreign entities that target MDA cyber assets. The following actions are required on a continuing basis to accomplish the DoD CI in Cyberspace Initiative: -- Collaborate with the MDA Computer Emergency Response Team (CERT) to detect and neutralize potential foreign entity directed malicious and insider threat activities targeting MDA administrative and fire control networks, and mobility devices. -- Conduct CI Preliminary Inquiries into potential foreign entity directed malicious or insider threat activities and refers suspected incidents or events to the FBI or military department CI organizations for further investigation. -- Conduct CI forensics analysis of MDA computer network activity logs to identify potential indicators of foreign entity directed malicious, insider threat or computer network attack/exploitation activities targeting MDA information. -- Coordinate with national and DoD level intelligence, CI and law enforcement agencies to identify foreign entity cyber actor intrusion sets and the tactics, techniques and procedures used to target MDA and its Cleared Defense Contractor computer networks. -- Coordinate with MDA cleared defense contractors that have been compromised by foreign intelligence entities to capture and triage exfiltrated MDA related data, allowing BMDS engineering teams to perform proper damage assessments. -- Provide required initial and periodic training to ensure the MDA workforce is kept apprised of foreign entity threats to DoD personnel, facilities, information, activities, and information technology systems. -- Protect MDA SCIF/SAP areas from cellular/wireless device monitoring. -- Provide support to the MDA Insider Threat program. Specific and/or unique accomplishments to each FY are as follows:
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2019
- Source ID
- bfea10ab622a03db5a5a2773b902fa5e