• Military Menu                       

• Introduction
• Systems
• Facilities
• Agencies
• Industry
• Operations
• Countries
• Hot Documents
• News
• Reports
• Policy
• Budget
• Congress
• Links

• WMD
• Intelligence
• Homeland Security
• Space

Computer Crime Investigative Unit

The Computer Crime Investigative Unit's (CCIU) primary mission is to conduct criminal investigations concerning intrusions into US Army computer networks. As investigations of this nature require a level of computer expertise not usually found in most CID Special Agents, CCIU personnel receive advanced computer training from the Defense Cyber Investigations Training Academy, Federal Law Enforcement Training Center and other technical experts.

With regards to technical assistance, CCIU Special Agents used their specialized knowledge of information technology to provide guidance to other CID Special Agents who conducted investigations involving computers. Certain CCIU Special Agents also received advanced training in processing and analyzing digital evidence. On a case-by-case basis, these experts would provide forensic assistance to other CID Special Agents, the US Army Criminal Investigation Laboratory, and partner law enforcement agencies. In addition, to assist the US Army in maintaining the integrity and security of its networks, the CCIU had developed a Computer Crime Vulnerability Assessment Program (CCVA). This program identified vulnerabilities in networks considered to be Crime Conducive Conditions, and the cognizant Army commander must address the vulnerabilities identified by the CCVA in order to prevent intrusions or other malicious network activities.

The CCIU conducts investigations involving intrusions into Army computer network/systems. Intruders ranged from non-malicious hackers to those intent upon disrupting a network or website to foreign intelligence probes. Investigations by CCIU had led to arrests of soldiers, civilians, and foreign nationals throughout the world who were engaged in cyber crime directed at the US Army.

The Commander, 701st Military Police Group (CID) had primary responsibility for the investigation of computer intrusions and related computer crime that crossed multiple areas of responsibility and/or computer crimes that had significant Army interest. In this role, the Commander: Recommended changes to US Army Criminal Investigation Command (USACIDC) policy, through the Deputy Chief of Staff, Opertions (DCSOPS), relating to all aspects of computer crime; maintained a cell of highly trained, experienced special agents with appropriate clearances and access to conduct investigations involving computer crimes and to provide technical expertise within USACIDC on information technology; provided for the conduct and monitoring of investigations involving computer intrusions and incidents Army-wide; provided for the conduct of sensitive and specialized computer crime investigations; provided for technical assistance to USACIDC field offices as needed; provided for a USACIDC representative at computer crime related committee meetings, working groups or other similar meetings; provided for USACIDC liaison with other governmental agencies on computer crime related issues; provided for law enforcement support to the Army C2 Protect program; in conjunction with USACIL, reported to the Commander, USACIDC, on the results of quality control reviews of computer crime investigations; in conjunction with USACIL, made recommendations to the Commander, USACIDC, concerning the "basic load" of computer equipment for USACIDC elements tasked with the investigation of computer crimes and on new technology as it developed; provided for the maintenance of criminal intelligence data on computer related issues; and reported on the evaluations of and recommends approval of training courses necessary to prepare USACIDC special agents for the investigation of computer crimes.

The CCIU was provisionally established as the Computer Crime Investigative Team (CCIT) in January 1998, in recognition of the expanding role of computers in criminal activities and investigations. Prior to establishment of the team, only a single forensic examiner at the US Army Criminal Investigation Laboratory was dedicated to investigating computer crime. Field investigative expertise consisted of a few CID Special Agents with varying levels of advanced training or expertise. The team was created out of the Field Investigative Unit (FIU) and was given primary responsibility for investigating intrusions into US Army computer networks.

In September 1998, the CCIT became the Computer Crime Resident Agency (CCRA) and moved to Fort Belvoir, Virginia. In November 1999, the CCRA was redesignated as the Computer Crime Investigative Unit (CCIU) and separated from the FIU to become a subordinate element of the 701st Military Police Group (CID). In January 2000, CCIU was officially established as a criminal investigative organization within CID.