DC3 History

Our History 1996 to 2023

The history of Department of Defense Cyber Crime Center (DC3) is rooted in technological evolution and cybersecurity advancements. Exploring our history unveils a rich tapestry of innovation and collaboration.
Year Event
September 15, 2023​: DC3 Celebrates 25 Years of Operation
On September 15, 2023, several hundred guests gathered at DC3 Headquarters to celebrate 25 years of DC3 operations. The unprecedented event featured speakers Mr. John Dixson, Director of Defense Intelligence, Counterintelligence, Law Enforcement, and Security from the office of the Under Secretary of Defense for Intelligence and Security, and Mr. Gurpreet Bhatia, Principal Director, Cybersecurity, Office of the Chief Information Officer.

During the ceremony, long-time DC3 veterans gave their recollections of key moments in the organization’s history. Executive Director, Mr. Sunderbruch, spoke about the future of DC3, outlining the strategic plan for 2023-2025, closing with a message of gratitude to everyone who made the event possible.
August 2023: DC3 Published 2023-2025 Strategic Plan
DC3 published its 2023-2025 Strategic Plan, emphasizing its role in delivering innovative capabilities and expertise to enable and advise law enforcement, cybersecurity, and national security partners.
February 2023​:

DC3’s Vulnerability Disclosure Program Reaches 45,000 Reports
In February 2023, the Department of Defense’s (DoD) Vulnerability Disclosure Program (VDP) program processed its 45,000th report. VDP began as an extension of the “Hack the Pentagon” project run by the predecessor to the DoD’s Directorate for Digital Services.

At the time, VDP partnered with Joint Force Headquarters-DoDIN to manually process all valid reports received from the researcher community. In the summer of 2018, the system known as the Vulnerability Report Management Network began production service to automate, track, and process all reporting, creating a much more efficient process.

Since then, the VDP reporting process has matured to include selection of a report of the month, a report of the year, publication of a monthly “Bug Bytes” report, and an annual report.

December 2022: DC3 Received 2022 DoD CIO Annual Award for Cyber and IT Excellence
The Department of Defense (DoD) Chief Information Officer (CIO) Awards Program awarded the DoD Cyber Crime Center (DC3) with a 2022 DoD CIO Annual Award for Cyber and IT Excellence for the Defense Industrial Base (DIB) Vulnerability Disclosure Program (VDP) Pilot. DC3’s team was also recognized as an Honorable Mention recipient. The award recognizes outstanding achievements of individuals and teams within the DoD CIO portfolio, with nominations highlighting numerous efforts across the Department supporting critical and national security efforts.
 
DC3 collaborated on the 12-month Pilot with the Defense Counterintelligence Security Agency. Throughout the awarded Pilot, VDP members helped coordinate remediation for over 400 actionable vulnerabilities found on DIB participants’ public-facing assets, saving the Defense Industrial Base an estimated $61 million. HackerOne’s global ethical researcher community supported the pilot by submitting 1,015 vulnerability reports, showcasing public-private cooperation.
 
The Honorable Mention and Team award recognized the joint collaborative team’s outstanding contributions to protect the DIB, Department of Defense Information Network (DoDIN), and national cybersecurity. DoD CIO formally recognized DC3 members on December 09, 2022 at the Pentagon.
November 10, 2022:

DC3 DCISE Onboarded 1000th Partner into Defense Cybersecurity Program
DC3’s DoD-Defense Industrial Base Collaborative Information Sharing Environment (DCISE) officially onboarded its 1000th voluntary partner into the DoD’s Defense Industrial Base Cybersecurity Program. The voluntary onboarding program began in 2008 with only 16 partners, achieving an average of 24% annual partner growth year-over-year through 2022.

Defense companies involved in the program receive unique cyber threat intelligence reporting, free malware analysis, engagement opportunities with government and industry experts, and cybersecurity-as-a-service capabilities from DCISE in coordination with the larger DC3 Enterprise.

August 2022: Mr. Jude Sunderbruch is appointed the Executive Director of DC3. Mr. Sunderbruch was the Air Force Office of Special Investigations Executive Director prior to joining DC3.
March 2022: DoD Cyber Crime Center (DC3) personnel from the DoD-Defense Industrial Base Collaborative Information Sharing Environment, Operations Enablement Analytical Group, and Public Affairs participated in two national-level cyber exercises: the Department of Homeland Security sponsored unclassified Cyber Storm VIII, and the Office of the Director of National Intelligence sponsored classified Ice Storm 11.

Participants followed an objective-driven scenario and exercise injects to exercise DC3 objectives of responding to requests for information, conducting cyber analytics, and sharing threat information with partners as part of DC3's role in the NCIRP.
May 2021: The DoD expanded the Vulnerability Disclosure Program to include all publicly accessible DoD information systems.
Jan. 15, 2021: The DoD Cyber Crime Center (DC3) was officially designated a Field Operating Agency (FOA) by the Secretary of the Air Force, effective Jan. 15, 2021, with an associated activation ceremony at the Office of Special Investigations (OSI) Headquarters, Quantico, Va. As a FOA, DC3 transitioned from a unit aligned under OSI to a separate agency aligned under the Inspector General, Office of the Secretary of the Air Force.
December 2020: The Operations Enablement Directorate (OED) was established to amplify the effects of DoD-wide law enforcement and counterintelligence investigations and operations, and by extension, the effects of the U.S. Intelligence Community at large
July 2019: The DoD Cyber Crime Center (DC3) partnered with the National Security Agency (NSA) by hosting 12 U.S. Army Reserve Officer Training Corps (ROTC) cadets for internships at DC3.
December 1, 2018: Mr. Jeffrey D. Specht is appointed the Executive Director of DC3. Mr. Specht was the Air Force Office of Special Investigations Executive Director prior to joining DC3.
March 16, 2018: DC3 Cyber Investigations Training Academy officially became DC3 Cyber Training Academy (DC3/CTA).
November 2017: Many of DC3’s directorates underwent a name change:
  • DCFL became the DC3 Cyber Forensics Laboratory (DC3/CFL)
  • DCITA became the DC3 Cyber Investigations Training Academy (DC3/CITA)
  • DCCI became DC3 Technical Solutions Development (DC3/TSD)
  • DVDP became DC3 Vulnerability Disclosure Program (DC3/VDP)
  • AG became DC3 Analytical Group (DC3/AG)
  • DCISE became DC3 DoD-Defense Industrial Base Collaborative Information Sharing Environment (DC3/DCISE)
November 21, 2016: Secretary of Defense Ash Carter authorizes the establishment of the Defense Vulnerability Disclosure Program (DVDP) to utilize private-sector cybersecurity researchers to scan public-facing DoD web sites for vulnerabilities. DC3/ VDP was born from this authorization.
November 1, 2013 –December 17, 2012: DC3 held its eighth Digital Forensics Challenge. Due to budget constraints, this is the last challenge held by DC3.
  • Number of teams participating: 1,254
  • Packets submitted for consideration: 317
  • Winner: Northrop Grumman, United States
 

View additional historical information regarding DC3

Year Event
January 20-27, 2012: DC3 hosted the 9th DoD Cyber Crime Conference in Atlanta, Georgia.
November 1, 2012 – December 15, 2011: DC3 held its seventh Digital Forensics Challenge. Participants included teams from 50 states and 52 countries.
  • Number of teams participating: 1,209
  • Packets submitted for consideration: 188
  • Winner: Northrop Grumman, United States
January 21-28, 2011: DC3 hosted the 8th DoD Cyber Crime Conference in Atlanta, Georgia.
December 15, 2010 – November 1, 2011: DC3 held its sixth Digital Forensics Challenge. Participants included teams from 50 states and 52 countries.
  • Number of teams participating: 1,147
  • Packets submitted for consideration: 174
  • Winner: LoneWolf, Sabanci University, Turkey
January 22-29, 2010: DC3 hosted the 7th DoD Cyber Crime Conference in St. Louis, Missouri.
  • Total attendees: 1,104
  • Total Trained: 501
December 15, 2009 – November 1, 2010: DC3 held its fifth Digital Forensics Challenge. Participants included teams from 48 states and 53 countries.
  • Number of teams participating: 1,010
  • Packets submitted for consideration: 71
  • Winner DFRC –Seoul, Korea
January 26-30, 2009: DC3 hosted the 6th DoD Cyber Crime Conference in St. Louis, Missouri.
  • Total attendees: 1,079
  • Total Trained: 400
February 4, 2009 – November 2, 2009: DC3 held its fourth Digital Forensics Challenge. Participants included teams from 49 states and 61 countries.
  • Number of teams participating: 1,153
  • Packets submitted for consideration: 44
  • Winner: DFRC – CIST, Korea University (Seoul, South Korea)
February 1, 2008 – November 1, 2008: DC3 held its third Digital Forensics Challenge. Participants included teams from 40 states and 26 countries.
  • Number of teams participating: 199
  • Packets submitted for consideration: 20
  • Winner: Fog Dogs – Naval Postgraduate School, United States
February 1, 2008: DCISE operations commenced as the result of a months-long collaborative effort between the Defense Industrial Base Cyber Security Task Force (DIBCS TF), DC3, and other agencies.
January 14-18, 2008: DC3 hosted the 5th DoD Cyber Crime Conference in St. Louis, Missouri.
  • Total attendees: 906
  • Total Trained: 389
January 8, 2008: The NCIJTF-AG was created and added to DC3 with the release of NSPD-54 and HSPD-23.
September 2007: The Council on Occupational Education (COE) accredited DCITA, officially making the program a training academy.
April 13, 2007 – November 1, 2007: DC3 held the second Digital Forensics Challenge.
  • Number of teams participating: 126
  • Packets submitted for consideration: 11
  • Winner: Cyber Warriors - Air Force Institute of Technology, United States
January 23-26, 2007: DC3 hosted the 4th DoD Cyber Crime Conference in St. Louis, Missouri.
  • Total attendees: 708
  • Total Trained: 247
August 8, 2006 – December 1, 2006: DC3 hosted the 4th DoD Cyber Crime Conference in St. Louis, Missouri.
  • Total attendees: 708
  • Total Trained: 247
August 8, 2006 – December 1, 2006: DC3 held its first Digital Forensics Challenge, a free, online, international competition consisting of individual progressive-level exercises. DC3, its partners, and corporate sponsors worked together to bring the challenge to the public. The challenge’s purpose was to pioneer new investigative tools, techniques, and methodologies.
  • Number of teams participating: 140
  • Packets submitted for consideration: 21
  • Winner: AccessData, United States
October 1, 2006: DCITP officially became known as the Defense Computer Investigations Training Academy (DCITA).
January 10-13, 2006: DC3 hosted the 3rd DoD Cyber Crime Conference in Palm Harbor, Florida.
  • Total attendees: 605
  • Total Trained: 110
September 8, 2005: The American Society of Crime Laboratory Directors/Laboratory Accreditation Board (ASCLD/LAB) accredited the DCFL as part of its nascent digital forensics regime.
January 10-14, 2005: DC3 hosted the 2nd DoD Cyber Crime Conference in Palm Harbor, Florida.
  • Total attendees: 550
  • Total Trained: 75
April 5, 2004: Steven D. Shirley assumed the office of Executive Director of DC3 having been appointed earlier on January 22, 2004.
December 8-14, 2003: DC3 hosted the 1st DoD Cyber Crime Conference in Las Vegas, Nevada.
  • Total attendees: 491
  • Total Trained: 0
August 8, 2003: Colonel Steven D. Shirley, Vice Commander, AFOSI was appointed as acting Executive Director of DC3.
December 13, 2002: SA Preston W. Thomas, NCIS became the acting Executive Director of DC3.
May 2002: The Defense Cyber Crime Institute (DCCI) was created as a result of a DC3 strategic planning session. DCFL accreditation required a separate research and development entity.
November 19, 2001: Mr. Philip Reitinger became the first Executive Director.
March 1, 2001: The name Department of Defense Cyber Crime Center (DC3) was adopted, encompassing DCITP and DCFL, pursuant to Department of Defense Directive 5055.13E.
September 27, 1999: DCFL & DCITP were dedicated by Christopher Mellon, Deputy Assistant Secretary of Defense for Security and Information Operations.
August 1999: First time DCITP classes are held in Building 911 (all previous classes were held in a rented classroom).
August 1998: The Working Group’s plan was approved, and AFOSI established Operating Location – Defense Computer Forensics Laboratory (OL-DCFL). The Defense Computer Investigations Training Program (DCITP) held its first classes at the end of the 1998 fiscal year. DCFL employs 26 personnel including 16 examiners.
February 10, 1998: The Honorable John Hamre, the Deputy Secretary of Defense directed the Air Force through the Defense Reform Initiative Directive #27 to establish a joint Department of Defense Computer Forensics Laboratory and Training program.
  • The computer lab would perform counterintelligence, criminal and fraud computer evidence processing, analysis, and diagnostics.
  • The training program would provide computer investigation training to relevant individuals and Department of Defense elements. The Air Force Office of Special Investigations (AFOSI), in coordination with the Defense Criminal Investigative Organization (DCIO) Enterprise-wide Working Group, begins development of a plan for the implementation of the lab and training program and submit this plan to the Office of the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence (OASD C3I) by March 30, 1998. Furthermore, the DCIO Enterprise Working Group would review consolidation of other forensic activities.
April 1996: Naval Criminal Investigative Service (NCIS) co-chaired an Office of the Secretary of Defense-level working group to determine the feasibility of creating a joint Computer Investigations Training Program and Computer Forensic Laboratory. This initiative was undertaken after recognition of the potential impact that network reliability would have on the DoD.