Software, books and neat stuff for crime buffs

Crime, Justice, Safety: 8 Channels -- 26 Programs
Behind the Badge    Criminal Justice Calendar
Free E-mail Alert Live Police Scanners Forums
My APB About APB Contact APB Newsletters Downloads

Defense Department Battles Cybercrime
High-Tech Lab Aims to Hunt Hackers, Catch Crackers

Oct. 5, 1999

By James Gordon Meek

James Gordon Meek/
Defense Computer Forensics Laboratory director David Ferguson
WASHINGTON ( -- Uncle Sam has drafted the Department of Defense into the nation's battle against cybercrime.

The Defense Department has opened a new $15 million computer crime lab and training facility near Baltimore that will work military cases and assist domestic law enforcement efforts aimed at catching hackers and others who may leave behind digital evidence.

The facility, strategically located near the National Security Agency, is intended to be a high-tech sleuthing operation that will train military investigators in how to handle computers and other data-collection devices such as electronic organizers as forensic evidence.

Under the control of the U.S. Air Force Office of Special Investigations, the new Defense Computer Forensics Laboratory (DCFL) was conceived of less than two years ago -- "light speed" was how one official described its incubation -- to keep pace with criminals who use computers in the commission of crimes.

Gets the 'strange and large' cases

APB Video Center

Defense Department video explaining the program
Options Play!!!

Interviewed in his office stocked with computers and video gear, lab director David Ferguson told that his military and civilian team assists "strange and large" cases.

"A lot of [federal] agencies have computer crime investigators," he said. "We get cases they can't handle."

One of the major problems the government is trying desperately to overcome is the threat of cyberterrorism and intrusions into sensitive computer systems.

High-level government officials have admitted that it is nearly impossible to identify the source of an attack by hackers or data thieves. And while the United States knows of several foreign powers with offensive information warfare programs -- they cite Russia, China, India and Israel -- they do not know who America's cyber-enemies really are.

A staff of security experts

DCFL officials said they have been asked, in part, to improve intruder identification, and they acknowledged that the lab and adjoining Defense Computer Investigations Training Program were created as a direct response to the troubling failure of federal law enforcement and the intelligence community to identify the adversaries in cyberspace.

APB Video Center

Defense Department video primer on digital evidence collection.
Options Play!!!

As for pinpointing who the hackers are who ping U.S. corporate and government networks every day, Ferguson said: "Our first goal is national security. But we're also concerned about building a case against [those who launch a computer attack or intrusion]."

The facility is stocked with technicians culled from all branches of the armed services and computer security experts with experience in online hunting. The FBI has some of its own experts in a neighboring office, and officials said the DCFL will help the bureau with some special computer crime cases.

"The intrusion [detection] capability we have are the people we have," Ferguson said. "We produce much better reports than anybody else does."

One reason for that, said Special Agent Karen Matthews, the DCFL deputy director, is that "the Air Force has been looking at intrusion investigations longer than the FBI has -- we just have more experience in that area."

Ferguson said the DCFL's own computer network is scanned several times a week by would-be intruders probing the lab's "perimeter."

Smashed disks are no problem

Besides tracking hackers, the DCFL specializes in "media analysis." That doesn't mean watching CNN and reading daily newspapers, as it would to the NSA or Central Intelligence Agency, but instead picking through bytes of electronic data in seized computers or on removable media -- floppy disks, CDs, zip disks and the like.

Related Stories:

Cyberterror: Thing That Goes Bump in the Net?

CIA Officer Warns of Foreign Y2K 'Trap Doors'

Report Warns of Cybercrime, Terrorism

Global Cyberconference Focuses on Crime

Reno Unveils Anti-Hacking Program

FBI Hunts Hackers Who Hit Federal Web Sites

The lab cleans up badly distorted video or photographs and analyzes them, and it can mine files from erased hard drives that owners thought were deleted.

They also reconstruct fragments of removable disks recovered from criminals or crime scenes, and data can be taken off even the smallest piece of tape visible to the human eye.

Forensic examiner Dave Lang happily demonstrated the technicians' skill at retrieving bits of data off tiny fragments -- a floppy disk, say, that was cut up or badly mangled by a crook trying to conceal illicit material like child pornography.

A disk could be melted, Lang said, but if an intact portion of the disk is salvageable, it can be spliced into a clean disk and examined. "If it can be picked up with tweezers, we can read what's on it," he said.

Training investigators

Downstairs, computer investigations training director Greg Redfern, a naval investigator, said he will train approximately 750 investigators from the Army, Navy, Air Force and Defense Department.

The criminal investigators taking three-week courses will arrive with varying levels of computer sophistication -- from the novice to the expert.

They will learn how to properly "bag and tag" computers found at crime scenes, and how to examine them like any other piece of forensic evidence.

James Gordon Meek/
Technician "irons" ruined computer disc.

The classrooms, still under construction, are stocked with PC towers wired with every imaginable removable media and can even toggle between operating systems like Windows and Linux.

"What we're doing here is pretty unique," Redfern said. "If you want to bring somebody in to be an computer investigator, we have a path they can take."

Small budget, by comparison

Redfern said he plans to eventually open the training center to federal law enforcement agents, but they are already struggling with meeting just one-quarter of the demand from military detectives.

The cost to build the entire training and lab facility was about $15 million -- pocket change to Pentagon budget planners accustomed to spending $1.3 billion on just one B-2 stealth bomber. The operating budget for fiscal year 2000 is slated at an equally economic $11 million, which includes anticipated costs for keeping up with advances in technology.

Ferguson said the Defense Department "got a great deal" on everything they put into the place.

James Gordon Meek is an staff writer in Washington (

More from

Departments Pocket Proceeds by Bringing in Feds


What the Columbine Report Didn't Tell You


The Gift of Fear: Survival Signals That Protect Us From Violence

Protecting the Gift: Keeping Children and Teenagers Safe


Chief's Indicted, Department Disappears

Two Held in Death of S.C. Cop

Cops See Red When White Pages Lists Their Names


Twin Cops Are Two of a Kind

No Room for Pregnant Cop in Texas Town

Cops Go to Bat on the Baseball Beat



Should police officers be permitted to carry concealed firearms through other jurisdictions?

Government seizure of Elian: Tactical success or reckless move? Poll:

Of the current law/crime/police shows on television, which is most accurate in its portrayals of criminal justice professionals?

Law & Order
The Practice
Law & Order: Special Victims Unit


New FBI Chief for Raleigh, N.C., Office

Stretch of Highway Named After Slain Deputy

At 91, She's the Oldest of San Diego's Finest

Nevada Sheriff Retires After 31 Years

Connecticut Trooper Gets Teaching Post

To Inform And Serve  ©Copyright 2000 APB Online, Inc. All rights reserved. ABOUT APB