DSCA
Company Details
Linkedin ID:
defense-security-cooperation-agency
Website:
Employees number:
453
Number of followers:
22,589
NAICS:
92811
Industry Type:
Homepage:
dsca.mil
IP Addresses:
2
Company ID:
DEF_6190638
Scan Status:
Completed
Defense Security Cooperation Agency Company CyberSecurity Posture
dsca.mil
The mission of the Defense Security Cooperation Agency (DSCA) is to advance U.S. national security and foreign policy interests by building the capacity of foreign security forces to respond to shared challenges. DSCA leads the broader U.S. security cooperation enterprise in its efforts to train, educate, advise, and equip foreign partners. DSCA administers security cooperation programs that support U.S. policy interests and objectives identified by the White House, Department of Defense, and Department of State. These objectives include developing specific partner capabilities, building alliances and partnerships, and facilitating U.S. access. DSCA integrates security cooperation activities in support of a whole-of-government approach; provides execution guidance to DoD entities that implement security cooperation programs; exercises financial and program management for the Foreign Military Sales system and many other security cooperation programs; and educates and provides for the long-term development of the security cooperation workforce. Programs-at-a-glance include: • Foreign Military Sales (FMS) • Foreign Military Financing (FMF) • Institutional Capacity Building (ICB) • International Military Education and Training (IMET) • Humanitarian Assistance, Disaster Relief and Mine Action (HDM) http://dodcio.defense.gov/SocialMedia/UserAgreement.aspx For more information on DSCA, e-mail: [email protected]
Defense Security Cooperation Agency A.I CyberSecurity Scoring
DSCA Risk Score (AI oriented)Between 700 and 749
DSCA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
DSCA Global Score (TPRM)XXXX
DSCA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
DSCA Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Russian government agencies and industrial entities
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The Awaken Likho APT group, also known as Core Werewolf and PseudoGamaredon, launched a targeted campaign using a new implant to infiltrate Russian government entities and enterprises. This campaign utilized phishing emails with malicious URLs to distribute the MeshAgent tool, enabling remote system control. An SFX archive concealed the attack by displaying a decoy document while setting up the MeshAgent to maintain a persistent connection with the attackers' server. This allowed for continuous remote access, compromising the integrity of the targeted systems. The attack underscores the evolving threat tactics and sophistication of the APT group.
Ukrainian government agencies and Polish entities
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The Russian-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in a sophisticated cyber attack campaign since late 2023. The attacks involved spear-phishing to deliver malware, including an updated variant of the RomCom RAT named 'SingleCamper,' as well as new downloaders and backdoors. Tools were executed for initial network reconnaissance and creating remote tunnels for command and control (C2) communications. The group performed data exfiltration, system reconnaissance, and maintained long-term access for espionage. There is also a potential for ransomware deployment to disrupt operations and generate profit. The impact includes the compromise of government systems and the risk of geopolitical instability due to the nature of the targeted entities.
DSCA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for DSCA
Incidents vs Armed Forces Industry Average (This Year)
No incidents recorded for Defense Security Cooperation Agency in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Defense Security Cooperation Agency in 2026.
Incident Types DSCA vs Armed Forces Industry Avg (This Year)
No incidents recorded for Defense Security Cooperation Agency in 2026.
Incident History — DSCA (X = Date, Y = Severity)
DSCA cyber incidents detection timeline including parent company and subsidiaries
DSCA Company Subsidiaries
The mission of the Defense Security Cooperation Agency (DSCA) is to advance U.S. national security and foreign policy interests by building the capacity of foreign security forces to respond to shared challenges. DSCA leads the broader U.S. security cooperation enterprise in its efforts to train, educate, advise, and equip foreign partners. DSCA administers security cooperation programs that support U.S. policy interests and objectives identified by the White House, Department of Defense, and Department of State. These objectives include developing specific partner capabilities, building alliances and partnerships, and facilitating U.S. access. DSCA integrates security cooperation activities in support of a whole-of-government approach; provides execution guidance to DoD entities that implement security cooperation programs; exercises financial and program management for the Foreign Military Sales system and many other security cooperation programs; and educates and provides for the long-term development of the security cooperation workforce. Programs-at-a-glance include: • Foreign Military Sales (FMS) • Foreign Military Financing (FMF) • Institutional Capacity Building (ICB) • International Military Education and Training (IMET) • Humanitarian Assistance, Disaster Relief and Mine Action (HDM) http://dodcio.defense.gov/SocialMedia/UserAgreement.aspx For more information on DSCA, e-mail: [email protected]
Loading...
DSCA Similar Companies
Defense Logistics Agency
As the nation’s logistics combat support agency, the DLA manages the end-to-end global defense supply chain – from raw materials to end user disposition – for the five military services, 11 combatant commands, other federal, state and local agencies and partner and allied nations. DLA’s mission is
Swedish Armed Forces
The Swedish Armed Forces is one of the biggest authorities in Sweden and is headed by a Supreme Commander. The deputy leader of the authority is the Director General. As the only authority permitted to engage in armed combat, the Swedish Armed Forces are Sweden’s ultimate security policy resource
United States Department of War
The mission of the Department of War is to provide military forces necessary to protect the security of our country. The U.S. military defends the homeland, deters adversaries, and builds security around the world by projecting U.S. influence and working with allies and partners. In case deterrence
Albanian Armed Forces
The Albanian Armed Forces (AAF) (Albanian: Forcat e Armatosura të Republikës së Shqipërisë (FARSH)) were formed after the declaration of independence in 1912. Today it consists of: the General Staff, the Albanian Land Force, the Albanian Air Force and the Albanian Naval Force. According to the Al
US Navy
The United States is a maritime nation, and the U.S. Navy protects America at sea. Alongside our allies and partners, we defend freedom, preserve economic prosperity, and keep the seas open and free. Our nation is engaged in long-term competition. To defend American interests around the globe, the U
Marine Corps Recruiting
This is the Official LinkedIn Page of Marine Corps Recruiting. We make Marines. We win our nation's battles. We develop quality citizens. These are the promises the Marine Corps makes to our nation and to our Marines. The core values that guide us, and the leadership skills that enable us, not on
U.S. Coast Guard
Official LinkedIn account of the U.S. Coast Guard — The Nation’s premier maritime military service and leading counter-drug force, protecting the maritime domain and advancing national security in service to the American people. Semper Paratus! As one of the six branches of the Armed Forces, the U.
British Army
Joining the British Army, you’ll get much more from life than you ever would with a civilian career – you’ll have the opportunity to do something that really matters, with a team that are like family to you. The sense of belonging in the Army is next level: when you’ve trained with each other and ov
Ministerie van Defensie
Het Ministerie van Defensie bestaat uit de Koninklijke Marine, de Koninklijke Landmacht, de Koninklijke Luchtmacht, de Koninklijke Marechaussee, het Commando DienstenCentra en de Defensie Materieel Organisatie. Aan het hoofd van de Bestuursstaf (het departement) staat de minister van Defensie. We
.png)
DSCA CyberSecurity News
December 18, 2025 08:00 AM
US State Department approves $11.1bn proposed arms sales to Taiwan
The US State Department has notified Congress of eight prospective foreign military sales (FMS) to the Taipei Economic and Cultural...
December 18, 2025 08:00 AM
US greenlights massive, $11 billion military arms package to Taiwan
Beijing did not take the announcement well, saying the offer of the arms package "grossly violates the one-China principle," undermines...
November 14, 2025 08:00 AM
US clears $3.2 billion in missiles for Germany
The missiles may be carried by Germany's new F127 class frigates as part of a maritime air defense capability, a US government notice said.
November 13, 2025 08:00 AM
Department of War Launches Sweeping Realignment of Acquisition and Foreign Military Sales Authorities
Secretary Pete Hegseth announced details of sweeping reforms aimed at promoting competition, reducing bureaucracy, and accelerating the...
November 12, 2025 08:00 AM
The Pentagon wants faster weapons and it’s giving industry just 60 days to help make it happen
Guest: Stephanie Kostro. Title: President, Professional Services Council. Summary: Defense Secretary Pete Hegseth laid out a plan last week...
November 10, 2025 08:00 AM
DOD Announces New Arms Transfer Reforms
Defense Secretary Pete Hegseth issued new guidance to modernize the Pentagon's arms transfer system and streamline foreign military sales.
October 31, 2025 07:00 AM
Hegseth’s acquisition reform speech: What might come – and what’s already underway.
Defense Secretary Pete Hegseth is planning a Nov. 7 speech to roll out the Trump administration's plans to change the defense acquisition...
October 30, 2025 07:00 AM
Hegseth Plans to Shift Pentagon’s Arms Sales Office to Acquisition Leadership
Under Hegseth's proposed restructuring plan, DSCA overseeing FMS deals will move to the acquisition and sustainment office led by Michael...
October 29, 2025 07:00 AM
Hegseth to unveil arms sale overhaul
The Defense secretary will announce changes to the Pentagon's weapons purchases at an unusual gathering of defense industry executives.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
DSCA CyberSecurity History Information
Official Website of Defense Security Cooperation Agency
The official website of Defense Security Cooperation Agency is http://www.dsca.mil.
Defense Security Cooperation Agency’s AI-Generated Cybersecurity Score
According to Rankiteo, Defense Security Cooperation Agency’s AI-generated cybersecurity score is 735, reflecting their Moderate security posture.
How many security badges does Defense Security Cooperation Agency’ have ?
According to Rankiteo, Defense Security Cooperation Agency currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Defense Security Cooperation Agency been affected by any supply chain cyber incidents ?
According to Rankiteo, Defense Security Cooperation Agency has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Defense Security Cooperation Agency have SOC 2 Type 1 certification ?
According to Rankiteo, Defense Security Cooperation Agency is not certified under SOC 2 Type 1.
Does Defense Security Cooperation Agency have SOC 2 Type 2 certification ?
According to Rankiteo, Defense Security Cooperation Agency does not hold a SOC 2 Type 2 certification.
Does Defense Security Cooperation Agency comply with GDPR ?
According to Rankiteo, Defense Security Cooperation Agency is not listed as GDPR compliant.
Does Defense Security Cooperation Agency have PCI DSS certification ?
According to Rankiteo, Defense Security Cooperation Agency does not currently maintain PCI DSS compliance.
Does Defense Security Cooperation Agency comply with HIPAA ?
According to Rankiteo, Defense Security Cooperation Agency is not compliant with HIPAA regulations.
Does Defense Security Cooperation Agency have ISO 27001 certification ?
According to Rankiteo,Defense Security Cooperation Agency is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Defense Security Cooperation Agency
Defense Security Cooperation Agency operates primarily in the Armed Forces industry.
Number of Employees at Defense Security Cooperation Agency
Defense Security Cooperation Agency employs approximately 453 people worldwide.
Subsidiaries Owned by Defense Security Cooperation Agency
Defense Security Cooperation Agency presently has no subsidiaries across any sectors.
Defense Security Cooperation Agency’s LinkedIn Followers
Defense Security Cooperation Agency’s official LinkedIn profile has approximately 22,589 followers.
NAICS Classification of Defense Security Cooperation Agency
Defense Security Cooperation Agency is classified under the NAICS code 92811, which corresponds to National Security.
Defense Security Cooperation Agency’s Presence on Crunchbase
No, Defense Security Cooperation Agency does not have a profile on Crunchbase.
Defense Security Cooperation Agency’s Presence on LinkedIn
Yes, Defense Security Cooperation Agency maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/defense-security-cooperation-agency.
Cybersecurity Incidents Involving Defense Security Cooperation Agency
As of January 24, 2026, Rankiteo reports that Defense Security Cooperation Agency has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Defense Security Cooperation Agency has an estimated 818 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Defense Security Cooperation Agency ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Awaken Likho APT Group Campaign
Description: The Awaken Likho APT group, also known as Core Werewolf and PseudoGamaredon, launched a targeted campaign using a new implant to infiltrate Russian government entities and enterprises. This campaign utilized phishing emails with malicious URLs to distribute the MeshAgent tool, enabling remote system control. An SFX archive concealed the attack by displaying a decoy document while setting up the MeshAgent to maintain a persistent connection with the attackers' server. This allowed for continuous remote access, compromising the integrity of the targeted systems. The attack underscores the evolving threat tactics and sophistication of the APT group.
Type: Phishing
Attack Vector: Phishing emails with malicious URLs
Threat Actor: Awaken Likho APT GroupCore WerewolfPseudoGamaredon
Title: RomCom Cyber Attack Campaign
Description: The Russian-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in a sophisticated cyber attack campaign since late 2023. The attacks involved spear-phishing to deliver malware, including an updated variant of the RomCom RAT named 'SingleCamper,' as well as new downloaders and backdoors. Tools were executed for initial network reconnaissance and creating remote tunnels for command and control (C2) communications. The group performed data exfiltration, system reconnaissance, and maintained long-term access for espionage. There is also a potential for ransomware deployment to disrupt operations and generate profit. The impact includes the compromise of government systems and the risk of geopolitical instability due to the nature of the targeted entities.
Date Detected: Late 2023
Type: Cyber Espionage, Potential Ransomware
Attack Vector: Spear-phishingMalware Delivery
Threat Actor: RomCom
Motivation: EspionagePotential Profit
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing emails with malicious URLs and Spear-phishing.
Impact of the Incidents
What was the impact of each incident ?
Incident : Phishing DEF000101524
Operational Impact: Compromised integrity of targeted systems
Incident : Cyber Espionage, Potential Ransomware DEF000101824
Systems Affected: Government Systems
Which entities were affected by each incident ?
Incident : Cyber Espionage, Potential Ransomware DEF000101824
Entity Name: Ukrainian Government Agencies
Entity Type: Government
Industry: Public Sector
Location: Ukraine
Incident : Cyber Espionage, Potential Ransomware DEF000101824
Entity Name: Polish Entities
Entity Type: Government
Industry: Public Sector
Location: Poland
Data Breach Information
What type of data was compromised in each breach ?
Incident : Cyber Espionage, Potential Ransomware DEF000101824
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Cyber Espionage, Potential Ransomware DEF000101824
Data Exfiltration: True
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Phishing DEF000101524
Entry Point: Phishing emails with malicious URLs
Incident : Cyber Espionage, Potential Ransomware DEF000101824
Entry Point: Spear-phishing
Backdoors Established: True
High Value Targets: Ukrainian Government Agencies, Polish Entities,
Data Sold on Dark Web: Ukrainian Government Agencies, Polish Entities,
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Awaken Likho APT GroupCore WerewolfPseudoGamaredon and RomCom.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on Late 2023.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Government Systems.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Spear-phishing and Phishing emails with malicious URLs.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=defense-security-cooperation-agency' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
