Commentary by 2nd Lt. Jerad Sayler
21st Communications Squadron
PETERSON AIR FORCE BASE, Colo. — Airmen and civilians from the 21st Space Wing gathered at the base theatre March 12 to attend the 2010 Cyber Awareness All-Call. This all call completed the year’s cyber awareness program with an analysis of exercises that took place and training that emphasized the importance of vigilance in the digital age.
The overall message of the presentation was aimed at getting Air Force personnel to take their cyber actions seriously at home and at work by raising awareness on adversaries and their methods. With a few simple precautions, users can eliminate a large amount of risk. Sometimes all it takes is an extra second to see what you are clicking in order to protect critical information.
At the AFA’s Air Warfare Symposium on Space, Gen. C. Robert Kehler, Air Force Space Command commander, said, “When you come to work and log onto NIPR-net you are entering a combat zone, and everyone has to be a defender.”
Summing up those words, it is absolutely imperative that we all become effective Cyber Wingmen – think before you click.
Col. Stephen N. Whiting, 21st Space Wing commander, opened the all call by stressing the importance of treating our networks as a weapon system to safeguard continued mission assurance.
I was fortunate to be given the responsibilities as the wing’s point of contact for this year’s program and began our presentation with an in-depth look into the five exercises the cyber awareness team performed on base from Jan. 14 through the recent Condor Crest exercises held during the last week of February. In the all call, our team explained what they designed and implemented and how successful we were at testing the wing’s network users.
The exercises consisted of an Air Force Portal phishing attack which succeeded in tricking 33 percent of its intended targets, a suspicious medical group e-mail which had a simulated Trojan virus attached to it that victimized 269 participants, a fake e-invitation to gather personal information, and a series of virus pop-ups aimed at training wing personnel to use proper virus containment and reporting procedures.
The final exercise was a no-notice network outage during Condor Crest which eliminated everyone’s ability to use the network for several hours. This simulation was modeled after the estimated network clean-up time from a single user becoming infected by a virus. In cyber warfare, it only takes a single user with a moment of complacency.
The next segment of the cyber all call featured a presentation by Senior Airman Jesse Scott, 21st Communications Squadron Information Assurance Office, on suspicious e-mails. He outlined how to detect e-mails that may carry malware or are attempting to gather personal information and how to deal with them. 1st Lt. Paul Wilcox, 21st CS, emphasized the importance of strong passwords at home and at work. He advocated against the temptation of using simple and common passwords in the digital age. He also outlined practices to secure and protect personal accounts online. Senior Airman Kyle Frias addressed the growing epidemic of classified message incidents. In 2009 there were 55 percent more CMIs than in 2008 and that number has continued to rise over the last several years. Airman Frias instructed the audience on how they could prevent CMIs and quickly recognize and respond to them.
The recent cyber attacks on Google were discussed as well. Adversaries targeted employee’s friends and family to increase their chances of infecting their ultimate targets. The hazards of giving too much personal information on social networking sites such as MySpace, Facebook, and Twitter were detailed as an easy avenue of exploitation.
In the end, we are all the first line of defense against cyber warfare. Think before you click.