October is National Cyber Security month Published Oct. 23, 2012 By Senior Master Sgt. Kenneth Kunze 60th Communications Squadron TRAVIS AIR FORCE BASE, Calif. -- Oops, you did it. You plugged a device into the network and received a pop up notification which advised you of a Universal Serial Bus connection. No big deal. It's just your cell phone, or another electronic device you brought from home with your favorite music and family pictures on it. That can't do any harm. Well, at the same time, a Cyber Surety technician in the 60th Communications Squadron just received a log entry on the network scan program which advised of an unauthorized plug-in on an Air Force networked computer. What next? As a precautionary measure, you established your next move and followed the recommendation of the pop up. You decided to contact your Information Assurance Officer. Meanwhile, the Cyber Surety technician is gathering the details of the event for further reporting. While the intention might have been innocent, external portable electronic devices pose great risk to networks. They can introduce malicious logic that could easily propagate and wreak havoc on mission essential emails, files and hardware. In turn, it could lead to work stoppage and mission degradation. Such a simple act has now triggered a domino chain of events. Your chain of command will soon be notified of the USB violation and your account will be disabled. Only by re-accomplishing Information Assurance training and obtaining your group commander's endorsement will the account be reactivated. Countless man hours have now been expended for just a few seconds of music, loading pictures or a recharge of your phone battery. It is amazing how easily this could have all been avoided with just a little knowledge. Why and when did we start banning USBs and other flash memory devices on Air Force networks? A Washington Post article dated Aug. 25, 2010 answers part of this question. "StratCom prohibited the drives' use back in November 2008 after the Agent.btz virus began working its way through military networks. A variation of the "SillyFDC" worm, Agent.btz spreads by copying itself from thumb drive to computer and back again. Once on a PC, it automatically downloads code from another location. And that code could be pretty much anything," said Ryan Olson, iDefense computer security expert. There was also talk that such infections might be deliberate attacks on the Defense Department's networks. The ban was billed in one StratCom email as a way to counter adversary efforts to penetrate, disrupt, interrupt, exploit or destroy critical elements of the Global Information Grid, said Jim Lewis, Center for Strategic and International Studies on 60 Minutes last November. "Some foreign power infiltrated the classified network of U.S. Central Command through the use of thumb drives," he said. October is National Cyber Security Awareness month and the 60th Communications Squadron is leading efforts to raise awareness. As the Air Force marches into the 21st century, cyberspace has become a vital part of our daily culture. Our ability to interconnect and conduct business electronically enables the mission to get accomplished in an efficient manner. In an effort to assist users at the ground level with their needs, a new cyber position was created: Information Assurance Officers. IAOs are embedded throughout each organization. These individuals are appointed by their commander to act as a liaison between the 60th Communications Squadron and their unit. Their role is pivotal in ensuring network users are properly trained and equipped so operations flow smoothly. When users are in need of assistance, or a new solution is required, the IAO acts as the intermediary. From curtailing USB violations, coordinating the validation of rooms that process classified data, training users on the Air Force's network policies and filing mandatory user agreements, these specially appointed individuals assist and guide users toward safe practices. Keeping the network safe and secure from potential risks is the responsibility of all network users. On a recurring basis, the network is evaluated and tested for certification and accreditation. As a result, all systems that connect to the network must be approved and cleared for use. Therefore, every member with a network account is a stakeholder. Safeguarding our newest frontier is everyone's responsibility. Good cyber security practices can protect us from all possible threats. By taking precautionary steps, we can ensure we are proactively protecting our information. Here are a few things you can do to ensure we do our part to secure the network. - Make sure your recurring Information Assurance training is up-to-date - Avoid plugging USB flash media devices to the network without proper authorization - Ensure the latest anti-virus software is installed on your workstation - Scan all removable media before each use - Practice good habits by not visiting suspicious sites - Do not open emails from suspicious individuals - Ensure organizational mailboxes have encryption certificates when processing Personally Identifiable Information - Be cognizant of your actions when connecting via unsecure wireless means For questions, or to report any cyber security issues, contact your unit Information Assurance Officer or the 60th Communications Squadron, Wing Information Assurance at 312-837-0002.