Be aware of the cyber threat

  • Published
  • By Maj. Steven Swinehart
  • 934th Communications Squadron commander
MINNEAPOLIS-ST PAUL AIR RESERVE STATION --  Cyber-crime throughout the world continues to increase and computer users are the number one attack vector for criminal activities.  Unfortunately, one of the greatest vulnerability to any network are the users themselves, the very reason the network exist.  One of the latest exploits is done through malvertising or malicious advertising.  This is a primary avenue to deliver exploits to users, where clicking on an ad will redirect the user to compromised websites, including legitimate sites, that host an exploit kit that will be loaded directly to a computer's memory and not even written to disk.  This payload is then run from the compromised computers memory and establishes a foothold to install further software. 

Angler, Sweet  Orange, and Goon exploit kits have seen the most activity in 2014 and continue to be used.  This type of exploit is the reason you may not be able to access different sites or when you notice that some ads do not show up when surfing the web from work.  Of course not all sites will be discovered and blocked so continued vigilance is required on the users behalf by utilizing the web for official use only and avoiding questionable sites.*

Another attack vector is through Spam and Phishing emails with 29 percent of all Spam originating from China in 2014.  These emails have evolved to a point where it has become difficult for even an experienced user to spot a fake message and will be seen at both work and home.  Three of the more common types of emails seen in 2014 are fake FedEx Shipment Notifications, fake Fax Message Delivery Emails or even emails claiming you may have downloaded a popular game on your mobile device.  All the messages may provide a link to allow you to log into your account or go to a website to check on a product.  You should avoid ever clicking on an imbedded link within an email.  Looking up the official site in your browser or having a saved link in your favorites is a safer method.  User education is the best defense against Spam and Phishing emails.*

Finally, I'll touch on a couple of computer security (COMPUSEC) issues that are related directly to your work environment within the Air Force.  Most users may consider COMPUSEC a burden against free access to the computer resources available, but it is a constant struggle for the Communication Squadron and the Unit Information Assurance Officers to ensure your access is secure from compromise.  Part of this effort is to provide you with the information you need to help keep yourself and everyone else on the network safe.  Protection of your Common Access Card (CAC) is included in this self-policing effort.  You should NEVER leave your CAC unattended in your computer, as this leaves your machine open to access by anyone and is in direct violation of AFI 36-3026v1. 

In addition, you should never plug in ANY USB device (cell phones, thumb drives, iPads/iPods, etc.) without first consulting Wing IA.  All USB activity is monitored and there are administrative consequences for unauthorized use.  As a reminder, units are not authorized to purchase their own external hard drives.  To purchase a device, please submit a 934AW Form 30 to 934CF.COMM_IT@us.af.mil.  Hard drives that do not go through the CS will be identified as unauthorized.  External hard drives are not to be used as an F/R or H Drive replacement and should not be purchased as a convenience.


*Data from CISCO 2015 Annual Security Report