Information Assurance: Defending Cyberspace Published Jan. 12, 2012 By Tech. Sgt. Matthew Matlock 36th Wing Information Assurance ANDERSEN AIR FORCE BASE, Guam -- Today, as never before, Department of Defense networks and the personnel who maintain them are being tested to the very limits of their ability to deflect assault. Attackers all over the world are utilizing every conceivable method to gain access to our critical systems and introduce malicious code to exploit or destroy our assets. One of the provisions of the 2011 Defense Authorization Act was that a collaborative Intelligence and Cyber Agency report on cyber attacks be drafted and submitted to Congress for review. In this 12-page report, the Defense Department presented its position thusly: "When warranted, we will respond to hostile attacks in cyberspace as we would to any other threat to our country." The report went on to say, "We reserve the right to use all necessary means - diplomatic, informational, military, and economic - to defend our nation, our allies, our partners, and our interests." The DoD operates approximately 15,000 networks. These networks are comprised of about seven million computers at bases and outposts around the globe; in submarines and research facilities that patrol and monitor the oceans; in manned and unmanned aircraft that control the skies; in satellites that relay vast quantities of data around the earth in seconds and coordinate our efforts. According to National Counterintelligence Executive Robert Bryant, "The nations of China and Russia, through their intelligence services and through their corporations, are attacking our research and development." Defense Advanced Research Projects Agency director Regina Dugan has been quoted as saying: "Malicious cyber attacks are not merely an existential threat to our bits and bytes. They are a real threat to our physical systems, including our military systems." In September 2011, the Host Based Security System detected a "keylogger" virus in Creech AFB's Predator and Reaper Drone cockpit systems. The virus was most likely introduced via removable media such as a USB thumb drive or compact disc. The full extent of the infection is still unknown. In the end, it falls to you, the network user, to protect the integrity and confidentiality of our network. You are the last line of defense against an invisible army of hackers, terrorist cells, and foreign governments that have dedicated their most devious minds to the penetration of our information systems - the very systems that control our KC-135 Stratotankers; our B-52 Stratofortresses; our RQ-4 Global Hawks, and all the capabilities these aircraft provide to our decision-makers and warfighters. What can you do to help? From Jan. 18 -27, the 36th Wing will undergo an Air Force Network Integration Center inspection called the Information Assurance Assessment and Assistance Program. Information Assurance is a collection of three disciplines: Communications Security, Computer Security and Emissions Security. To facilitate a smooth inspection and ensure the continued defense of our information systems, be sure to heed the following guidance: - Find your Unit Information Assurance Officer and Unit EMSEC Monitor and have him/her verify that your office is COMPUSEC and EMSEC compliant. If you cannot locate your IAO or EMSEC Monitor, call 366-1020 (Wing IA). - Remove your Common Access Card from your computer when you leave your desk. - Do not bring cell phones or personal electronic devices into rooms that contain SIPRNET systems. - Have your IAO verify that no unauthorized software is loaded on government systems. - Have your IAO ensure that all stand-alone computers are patched and updated to the same standard as the AF Network. - Remove all wireless devices (wireless keyboard/wireless mouse) from your government computer. They are prohibited. - All CDs, DVDs, external hard drives, floppy disks, and removable media must be labeled with the proper classification sticker and scanned for viruses before each use. Contact your IAO for extra stickers. - Ensure your telephone - including your government issued cell phone - has a DD Form 2056 (red "Do Not Discuss Classified") sticker affixed. - Remove all WAV files, MP3s, documents named "Password..." etc., from your computers. AFNIC Inspectors will look for these items specifically. - Ensure your "End of Day" checklist (SF-701 Activity Security Checklist) is completed daily. - Have your EMSEC monitor verify that Protective Distribution System Line Route inspections are being conducted and logged daily. - Have your EMSEC monitor verify that all PDS junction and connection boxes are secured. - USB thumb-drives are prohibited - please remove them from your work centers. By following these simple guidelines, we can protect the DoD's cyber capabilities and ensure our assets are reserved for America, her allies, and no one else. For questions about the upcoming inspection or additional Information Assurance guidance, please contact the 36th Wing Information Assurance Office at 366-1020.