[ISN] Comm squadron fights 'cyber' war every day

From: InfoSec News (isn@private)
Date: Mon May 24 2004 - 00:20:36 PDT

  • Next message: InfoSec News: "[ISN] Security 'scare' for Qantas"

    Forwarded from: William Knowles <wk@private>
    by Mike Campbell
    11th Wing Public Affairs 
    May 21, 2004 
    The 11th Communications Squadron and the Network Control Center guard 
    wing computers 24/7 and remain vigilant as malicious computer viruses 
    and Internet worms continue to attack personal, business and military 
    computers worldwide. 
    Contrary to what many might think, September 11 and its aftermath did 
    not have any significant negative affect on computer security in the 
    11th Wing, according to Philip Hom, information assurance specialist 
    with 11th CS. 
    Mr. Hom says the real threat to wing computers comes from hackers' 
    ability to develop new and ever-more elusive viruses that can 
    penetrate even relatively secure and well-monitored networks such as 
    "They design viruses that are very well-hidden," he said. "In a couple 
    of the viruses I've seen, there was no interaction [with the user] 
    required. The virus just comes on your network and users don't have to 
    click on anything." 
    He noted that the last time the Bolling network had to be shut down 
    because of a virus was the spring of 1999, when the Melissa virus, 
    which replicated itself through e-mail, emerged from nowhere to 
    overwhelm commercial, government and military computer systems. Since 
    then, improved detection techniques and the vigilance of the Air Force 
    Computer Emergency Response Team have kept Bolling's network free from 
    major disruptions. 
    Besides guarding against new viruses by updating and installing 
    anti-virus "patches" designed to render them harmless throughout the 
    network, the 11th Wing Information Assurance Flight is constantly 
    researching new, Internet-based software that may be attractive, but 
    potentially harmful to users. Some of this software can contain 
    invisible computer programs called "spyware," which allow the 
    programs' originators to gain users' personal information after they 
    unwittingly install the spyware by activating "Trojan Horse" programs 
    by simply opening attachments. 
    "Usually it's going to be [free or e-mailed] games that look cool or 
    funny, and meant more for enjoyment; those tend to be the biggest 
    culprits," said Staff Sgt. Benjamin Milton, an 11th CS information 
    assurance specialist. While the user is busy playing the game, the 
    malicious software imbedded in the game is doing its damage. "Every 
    time they play it, they install the program," which Sergeant Milton 
    said can, in some cases, lead to complete "identity theft" of the 
    With malicious hackers lurking everywhere on the Internet and 
    unsolicited e-mail and "spam" hitting e-mail inboxes in record 
    numbers, everyone on base needs to be smart about protecting and 
    maintaining the security and integrity of the Bolling network 
    Sergeant Milton said that when it comes to computer security, getting 
    smart begins with the individual user faithfully locking their 
    computer every time they leave the keyboard. "That prevents [others] 
    from being able to tamper with your system when you're gone," he said. 
    Other basic precautions he suggests are not downloading trial, free or 
    other online software without going through the workgroup manager to 
    ensure there is nothing wrong with the software. He also cautions 
    users that software additions must be thoroughly checked out and 
    undergo an accreditation process before the software can be authorized 
    to be installed on a wing computer. 
    Sergeant Milton emphasized that units' workgroup managers are the 
    first point of contact for any questions users may have about computer 
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    Help C4I.org with a donation: http://www.c4i.org/contribute.html
    ISN mailing list
    Sponsored by: OSVDB.org

    This archive was generated by hypermail 2b30 : Mon May 24 2004 - 02:12:20 PDT