Forwarded from: William Knowles <wk@private> http://www.dcmilitary.com/airforce/beam/9_20/features/29187-1.html by Mike Campbell 11th Wing Public Affairs May 21, 2004 The 11th Communications Squadron and the Network Control Center guard wing computers 24/7 and remain vigilant as malicious computer viruses and Internet worms continue to attack personal, business and military computers worldwide. Contrary to what many might think, September 11 and its aftermath did not have any significant negative affect on computer security in the 11th Wing, according to Philip Hom, information assurance specialist with 11th CS. Mr. Hom says the real threat to wing computers comes from hackers' ability to develop new and ever-more elusive viruses that can penetrate even relatively secure and well-monitored networks such as Bolling's. "They design viruses that are very well-hidden," he said. "In a couple of the viruses I've seen, there was no interaction [with the user] required. The virus just comes on your network and users don't have to click on anything." He noted that the last time the Bolling network had to be shut down because of a virus was the spring of 1999, when the Melissa virus, which replicated itself through e-mail, emerged from nowhere to overwhelm commercial, government and military computer systems. Since then, improved detection techniques and the vigilance of the Air Force Computer Emergency Response Team have kept Bolling's network free from major disruptions. Besides guarding against new viruses by updating and installing anti-virus "patches" designed to render them harmless throughout the network, the 11th Wing Information Assurance Flight is constantly researching new, Internet-based software that may be attractive, but potentially harmful to users. Some of this software can contain invisible computer programs called "spyware," which allow the programs' originators to gain users' personal information after they unwittingly install the spyware by activating "Trojan Horse" programs by simply opening attachments. "Usually it's going to be [free or e-mailed] games that look cool or funny, and meant more for enjoyment; those tend to be the biggest culprits," said Staff Sgt. Benjamin Milton, an 11th CS information assurance specialist. While the user is busy playing the game, the malicious software imbedded in the game is doing its damage. "Every time they play it, they install the program," which Sergeant Milton said can, in some cases, lead to complete "identity theft" of the user. With malicious hackers lurking everywhere on the Internet and unsolicited e-mail and "spam" hitting e-mail inboxes in record numbers, everyone on base needs to be smart about protecting and maintaining the security and integrity of the Bolling network Sergeant Milton said that when it comes to computer security, getting smart begins with the individual user faithfully locking their computer every time they leave the keyboard. "That prevents [others] from being able to tamper with your system when you're gone," he said. Other basic precautions he suggests are not downloading trial, free or other online software without going through the workgroup manager to ensure there is nothing wrong with the software. He also cautions users that software additions must be thoroughly checked out and undergo an accreditation process before the software can be authorized to be installed on a wing computer. Sergeant Milton emphasized that units' workgroup managers are the first point of contact for any questions users may have about computer security. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ---------------------------------------------------------------- C4I.org - Computer Security, & Intelligence - http://www.c4i.org ================================================================ Help C4I.org with a donation: http://www.c4i.org/contribute.html *==============================================================* _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Mon May 24 2004 - 02:12:20 PDT