Article Display

Network users are essential to preventing cyber attacks

  • Published
  • By Tech. Sgt. Kevin Williams
  • 20th Fighter Wing Public Affairs
SHAW AIR FORCE BASE, S.C. --  The 24-hour news channels are filled with stories about Department of Defense computer vulnerabilities. 

DoD computer users are no longer allowed to use thumb-drives, flash cards and other solid state memory devices on computers. 

Hackers have gained access to files about the F-35 Joint Strike Fighter. The "Conficker" computer worm even made an appearance on Shaw.

What's a computer user to do?

According to Tech. Sgt. Mark Sanders, 20th Communications Squadron Network Control Center NCO in charge, there are plenty of ways routine computer users can help.

Some of it has been heard before. For instance, "Limit use of internet sites to those for official use only," he said. "Don't use thumb-drives."

Why? What is so dangerous about thumb-drives and camera flash cards?

"The reason they are dangerous is when you plug them in, the flash media runs an install as soon as it touches the machine," Sergeant Sanders said. "So if there's something malicious on (the thumb-drive), it automatically installs."

Master Sgt. Michael Holt, 20th CS NOC Network Operations Section chief, explained that if an external device spins, like an external hard-drive, then it is authorized to be used.

"Take advantage of home-use anti-virus products the government pays for from your CSA or come to the NCC," Sergeant Sanders said. "It's free anti-virus protection for your home computers."

"Protecting yourself at home is actually protecting us at work," said Sergeant Holt added. "There are a lot of people, like me, who write EPRs and decorations at home. I can't use a thumb-drive to bring them back and forth to work anymore, so now I e-mail them."

One of Shaw's computers was actually affect by the "Conficker" virus, most likely by an un-authorized thumb-drive, Sergeant Sanders said.

"It appeared on one machine," he said. "We kicked it off the network. It was disconnected and brought to the NCC to be quarantined and scrubbed. We ran some stuff to see what it did, who it talked to, what it sent and then sent the machine to the Air Force Network Operations Center for further evaluation."

Another way users can prevent malicious attacks is leave their computers on all the time. The NCC usually installs most patches during evening hours so as not to inconvenience daytime operations.

"The reason those patches are installed is because of a vulnerabilities in software that can be exploited," Sergeant Sanders said. "If we patch it, it can't be exploited. So we ask people, 'Don't turn off you machine, leave it plugged in and on.' If the computer is off, then the patch won't install and their system is vulnerable."

"Our biggest security vulnerability to our network is not from outside sources, it's the people bringing in thumb-drives, solid state memories, those CDs they burn at home and bring into our network," Sergeant Holt said. "Our biggest threat is the ignorance of some of the users ... not scanning their software when they bring it in."

Shaw users are also seeing an increase of "spam" e-mails making their way into their inboxes and steps are being taken to limit the amount of spam making its way onto the Shaw network.

"Believe me, the few spam e-mails people get on a daily basis is nothing compared to what we are blocking," Sergeant Holt said. "It's mind-boggling."

In fact, in a 30-day period Shaw receives more than 4 million e-mails. Of those, approximately 3 million are successfully blocked as spam.

While it may not seem as intense, or important, as being on the lookout for insurgent activities in Iraq and Afghanistan, network security is essential to America's war-fighting capabilities. With technology evolving rapidly, users are urged to comply with the ever-changing requirements and maintain vigilance.