What the ‘Cyber’ is going on?
By Lt. Col. Michael Myers, 30th Space Communications Squadron
/ Published December 10, 2015
VANDENBERG AIR FORCE BASE, Calif. -- You may be asking yourself this question a lot lately. Just turn on the news and you will see a report on yet another company that has been hacked, their information stolen, destroyed or exposed for the world to see. Companies like Sony, Target, Walmart, Home Depot and even technical companies like Apple are not immune. There are a number of reasons that an organization or a person can become a target of a hacker. Financial gains, stealing of trade secrets, access to sensitive or classified information, or even leaking of potentially embarrassing information from hacked online web hosting companies like Ashley Madison, are just a very few of the motives that drive the cyber hacker.
As members of the Department of Defense, we too are constant targets for these cyber threats. In fact, we all just recently received an email from Lt. Gen. William Bender updating us on the recent Office of Personnel Management data breach that was reported back in July. Those impacted by this breach will receive some services to help, such as identity restoration and theft insurance, and credit, identity and fraud monitoring.
So how does an organization protect itself against these cyber threats? How do we defend against a constant threat that only has to be right once when we have to be right all the time? There are three significant measures that come to my mind, that when deployed properly, will help provide layers of protection. The first two revolve around the technological element and the third centers on the human element.
The first element drives to maintain existing technology in the most up to date manner possible. The success of many organizations resides upon, and operates through, the use of computer systems. These networked systems need to remain updated with the latest software patches to avoid having the vulnerabilities exploited. The second element involves implementing new technologies to enhance the underlying security architecture. This approach can be pretty expensive, but migrating old computer systems with newer and more robust systems can also reduce the threat footprint.
The third measure is one of the more complex and ever-changing challenges faced by most organizations; it is the people who work for the organization. Yes, the employees, when properly trained to recognize and respond to potential threats, can drastically increase the protection-level of their organization. So patch what you have, upgrade to a better platform when feasible, and ensure all employees are trained and use their experience during business operations to provide the best defense.
These layers of defense are commonly called "defense in depth". Think of defense in depth as a number of concentric circles placed around each other, each with a different way to protect the very center of the circle core. Look at our base, we have a Security Forces Squadron of professional warriors at our gates denying access to those not authorized. And for those bad actors who decide to "hop the fence", the SFS is constantly patrolling for suspicious activity. The equipment running our network is located in various buildings on base. These facilities have locked doors; some of the rooms and buildings are alarmed, managed by our Civil Engineering Squadron experts and monitored by our Defenders.
Granted, physical access to network equipment is preferred and easier to exploit, but logical access can be just as damaging. All of us recently received additional training on different types of phishing attacks. We've learned how to identify and protect against these attacks to thwart any logical access from occurring.
But let's assume the hacker has gained access either physically or logically, the defense in depth is not over. This is where your Space Communications Squadron cyber warriors take the fight to the attacker. Most successful hacking attacks exploit known vulnerabilities in the network systems. To reduce these opportunities your SCS experts apply patches to machines, employ the right configurations, scan the networks for anomalies, and if needed, take part of the system offline to protect the rest of the enterprise and the missions depending on it.
In the very near future, your communication squadron will deliver some cutting edge technologies to improve network performance, gain system efficiencies, and most importantly, help reduce some of these threat vectors. These improvements will include a presence of Thin Client on both the unclassified and classified networks. This change will enable our cyber defenders to centrally manage patching operations globally and eliminate the need to patch each workstation individually. Therefore, when you login, you are guaranteed your PC is the most up to date.
How well Vandenberg has deployed its defense in depth of our networks will be tested in April 2016 during our Command Cyber Readiness Inspection. The CCRI is a rigorous inspection-oriented process designed to validate security compliance across Department of Defense networks. This is an inspection for everyone, from the SFS Defender to the SCS computer administrator, to you, the PC user.
So in closing, I ask everyone to trust in and follow our training and do your part in defending. We defend our networks, our information, our Air Force, and our Nation -- that is what we do. This will ensure Vandenberg remains postured to deliver the capabilities our Nation requires of every one of us. Thank you for your service, and God Bless America.