Information Assurance office highlights importance of computer security

  • Published
  • By Karen Abeyasekere
  • 100th Air Refueling Wing Public Affairs
RAF MILDENHALL, England --  March 31 is the final day by which unit commanders should have all their people trained on network security via a slideshow presentation shown at commanders' calls. 

The aim of the presentation is to increase awareness of computer security.

"Everyone uses a computer, but the average user doesn't think of the security involved in keeping our information safe that's on our network," said Tech. Sgt. Ryan Kohler, 100th Communications Squadron/100th Air Refueling Wing Information Assurance office noncommissioned officer in charge. "The (Department of Defense) network is so integrated; we're very dependent on it and we're constantly trying to keep it secure from malicious viruses coming onto our network via outside sources, or even the users from inside.

"People bring in thumb drives from their homes that have been plugged into their computer, which might be infected. They then bring it to their work computer, plugging it in to copy files over, and end up introducing an infection to the government network," he said.

The current ban on any form of flash media - thumb drives, flash drives or card readers - is permanent as of now, according to Sergeant Kohler. External portable hard drives are allowed, but they must be virus-checked before each use.

"If you get a virus or a malicious logic on your thumb drive, you don't know it's even there; if it gets plugged into a home computer, then straight into the computer at work, it can automatically install without you doing anything to it.

"It can result in a 'key logger', which starts logging every single keystroke you do - for example, when you start typing in a Web address, or your user name and password - key loggers are very dangerous and can send the personal information off to whatever Web site is requesting it," said the NCOIC.

This is one reason the wing IA office ensures all government computers are up-to-date with patches, to fix vulnerabilities in software, to check for malicious software, such as the Trojan Horse or Worm virus.

"Some of the things we also want to highlight are phishing scams, where everyone gets sent e-mails telling them to click on a link, or send personal information. This can then be used to break into your bank account, hotmail or find out whatever personal information you might have," Sergeant Kohler said.

"What we're really concerned about is spear phishing - when an e-mail is targeted more towards a certain individual, such as fake bank e-mails getting sent out to military members, telling them there's a problem with their government travel card. In all reality, if and when you click on a link it takes you to some foreign Web site that might be set up to look like the Air Force Portal or another government site, encouraging members to enter their information."

Sergeant Kohler stressed that people should be wary, and if anyone receives a hyperlink or attachment in their government e-mail, it shouldn't be opened unless the e-mail is digitally signed.

Digital signatures must be used whenever necessary, to confirm the sender's identity to the recipient. They should be used on all official e-mail, and any e-mail containing a hyperlink, whether official or not.

"We're asking users to start treating the network in the same way they treat force protection - if you see someone scaling the fence or asking you to get somebody else on the base, you'd report it to security forces," Sergeant Kohler said. "We want people to be cautious about security; virus-check anything that you plug into the computer, such as portable hard drives, or files that you might get through e-mail. Get to know signs that your computer might be infected, such as programs running very slowly or information starts being deleted from your computer, and report it to your unit IA officer."

Editor's note: For more information, or to find out contact details of unit IA officers, call wing IA at DSN 238-3111.