OPSEC and the cyber threat

  • Published
  • By Ralph Milone
  • Eglin OPSEC Program Manager
EGLIN AIR FORCE BASE, Fla. --  Just a few weeks ago I was given the opportunity to attend the Comprehensive Cyber Terrorism Defense Training Course sponsored by the Department of Homeland Security. 

Out of the 15 students attending the course I was the only non-computer security expert in the room. So, I was kind out of my league with all these folks talking computer jargon around me. However, there was one thing I did take away from this course which was the vulnerability of computer networks to cyberattacks. 

The "cyber terrorist" doesn't distinguish between a federal agency computer network system like DOD or one from the private sector. With the stroke of a key the cyber terrorist can wreck havoc on a computer network system whose critical infrastructure is not fully protected with a robust fire wall suppression system. Even with the strongest firewall suppression system in place we still see signs of attackers getting through
a fire wall with the likes of Phishing attacks masquerading as notices from legitimate organizations seeking either sensitive professional or personal information or installing a virus on the computer system. 

How does this correlate with Operations Security (OPSEC)? The key is information or more importantly the protection of information filed or stored within our computer networks. We've heard or seen countless stories appear in newspapers or televised on cable news networks concerning federal agencies or private companies losing or being denied their own information from their servers because of the spread of spyware, malware and other denial of service venues inflicted by the cyber terrorist whether sophisticated or not. Case in point, it was reported in the "Symantec Internet Security Report, Trends for July - December 2006 (Volume XI) and revised in March 2008 that "on an average 63,912 active bot-infected computers were affected per day and the United States was the target of most denial of service attacks, accounting for 52 percent worldwide total." 

In today's cyber world environment we must finally come to the realization that our desk top computer at work is a weapon systems platform similar to an F-15 or F-16 aircraft. The adversary's goal is to neutralize and/or eliminate the threat coming from the weapon platform itself. Hence, when we discuss the cyber threat from an adversary's point of view they are simply trying to deny the use of these systems to us or, trying to steal our information stored in them at the same time. We cannot solely rely on our critical infrastructure to deny the cyber terrorist an avenue in penetrating our system defenses. We must all take an active role in assuming responsibility for our sensitive information we file and store on our desktops like unit Critical Information (CI), For Official Use Only (FOUO) and Privacy Act (PA) data. 

Doing the right things like properly protecting your PIN to your CAC and/or passwords to other internal software programs are a good start. Not corrupting your computer with non-approved external media devices is another way of protecting that sensitive information from getting into the hands of an adversary by eliminating the threat of infected spyware and malware embedded in the media. When receiving suspicious looking e-mails that you don't recognize simply, don't open them. Delete them from your inbox and from your Office Recycle Bin located on your desktop to ensure any potential virus attached are neutralized. One last important factor to mention is to ensure that all information containing FOUO or PA information is protected from potential hacking through the use of encryption with PKI. 

Be a force multiplier by practicing good OPSEC procedures to ensure our sensitive information is always there when we need it.