By Ralph A. Milone Jr. , 96th Test Wing
/ Published March 21, 2018
Ensuring that the U.S. Air Force’s cyber assets and our personally identifiable information remain safe and out of the wrong hands is one of the many responsibilities that we, as Airmen, must take seriously. Cyber threats are most commonly a result of negligence and carelessness in taking care of information. (U.S. Air Force illustration by Airman 1st Class Christopher Maldonado)
What do Mustava Awwad, Charles Eccleston, Bryan Martin and Bryan Underwood have in common with each other? They were part of an individual “insider threat” in which they jeopardized our national security posture.
Awwad, a Navy civilian engineer, tried to share schematics of a nuclear aircraft carrier with individuals he believed were representatives of a foreign government. Eccleston, a Department of Energy Nuclear Regulatory Commission employee, attempted to spear-phish, or cyberattack, his organization’s computers. Martin, a Navy sailor, accepted more than $11,000 from an undercover FBI agent posing as a Chinese intelligence officer in exchange for secret and top secret data. Underwood, a former U.S. Consulate Guardsman, was sentenced to nine years in prison for attempting to provide national defense information to China for $5 million.
Insider threats are more difficult to detect and can cause significant damage to national security. The Continuous Evaluation Program was implemented to help detect such threats. This critical platform helps members of the national defense community report potentially unfavorable information, whether confirmed or suspected, in a timely manner to authorities in order to protect our national security.
Just because someone is granted a security clearance, doesn’t mean the individual is invincible to further assessments regarding their access to data concerning national security. CEP allows members to periodically review individuals’ backgrounds while they are in-between security clearance investigations to ensure they can continue to be trusted to protect national security.
After all, life happens. Relationship troubles, bankruptcy or unexplained wealth, and substance abuse, could be indicators of something much worse.
Though it’s difficult to understand how an associate can contemplate and rationalize betraying trust, leadership and coworkers alike have a personal responsibility to report behaviors they observe that may cause a security concern.
Today’s threats are much more sophisticated with less of the “in your face” action we are accustomed to seeing on the screen. Perpetrators no longer need to rely on guns, bullets or explosives to inflict damage. The Common Access Card is now the preferred method to disrupt our security.
When 9/11 happened 16 years ago, our national, state and local authorities repeatedly stressed the importance of reporting anything suspicious or out of the ordinary to law enforcement officials. This mantra still holds true today, and may be even more important than ever, based on the damage insiders caused to our national security over the past several years.
For more detailed information on CEP, contact your unit security office concerning matters that are reportable. Reporting may just save lives and our vital national resources.