WRIGHT-PATTERSON AIR FORCE BASE, Ohio -- For the 20-person team assigned to the 88th Air Base Wing Cybersecurity office, cybersecurity is much more than a monthly awareness campaign. It’s a persistent effort in ensuring the 27,000-plus people who work at Wright-Patterson Air Force Base can accomplish their mission without having personal or government information stolen or compromised in any way.
October is National Cyber Security Awareness Month, an annual campaign to raise awareness about Cybersecurity, but the wing Cybersecurity office focuses on the topic of Cybersecurity 365 days a year.
The office provides cyber security support for the entire installation and serves as a bridge between consolidated cyber teams at the Air Force level and unit Cybersecurity Liaisons.
The office assists installation network users by establishing base cybersecurity policy, tracking cybersecurity compliance and facilitating corrective action or waivers when cybersecurity policy interrupts the mission of base units. Another function of the team is to pre-approve all equipment and applications before they are permitted on our networks. They provide consultation to base organizations when network device purchasing decisions are made to ensure only approved devices are bought and connected to the network.
“We try to reinforce the mantra, ‘When in doubt, always ask,’ before network device purchases are made because an unapproved and unvetted device could add significant risk to the network,” said Jeffrey Dean, Base Information Systems Security Manager.
When an organization wants to purchase any device to connect to the network such as a computer, printer, headset, camera, or perhaps even a server to house a website or program that will conduct Air Force level business through the network, Dean and his team coordinate and offer guidance to keep users out of trouble from a cyber-security standpoint. All hardware and software that goes on the Wright-Patt network must be approved by the cyber security office.
“Wright-Patt has the largest and most diverse Air Force user network of any base in the Air Force,” said David Whorton, 88th Communications Group Plans and Resources Division Chief. “The network supports Air Force level weapons system development and acquisition and various research and development programs. It also houses 60 major website applications that provide services to the entire Air Force including programs such as the Automated Base Supply System and LeaveWeb.”
The office also manages encrypted digital certificates across the base for things ranging from aircraft communications to various communication rooms, and top secret sensitive compartmentalized areas throughout the base.
“The office inspects each organization on base at least once a year with a thorough risk evaluation of all things cyber under the Air Force Computer Security Program,” Dean said.
The office works closely with approximately 500 commander-appointed Cyber Security Liaison’s–formally known as Information Assurance Officers, across the base. They each report to the wing cybersecurity office and the cybersecurity office does the research to help answer questions that may come from base organizations. The cyber security liaisons are the front line of defense to the end-user on the base network. “We consider CLs an extension of the Wing Cyber security Office,” said Randy Miller, 88th Communications Group Wing Cybersecurity Office Chief.
Security at the point of the end user is critical to protecting information on the Wright-Patt network, Whorton said.
“Back in the 1980’s, the primary goal of cyber bad guys was to get into your network and cause you problems for bragging rights. Now they want to get into your network without you knowing about it and steal your information. They want to stay there as long as they can and place a backdoor to get in at any time. A lot of people would love to get the research that’s done here, saving them millions of dollars and years of effort. The same thing with our weapons systems – they’d love to know what we’re doing, what we are building, or what technologies we are deploying,” said Whorton.
“What we’re concerned about is people stealing our acquisition and weapons systems research and development information at Wright-Patterson. If people click on things they’re not supposed to, it can open the door for this to happen and you wouldn’t know it. There won’t be any bells or whistles going off and a message saying ‘you’ve been hacked, ha, ha, ha,’” he added.
“An insider threat remains one of greatest threats to the DOD network. Both intentional and unintentional actions can compromise the DOD’s ability to accomplish its mission,” said Miller.
An insider threat arises when a person with authorized access to U.S. Government resources, to include personnel, facilities, information, equipment, networks, and systems, uses that access to harm the security of the United States.
“Education and awareness is a large part of what the wing cybersecurity office concentrates on not only during the NCSAM but also the other 11 months of the year. The cybersecurity information the WCO provides to the WPAFB community on a continual basis can also be beneficial to personnel at home on their WiFi networks and personal devices,” said Miller.
Phishing emails are one of the biggest topics the office deals with because through phishing emails, the Air Force and the DOD are more susceptible to having a cyber-attack and exploitation than anything else, Whorton said.
With a phishing email, a user receives an email that looks legitimate. The recipient either clicks on a link that’s been included or on an attachment and then things happen behind the scenes and someone has been invited into the network. “If something seems too good to be true or suspicious, don’t click on it,” Whorton said. “Report it to your Cybersecurity liaison.”
The office also manages multiple Air Force cyber security programs such as computer security, emission security, communications security, and information system security manager duties.
In fact, all requests to move or change computers that process classified information must be approved by the office’s personnel who are experts in the placement of classified systems in relationship to unclassified systems. Specially trained personnel ensure the correct implementation of classified systems on the base by physically inspecting the layout of each of the spaces where classified information will be processed. They also issue Secret Internet Protocol Router Network tokens that look similar to common access cards and are required for use on the secure network.
Today’s Airmen and families live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. From our desks and homes to on the go, we work, learn and play online. Everyone has a role in securing their part of cyberspace, including the devices and networks they use. Individual actions have a collective impact and when we use the Internet safely, we make it more secure for everyone. The wing Cybersecurity office provides a source of expert guidance to do just that.