Fort Riley, Kansas



Be mindful of threats to steal US information

By Staff Writer Dena O'Dell | 1ID | March 23, 2013

Editor's note: The Antiterrorism theme for the first quarter is cyber threat awareness. This is the fifth article in a series of articles educating readers about the different methods of cyber threats.

Since World War II, the U.S. military has maintained a technological advantage over its adversaries. This advantage has largely been because of the increased amount of time, money and effort the U.S. has invested into the research, development and production of advanced weapon systems.

During the past 14 years, however, unpatched computer networks, malware and successful phishing emails have enabled unauthorized access to U.S. government and defense contractor unclassified networks, resulting in an increase in state-sponsored intrusions and data exfiltration, according to Pat Burch, Fort Riley's installation antiterrorism officer.

Unclassified, but sensitive research and development information shared collaboratively between U.S. government, private industry and academia has been stolen from U.S. information technology networks and obtained by other foreign governments.

The stolen information may have provided adversaries with an advantage over the U.S. in developing advanced weapons systems.

"Many of our adversaries are behind the U.S. in developing technology for advanced weapon systems, so they rely on espionage to help them close the gap," Burch said.

One example of this claim is the comparison of the U.S. Air Force F-22 Raptor and the People's Republic of China's newest stealth fighter – the J-20. Similar features between the two include: A curvy aerodynamic design; angular air intakes positioned so they don't form corner reflectors; use of materials other than metal that appear to be better at absorbing radar; and potential ability to fly at supersonic speeds without using afterburners.

Adversaries can gain access to U.S. networks through the employment of malware that exploits network system vulnerabilities. To protect networks, network enterprise centers, or NECs, regularly and frequently patch operating systems and software application to mitigate system vulnerabilities.

Some ways to keep adversaries from gaining access into U.S. networks include: Educating users about phishing scams and attacks; deleting suspicious emails without opening them; staying alert about spear-phishing emails; encrypting all sensitive information transmitted over unclassified networks or stored on unclassified servers; and reporting suspicious emails to an information assurance officer and the installation's servicing network enterprise center.

"The Army will increasingly face adversaries who will exploit U.S. networks to obtain advanced technological information," he said. "With the inevitable reduction of the U.S. defense budget in the upcoming years and the increased defense budgets of potential adversaries, protection of sensitive defense information is critical."

Tag AT   Tag OPSEC