APRIL 12, 2016, PANAMA CITY, Fla. (NNS) – A new area in warfare is rising to the top of the U.S. Navy’s concerns, most notably that of cyber attacks via the Internet.
Commander of the U.S. Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service Adm. Michael Rogers gave numerous statements during a budget hearing for U.S. Cyber Command, March 16, on how prolific cyber attacks are becoming.
Cyber security is a very high priority for everyone associated with the U.S. Navy.
“Look at the world around you,” Rogers said during the hearing. “This is not a mission set that we are going to efficiency our way out of … The investments that we are making in cyber reflect the nature of the world we’re dealing with.” (Federal Times, Aaron Boyd, March 17, 2016)
According to Federal News Radio correspondent David Thornton, Rogers said it was important for the Navy to prepare employees on how to counter cyber attacks because vulnerabilities begin with the workforce.
“Rogers said that no matter what investments and defensive structures he has in place, the actions of an individual user who clicks on the wrong link at the wrong time can make it very difficult to bring those defenses to bear,” reported Thornton. (Federal News Radio, David Thornton, March 17, 2016)
Naval Surface Warfare Center Panama City Division Command Information Officer Scott Dorsch said he supports Rogers’ concerns.
“The number one threat? It’s the unintentional insider,” said Dorsch. “A federal employee who doesn’t retain enough of their cyber security training, for example, forgets to screen their emails properly for suspicious-looking traffic, opens one up and allows a portal for hackers to enter the Department of Defense network, which is a perfect example of spear phishing.”
Dorsch described spear phishing as fraudulent email that targets particular groups of people with similar characteristics, such as their place of employment – like the DoD.
“These are not totally random emails sent out to recipients, but are usually initiated by specific perpetrators seeking information from trade industries and the U.S. military,” said Dorsch.
Another area Dorsch prescribed vigilance and caution, is with users carelessly surfing the internet.
“NSWC PCD is a research facility,” said Dorsch. “So naturally, our researchers are going to surf the internet for information to help with projects. This applies to both the work environment as well as the home. Using search engines such as Google, will provide the user with millions of opportunities to select sites that are compromised by hackers.”
Dorsch said individual users should remember the internet is flat.
“There are no world boundaries associated with the internet, so when you perform a search, you are coming into contact with websites from many countries,” said Dorsch. “And, many of these websites are designed to direct you into unknown locations, they allow you to view their pages, look at potentially interesting information and then they open a connection. Once you do, your computer has been compromised and the hackers are inside.”
Dorsch described today’s cyber threats as extremely sophisticated requiring the U.S. to implement new protection strategies. Explaining today’s precautions, he said before anyone puts a computer on a network, the device must have all anti-virus software installed, patches updated and any other security measures in place before it ever touches the network. Otherwise, it’s already compromised. Especially for individual users at home, when you plug into the network, it takes just eight seconds for your computer to be compromised when no security updates have been implemented.
“Ten years ago, it was all about keeping hackers out of your system,” said Dorsch. “Today’s focus is ‘Protection of Data,’ assuming that somebody is already in your network and they’re just sitting there waiting.”
Dorsch warned about potentially unknown risks among the general public, emphasizing that Internet use without precaution can have devastating consequences.
“For example, Google opens up millions of websites to browse for information,” said Dorsch. “However, a lot of people don’t know that many source links listed first are actually paid advertisements. Owners of those links have paid Google to have their sites placed first in the list knowing most people tend to click on them believing the first listed have the most pertinent information available.”
According to Dorsch, it is good practice to always check the URL addresses of links found when researching via internet search engines, including Google.
“You should first check the URL addresses of the links you find and make sure they’re not directing you to sites located in adversarial countries,” said Dorsch. “This is a precaution that should be followed at home as much as at work.”
Dorsch also warned about a new attack vector being employed that takes over your home computer and denies access until a ransom is paid.
“Ransomware is malware that prohibits access to your computer once your system has been infected,” said Dorsch. “Your computer will be frozen until you call the ransomware’s provided telephone number and agree to pay their fine, at which time you are generally given an access code that will free up your computer. This can happen if you’re not careful with internet searches or opening suspicious emails.”
Dorsch said cybercrime is here to stay and will continue to evolve with its perpetrators striving to stay ahead of law enforcement agencies, which is why Rogers is requesting a $505 million budget for fiscal 2017 — a 3.5 percent increase over the $488 million allocated for 2016.
CHIPS — the Department of the Navy’s Information Technology Magazine — reported one of the Navy’s newest initiatives to counter cybercrime is called Cybersafe.
“As Cybersafe is implemented, it will drive Navy programs to add cybersecurity controls to legacy systems while also requiring these security controls to be incorporated early into a system’s design. This acquisition focus, combined with an emerging emphasis to develop a Navywide culture of cybersecurity awareness will position Navy leadership to make cybersecurity risk decisions that will result in improved operational readiness.” (CHIPS; Mark Elliott, Sudha Vyas and Ed Lazarski; January-March 2016)
In addition to internet precautions previously mentioned, Vice Adm. William H. Hilarides, commander, Naval Sea Systems Command, issued a March 18 all-hands email advising the Navy’s workforce to exercise extreme caution, specifically toward “Cyber Security – Phishing Attacks.”
In particular, Hilarides prescribed a few specific precautions to exercise.
“… Phishing is a criminal activity that is the easiest and one of the most effective ways to penetrate our networks. We must be very careful how we react to e-mails in our inbox. If a message comes from someone we don’t know, if it directs us to a link we’re not familiar with, DO NOT open it,” wrote Hilarides. “If you suspect an e-mail is a phishing attempt, notify your local Information Systems Security Manager (ISSM). You can also send it as an ‘attachment only’ to the NMCI spam box at: email@example.com. Do ‘NOT’ forward the email to anyone else, including the ISSM, unless directed by the ISSM. Cybersecurity starts with you!”