The Internet is ever expanding — people have instant access to all kinds of data. Such unprecedented access has fostered universal education and cultural exchange, but it has also opened the gate to a virtual battlefield. Phishing scams, massive data breaches and attacks on government networks have become more prevalent – that’s why the Army must be prepared.
Army Cyber Command is advocating a better understanding of cyber security to combat the rise in threat levels and keep pace with technological advancements. Cyber security is the central focus of Army Cyber Command, both for the force at large, and for Soldiers and their families.
It’s mission, according its website (http://www.arcyber.army.mil), is to continuously plan, coordinate, integrate, synchronize, direct and conduct cyberspace operations to ensure freedom of action in cyberspace, and to deny the same to any enemy.
Soldiers in the field protect the Army’s networks, data and systems in several ways. The first is ensuring they follow correct policies and operating procedures for cyber security, Lt. Col. Andrew Byrd, Army Cyber Command, said.
Soldiers use unclassified (NIPRnet) and classified (SIPRnet) networks while in the field and preventing cross contamination is key.
“Having both SIPR and NIPR out there, some of the problems people run into are cross domain violations, where somebody is taking something from NIPR and putting it on SIPR. Be it a thumb drive, their cell phone, anything like that. … the reason those are bad really is that it allows possible ways for the enemy to get into our systems,” he continued. If classified data from a secure network is accidentally placed on an unsecure network, that data is then at high risk of attack and can be easily accessed by adversaries.
Of course, cyber security is just as important during operations and Soldiers use networks and systems like the Command Post of the Future and Force XXI Battle Command, Brigade and Below, to actively protect the Army during missions, Byrd said.
Soldiers in the new 17 Branch, called Cyber, use networks like the FBCB2 as weapons systems. In fiscal year 2017, the new combat arms branch will reach its full operational capability, said Ronald Pontius, deputy to the commanding general for ARCyber Command, during a recent press conference. The branch will integrate the Army’s cyberspace capabilities into unified land operations with electronic warfare.
“One thing that some people don’t recognize or aren’t realizing is that the new military branch, career field 17 … it’s viewed as a combat arms branch, so don’t think of it as a bunch of computer geeks,” Pontius added. “It really is about extremely capable individuals, and recognizing the branch we’re working on building is … another form of maneuver, and that’s what the Army is striving for.”
However, the need for cyber security doesn’t end once Soldiers leave the battlefield, or even their office. Electronic attacks can happen anywhere, so ensuring home and mobile networks are secure is also important.
Sgt. 1st Class Sherrie Thomas, assigned to G-33 Current Operations, encourages her whole family to participate in securing their home network.
“Some of the things that I do, specifically, is making sure that our anti-virus software is up to date on all our computers,” she explained. “I make sure that all of our GPS or location services are turned off on any computers so that when our kids are on social media, they’re not posting pictures that have our locations on it.” She also deletes any cookies (digital markers that identify sites the family has previously visited) so attackers can’t access personal information. She makes sure her family has locked their social media account settings so any personal information is private and inaccessible.
Thomas also creates multiple accounts on her computer: an administrator account, which creates all the security settings, and user accounts that the family uses to do work, check websites or play games.
“I block (the kids) from being able to download from peer-to-peer websites and stuff like that, because those things normally have viruses on them. If they download them to our computer, we now have a virus,” she said.
Byrd also advocates creating a separate administrator account on home computers, because the administrator can delete user accounts if one becomes corrupted without losing all the information on the computer.
It’s also important for Soldiers to keep their computer operating systems up to date, said Sgt. 1st Class Steven Alejandro, also with the G-33. Download patches and system updates as they are released to ensure the computer is protected from newly created threats.
Households with a heavier load of Internet traffic, such as ones with avid online gamers, can do a few extra things to make their computers more secure, 1st Lt. Alex Harris, a G-35 (Future Operations) planner explained.
“In addition to your antivirus software, you also want to make sure you have firewalls configured, too,” he said. You can create a separate user account for a gamer and configure the firewalls to allow more unfettered access to inbound and outbound traffic while keeping them separate from the rest of the network.”
While these security measures help prevent unseen attacks and keep home network vulnerabilities to a minimum, Soldiers and their families should also be aware of more direct attacks, such as phishing scams or malware disguised as a hyperlink from a legitimate website, like YouTube.
“Beware of hyperlinks, attachments or downloads via email,” Byrd said. “They could hold Trojans (hidden viruses), and you won’t know you’ve downloaded something malicious.”
Alejandro is passionate about passwords for mobile and computer protection. A device may have antivirus software, firewalls, and separate user and administrative accounts, but without a password, that can all be rendered useless.
“You’ve got to make sure your password strength is at least 15 characters, with lower case, upper case, special characters and everything. It’s hard for you to remember but it makes it difficult for anybody else that’s trying to get to you and your information,” he said.
Passwords need to be on every device, he said. This includes mobile phones, which can store banking or private social information. Wi-Fi modems should also be password protected to prevent others from highjacking your network and accessing data that way, Thomas agreed.
“Password protection is a must in every instance,” Byrd said. If you have an easy password or no password at all, you are vulnerable to every attack out there.”