USA-CYBERWAR/ REUTERS/Rick Wilking
Personnel at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs, Colorado, July 20, 2010.
- The Air Force targeted its own personnel in Europe with spear-phishing attacks in November.
- The exercise was a test of the network's users' awareness of potential threats.
- Spear-phishing, which targets specific users, has already been used in the real world with profound effects.
In November, the Air Force targeted its personnel at bases in Europe with spear-phishing attacks to test their awareness of online threats.
The tests were coordinated with Air Force leaders in Europe and employed tactics known to be used by adversaries targeting the US and its partners, the Air Force said in a release.
Spear-phishing differs from normal phishing attempts in that it targets specific accounts and attempts to mimic trusted sources.
Read more: Here's why the Navy's newest littoral combat ship just tumbled into the water sideways
Spear-phishing is a "persistent threat" to network integrity, Col. Anthony Thomas, head of Air Force Cyber Operations, said in the release.
"Even one user falling for a spear-phishing attempt creates an opening for our adversaries," Thomas said. "Part of mission resiliency is ensuring our airmen have the proficiency to recognize and thwart adversary actions."
The technique has already been put into real-world use.
Just before Christmas in 2015, Russian hackers allegedly used spear-phishing emails and Microsoft Word documents embedded with malicious code to hit Ukraine with a cyberattack that caused power outages - the first publicly known attack to have such an effect.
This month, the US Department of Justice charged two Chinese nationals with involvement in a decade-long, government-backed effort to hack and steal information from US tech firms and government agencies.
Read more: The Air Force just hit a major milestone with the US military's upgraded, highly precise nuclear bomb
Their group relied on spear-phishing, using an email address that looked legitimate to send messages with documents laden with malicious code.
For their test in November, Air Force cyber-operations officials sent emails from non-Department of Defense addresses to users on the Air Force network, including content in them that looked legitimate.
The emails told recipients to do several different things, according to the release.
Rick Wilking/Reuters
Personnel at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs, Colorado, July 20, 2010.
One appeared to be sent by an Airman and Family Readiness Center, asking the addressee to update a spreadsheet by clicking a hyperlink. Another email said it was from a legal office and asked the recipient to add information to a hyperlinked document for a jury panel in a court-martial.
"If users followed the hyperlink, then downloaded and enabled macros in the documents, embedded code would be activated," the release said. "This allowed the threat emulation team access to their computer."
Read more: 'We're getting a lot better': The head of the US Navy's newest fleet says it can counter one of Russia's favorite tactics
Results from the test - which was meant to improve the defenses of the network as a whole and did not gather information on individuals - showed most recipients were not fooled.
"We chose to conduct this threat emulation (test) to gain a deeper understanding of our collective cyber discipline and readiness," said Maj. Ken Malloy, Air Force Cyber Operations' primary planning coordinator for the test.
The lessons "will inform data-driven decisions for improving policy, streamlining processes and enhancing threat-based user training to achieve mission assurance and promote the delivery of decisive air power," Malloy said.
U.S. Air Force/Technical Sgt. Cecilio Ricardo
US Cyber Command.
While fending off spear-phishing attacks requires users to be cognizant of untrustworthy links and other suspicious content, other assessments have found US military networks themselves do not have adequate defenses.
A Defense Department Inspector General report released this month found that the Army, the Navy, and the Missile Defense Agency "did not protect networks and systems that process, store, and transmit (missile defense) technical information from unauthorized access and use."
That could allow attackers to go around US missile-defense capabilities, the report said.
In one case, officials had failed to patch flaws in their system after getting alerts about vulnerabilities - one of which was first found in 1990 and remained unresolved in April this year.
Next Story
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
Mukesh Ambani’s JioCinema cuts subscription prices as India’s streaming war heats up
Data Analytics for Decision-Making
Experts warn of rising temperatures in Bengaluru as Phase 2 of Lok Sabha elections draws near
Axis Bank posts net profit of ₹7,129 cr in March quarter
7 Best tourist places to visit in Rishikesh in 2024
