Maxwell Air Force Base   Right Corner Banner
Join the Air Force

News > Malicious websites pose threat to Air Force network
Malicious websites pose threat to Air Force network

Posted 9/9/2011   Updated 9/9/2011 Email story   Print story


by Tech. Sgt. Scott McNabb and Christopher Kratzer
24th Air Force Public Affairs

9/9/2011 - MAXWELL AIR FORCE BASE, Ala. -- The discovery of spoofed Air Force websites means Air Force network users must maintain awareness before entering passwords into Air Force sites.

The 624th Operations Center is alerting Airmen and civilians across the service about malicious websites posing as official Department of Defense and Air Force pages appearing through Web searches.

All Airmen, civilians and Air Force contractors must ensure links and Uniform Resource Locators, or URLs, are legitimate before entering their passwords because those who don't could render the official sites vulnerable to exploitation and other threats.

"It is vitally important for everyone to watch what they do and where they go on the Net," said Col. Alan Berry, 624th OC commander. "Any site can be hacked or spoofed at any time. In this case, an unknown actor spoofed our Air Force Portal site and also found a way to elevate their fake site in the search results provided by some common search engines. They are relying on individuals to trust the search engine or act so quickly that they do not recognize their mistake."

Berry said verifying the link isn't foolproof either.

"Each person can protect themselves, and by extension the entire Air Force enterprise, by taking a little time and caution to check search results or links for accuracy and authenticity," he said.

The Air Mobility Command Threat, Analysis and Response Cell identified the spoofing threat to the 624th OC. Berry said he's proud of the men and women of his unit, but it takes a team to keep the AFNet safe.

"Tackling this event was much bigger than just the 624th OC," said the commander. "Multiple units worked this issue and developed the quick actions to counter the spoof attempt. We are the hub for much of those efforts and often the public face, but we are not the only ones working hard to keep our networks safe and available."

One of those units is the 42nd Communications Squadron at Maxwell. Brian Goff, the security manager for the communications squadron, said that these fake websites pose a serious threat to security.

"Our adversaries establish spoofed DOD websites in order to harvest our user's logon credentials. Once compromised, these credentials can be exploited by our adversaries to traverse DOD networks across the globe in a coordinated effort to identify, compromise and extract sensitive data," Goff said. "These intrusions have the potential to place our service-members lives at risk."

"(With) each instance, bogus DOD websites were displayed before legitimate DOD websites when queried via Google," Goff said. "Spoofed websites often mirror the actual site and can be difficult to spot by untrained eyes. That said, the most common indicators are misspelled words, mismatched text, outdated reference or a URL that does not reference the actual '.mil' domain."

The 624th OC recently issued a Notice to Airmen, or NOTAM, asking AFNet users to identify the actual Web address, normally listed below the heading of the search result before selecting a link. The NOTAM also pointed out official sites will normally have a ".mil" or ".gov" extension on the URL address such as the official Air Force Website address:

Airmen who find a spoofed Air Force or Department of Defense Website should alert the local information assurance office immediately.

No comments yet.  
Add a comment

 Inside Maxwell AFB

ima cornerSearch

tabSocial Media Dashboard






tabTop StoriesRSS feed 
Enlisted leaders engage at summit

AFROTC returns to Harvard

OSC gives 25K in scholarships

CSAF bestowed with enlisted corps' greatest honor

AFROTC cadet wins Boren Award for Arabic studies

Maxwell SAPR chief lights up Montgomery sky

Retired Air Force Lt. Gen. Carlton reminices on his friendship with Gen. LeMay

Total-force officers take next step

Maxwell awards youngest volunteer

Spouses donate $2,500 to help heal TBI, PTSD

  arrow More Stories

tabAETC NewsRSS feed 
AETC website undergoing extreme makeover

Laughlin Air Force Club member wins truck

Living legend receives ROTC Distinguished Alumni award

Commentary – NCOs echo through eternity

D-models return to flight after longeron repair

Pillars of resiliency: spiritual resilience

Top cop visits Luke

Site Map      Contact Us     Questions     Security and Privacy notice     E-publishing  
Suicide Prevention    SAPR   IG   EEO   Accessibility/Section 508   No FEAR Act