Maxwell Air Force Base   Right Corner Banner
Join the Air Force

News > Malicious websites pose threat to Air Force network
Malicious websites pose threat to Air Force network

Posted 9/9/2011   Updated 9/9/2011 Email story   Print story

    


by Tech. Sgt. Scott McNabb and Christopher Kratzer
24th Air Force Public Affairs


9/9/2011 - MAXWELL AIR FORCE BASE, Ala. -- The discovery of spoofed Air Force websites means Air Force network users must maintain awareness before entering passwords into Air Force sites.

The 624th Operations Center is alerting Airmen and civilians across the service about malicious websites posing as official Department of Defense and Air Force pages appearing through Web searches.

All Airmen, civilians and Air Force contractors must ensure links and Uniform Resource Locators, or URLs, are legitimate before entering their passwords because those who don't could render the official sites vulnerable to exploitation and other threats.

"It is vitally important for everyone to watch what they do and where they go on the Net," said Col. Alan Berry, 624th OC commander. "Any site can be hacked or spoofed at any time. In this case, an unknown actor spoofed our Air Force Portal site and also found a way to elevate their fake site in the search results provided by some common search engines. They are relying on individuals to trust the search engine or act so quickly that they do not recognize their mistake."

Berry said verifying the link isn't foolproof either.

"Each person can protect themselves, and by extension the entire Air Force enterprise, by taking a little time and caution to check search results or links for accuracy and authenticity," he said.

The Air Mobility Command Threat, Analysis and Response Cell identified the spoofing threat to the 624th OC. Berry said he's proud of the men and women of his unit, but it takes a team to keep the AFNet safe.

"Tackling this event was much bigger than just the 624th OC," said the commander. "Multiple units worked this issue and developed the quick actions to counter the spoof attempt. We are the hub for much of those efforts and often the public face, but we are not the only ones working hard to keep our networks safe and available."

One of those units is the 42nd Communications Squadron at Maxwell. Brian Goff, the security manager for the communications squadron, said that these fake websites pose a serious threat to security.

"Our adversaries establish spoofed DOD websites in order to harvest our user's logon credentials. Once compromised, these credentials can be exploited by our adversaries to traverse DOD networks across the globe in a coordinated effort to identify, compromise and extract sensitive data," Goff said. "These intrusions have the potential to place our service-members lives at risk."

"(With) each instance, bogus DOD websites were displayed before legitimate DOD websites when queried via Google," Goff said. "Spoofed websites often mirror the actual site and can be difficult to spot by untrained eyes. That said, the most common indicators are misspelled words, mismatched text, outdated reference or a URL that does not reference the actual '.mil' domain."

The 624th OC recently issued a Notice to Airmen, or NOTAM, asking AFNet users to identify the actual Web address, normally listed below the heading of the search result before selecting a link. The NOTAM also pointed out official sites will normally have a ".mil" or ".gov" extension on the URL address such as the official Air Force Website address: http://www.af.mil.

Airmen who find a spoofed Air Force or Department of Defense Website should alert the local information assurance office immediately.



tabComments
No comments yet.  
Add a comment

 Inside Maxwell AFB

ima cornerSearch

tabSocial Media Dashboard
Facebook

Facebook

Twitter

Twitter

YouTube

YouTube

tabTop StoriesRSS feed 
Holly Petraeus touts financial protection resources availabe through CFPB

Officer Training School graduates first total force class

Maximize your work out with MaxFit

CCAF graduates largest class to date

Maxwell-Gunter wingmen plan to "rise to the occasion"

NASCAR driver visits Maxwell

Happy 67th Birthday Air Force from Maxwell Air Force Base

"Hiring our Heroes" stops in Montgomery

SOS shortens to increase attendance

Air Force revamps AEF

  arrow More Stories

tabAETC NewsRSS feed 
Luke EOD Airmen endure Operation Enduring Training

New 19th AF commander outlines way ahead

Laughlin lieutenant saves life  2

Keesler recognized for energy conservation accomplishments

AETC civic leaders visit Academy

Luke cuts ribbon on F-35 Academic Training Center

First F-35A operational weapons load crew qualified


Site Map      Contact Us     Questions     USA.gov     Security and Privacy notice     E-publishing  
Suicide Prevention    SAPR   IG   EEO   Accessibility/Section 508   No FEAR Act