Exercise tests Ramstein’s cyber defenders

2nd Lt. Robert LaFountain
435th Communications Squadron

These days, the technical jungle is sometimes the most dangerous one of all. For military organizations, high-powered networks contain sensitive information and expensive equipment that, in the wrong hands, could wreak extreme havoc.

To help prepare against network threats, the Department of Defense is conducting Exercise BULWARK DEFENDER ‘07 on Ramstein through March. The exercise contains a series of events designed to test the abilities of network defenders to preempt and react to different threats, as well as evaluate command-and-control processes.

“This joint global network-defense exercise will provide Ramstein technicians with a unique training opportunity and assessment,” said 2nd Lt. Brian Edlefsen, 435th Communications Squadron OIC, Executive Support Cell. “(It will also) share effective network-security tactics, techniques, and procedures across the DOD, and ultimately encourage improved information flow at all levels of local and global network administration.”

The U.S. Air Forces in Europe Network Operations and Security Center and Network Control Center are prepared to protect the $22 million computer network from viruses, hackers and a variety of other threats. However, Ramstein’s network defenders rely on every person in the network to help.
“Together we can maximize the lessons learned and provide invaluable training to future network defenders while enhancing command-and-control procedures, and sharpening our tactics and techniques,” said Lieutenant Edlefsen.

To help USAFE network users sharpen their network defense skills, the 435th Communications Squadron offers the following scenarios.

Scenario 1: social engineering

Airman Conaltdel is working in the office and receives a call from the NCC about a problem with his computer. The NCC technician asks for the user’s CAC PIN to fix the problem. What would you do?

ANSWER: Don’t give out the number, and report the incident. No one, including the NOSC and NCC, will ever need your PIN. Your PIN is for you and you alone. If this does happen, contact your Information Systems Security Officer or Wing Information Assurance office immediately.

Scenario 2: Phishing

Airman Angler is checking his e-mail and receives a notice that his bank accounts may have been tampered with. The e-mail requests that she send her social security number and account numbers to validate there has been no foul play. What would you do?

ANSWER: Do not send your information, and report the incident. This type of activity is called “Phishing” and attempts are on the rise. Contact your financial institution directly and do not give anyone your PIN. Just as with your CAC, your PIN is for you and you alone. Your bank does not need the number. If you suspect phishing is taking place, contact your ISSO or Wing IA office immediately.

Scenario 3: physical security

Airman Lockdown is sitting at his desk and a NCC technician comes into his office and tells him about a network outage. The NCC technician asks Airman Lockdown if he can use his computer while he has it open to do some quick maintenance. What would you do?

ANSWER: Deny access and take names. Question anyone who you do not know coming into your work center. Most network outages can be fixed at the NCC. Do not relinquish control of your work station because administrative personnel must log on with their own accounts to perform any maintenance.
For more information, contact the 435th Wing Information Assurance office at 480-5519.