CHINA TOPIX

12/25/2024 09:10:01 am

Make CT Your Homepage

US Air Force Fighting-off Over One Million Cyberattacks Everyday

Everyday

(Photo : USAF) Cyber warrior of the 561st NOS at his "battle station."

The U.S. Air Force deals with over one million cyberattacks every day and many of these intrusions are the dangerous types ordinary people have to contend with, said the 561st Network Operations Squadron whose job it is to thwart these persistent threats.

Headquartered at Peterson Air Force Base in Colorado, the 561st Network Operations Squadron (NOS) manages and defends the Air Force enterprise network at 108 installations throughout the United States.

Like Us on Facebook

The 960th NOS, an Air Force Reserve unit trained for the same tasks, also adds to the forces protecting more than one million networked computer systems.

To accomplish its huge task means the 561st NOS has command of a sophisticated network worth over $10 billion. The system is designed for 24/7 network operations, and supporting defensive operations within both classified and unclassified Air Force networks.

The unit estimates there are more than a million attacks on the U.S. Air Force network every day, and that's on the low end.

Some attacks are dealt with automatically by security software, while other attempts (likely from state-sponsored cyber warfare units) aren't that easy to deal with. Cyber warriors of the 561st NOS have their hands full fighting an undeclared cyber war against countries such as China and Russia trying to infiltrate the Air Force network. That unrelenting battle is fought by 561st NOS operators almost every hour of every day.

Addressing those nation-state and in-nation threats led to changes in how the 561st NOS runs, said Thomas Exline, the Cyber Security and Control System operations manager.

These changes involve an operational crew alignment in which each crew has all the specializations within the 561st NOS, providing support at all times.

"We are combat mission ready similar to what they have in the flying world," said Exline.

When not fending off the Chinese, Russians, the Iranians and the North Koreans, the 561 still has its work cut out dealing with the more "mundane" dangers facing anyone that's online. One of the biggest vulnerabilities in the network the unit has constantly come across is also one of the oldest tricks in the black hat hacker's book.

"It's phishing," said 1st Lt. Derik Dietel, the 561st NOS alpha crew commander. "It usually happens when people click something in their email."

Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details (often for malicious reasons) by masquerading as a trustworthy entity in an electronic communication.

Exline said just one click on a phishing link causes a cascade effect on the network. As many as a dozen groups are required to respond and eradicate the impact of a phishing incident.

"The (561st) NOS has to scour over 800,000 computers," he said. "If (a threat) is not from within the military, it is hard to block."

Other common threats come from personal external devices such as cellphones and hard drives. Insider threats from disgruntled employees seeking to cause harm are other possible concerns Airmen from the 561st NOS face daily. They can use any help they can get fighting them, too.

"People are sensors," said Exline. "If you see something that isn't right, you should say something."

Real Time Analytics