Malicious websites pose threat to base network

The discovery of spoofed Air Force websites means Air Force network users must maintain vigilant awareness before entering passwords into Air Force sites. The 94th Communications Flight, located here, is alerting Dobbins personnel about malicious websites posing as official Department of Defense and Air Force pages appearing through Web searches. (U.S. Air Force graphic/Master Sgt. James Branch)

Malicious websites pose threat to base network

Published Aug. 16, 2011
By Master Sgt. James Branch
94th Airlift Wing Public Affairs

DOBBINS AIR RESERVE BASE, Ga. -- The discovery of spoofed Air Force websites means Air Force network users must maintain vigilant awareness before entering passwords into Air Force sites.

The 94th Communications Flight, located here, is alerting Dobbins personnel about malicious websites posing as official Department of Defense and Air Force pages appearing through Web searches.

All Airmen, including military, civilians and base contractors must ensure links and Uniform Resource Locators (URLs) are legitimate before entering their passwords because those who don't could render the official sites vulnerable to exploitation and other threats.

"Dobbins network users need to stay vigilant when they go on the Internet," said Capt. Jamison de la Peña, 94th Communications Flight commander. "There is an inherent risk when you visit websites that may look legitimate, but in fact is hacked or spoofed. Typically, these sites are a ploy to gather information from you that's safeguarded, such as your username, password, security questions, account numbers and date of birth.

Verifying the website address before you click on the link from a search engine, email, or another website, can help mitigate your exposure to malicious websites.

Harold Jones, Base Information Assurance manager, said policies and network boundaries are in place to help with prevention, but isn't foolproof and network safety is still the responsibility of its users.

"Integrated Network Operations and Security Center (I-NOSC) East and the Air Force Computer Emergency Response Team (AFCERT) deploy software programs that roam the network and look for suspicious activity and vulnerabilities," Jones said. "When a vulnerability or suspicious activity is discovered, it is reported to the AFCERT. AFCERT notifies the Base Network Control Center (NCC)."

The NCC will then take the action dictated by the AFCERT. The action will usually deny users access to the suspicious site.

"Our advice is stay away from any site that has been identified as a spoofing site," Jones said.

The degree of difficulty to hack or spoof a site can vary.

"The security measures put in place for a website can determine how easy or hard it is to hack or spoof that site," de la Peña said.

Users should contact their Unit Information Assurance Officer or call the NCC at (678) 655-2892 to report suspicious network activity.