Cyberspace Security Can Be Gone in a Flash

December 2008

Armed conflicts throughout the ages have had days when no spear was thrown, no bullet fired, no missile launched. Even the Hundred Years War (Valois versus Plantagenet for the French throne – you remember) only had eighty or so years of actually fighting. We should be so lucky. The fact is we are now embroiled in a conflict with no end, no ceasefires, no time outs. This war is not a shooting war in one of the world’s hot spots. This unending struggle is in cyber space and will be a raging conflict until the last circuit board is fried.

This crisis requires constant vigil because the enemy, ranging from state supported hackers to the kid in the coffee shop, is probing our defenses every nanosecond. They can reach us from every corner of the globe at any given moment. To many, that’s a sobering thought.  While some discount it as fear mongering, the daily news and reports from international cyberspace experts drive home the point – the war is ongoing with no end in sight.   

Solid defenses against cyber attacks exist. Many of these defenses rely on strong and constantly adapting computer safety technologies. Unfortunately, the weakness in this defensive perimeter is usually human. While the recent decision to ban thumb drives and other flash memory products from military computers was based on a technical vulnerability, the situation was made worse by human error and poor judgment.

Not having thumb drives at our disposal is a major headache, as some are finding out. The current situation exists because complacency and familiarity had set in. The protections available on government issued drives were being bypassed frequently just to save a few seconds of effort.  Unfortunately, the use of personal drives in government computers contributed to opening the door for the introduction of potentially dangerous code. Notably, it was a general threat, not some insidious super virus targeting only the U.S. military. 

It is time for all people with access to government computers to upgrade to Personal Responsibility 2.0. The earlier version is no longer supported and will not run on any machines connected to the Global Information Grid (GIG). The training and information is out there and there is more on the way. We have seen that if you play dangerously and someone gets hurt, they take away your toys.

During the holiday season, we need to give ourselves the gift that keeps on giving – information assurance.  Right now, soldiers are signing, “all I want from Santa is my thumb drive back.”  Their loss could have been prevented. 

The On Cyber Patrol© cartoon and supporting articles are created and made available by the U.S. Army’s Office of Information Assurance and Compliance, NETCOM, CIO/G6. For more information on the OCP program or to submit ideas for upcoming cartoons/articles, contact oncyberpatrol@hqda.army.mil.

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.