HomeNewsArticle Display

AFCYBER evaluates Airmen with spear-phishing emails

JOINT BASE SAN ANTONIO-Lackland, Texas (AFNS) -- Air Forces Cyber conducted a mock spear-phishing test on European bases in November to assess Air Force Network users’ cyber awareness.

The test, coordinated with U.S. Air Forces in Europe leaders, incorporated techniques known to be employed by adversary actors against U.S. and partner nations, for the purpose of gaining a foothold inside our networks.

“Spear-phishing attacks are a persistent threat to the integrity of our networks,” said Col. Anthony Thomas, AFCYBER Operations director. “Even one user falling for a spear-phishing attempt creates an opening for our adversaries. Part of mission resiliency is ensuring our Airmen have the proficiency to recognize and thwart adversary actions.”

Spear-phishing attacks differ from normal phishing attempts because they target a specific recipient and appear to be from a trusted source.

For the test, AFCYBER’s threat emulation team sent several emails from non-Department of Defense email addresses to network users. These emails included legitimate-looking content, mirroring tactics used by cyber adversaries. The emails provided a variety of scenarios, urging Airmen to follow certain steps.

One email appeared to come from an Airman & Family Readiness Center, asking users to update a hyperlinked spreadsheet for an upcoming sale. Another email claimed to be from a legal office, and requested users to provide data in a hyperlinked document for a court-martial jury panel.

If users followed the hyperlink, then downloaded and enabled macros in the documents, embedded code would be activated. This allowed the threat emulation team access to their computer.

According to Maj. Ken Malloy, AFCYBER’s primary planning coordinator for the assessment, attacks by state-sponsored groups are sophisticated and can catch users unaware if they’re not paying attention.

“We chose to conduct this threat emulation (test) to gain a deeper understanding of our collective cyber discipline and readiness,” said Malloy. “Lessons from our efforts in USAFE will inform data-driven decisions for improving policy, streamlining processes and enhancing threat-based user training to achieve mission assurance and promote the delivery of decisive air power.”

Results from the test showed most recipients did not fall for the emails. According to the team, the test did not collect individual user information, as it was designed to improve the network’s overall defensive posture.

To protect the network from cyber threats, users should verify every email’s source by verifying that emails from official sources have valid digital signatures. Any embedded links should produce a secure connection, represented by a padlock icon in the browser’s search bar. Users should not enable macros in Microsoft Office documents downloaded from non-DOD sources.

While this initial assessment was conducted specifically in the European theater, Malloy said spear-phishing attempts remain a constant threat to all AFNet users. Users should always be cautious and vigilant. If a malicious email is suspected, users should contact their local communications focal point for guidance.

Engage

Facebook Twitter
RT @DeptofDefense: Defenders, assemble! @usairforce airmen with the 442nd Security Forces Squadron hone their lethality and team-building…
RT @AFResearchLab: Let's celebrate the beginning of Fall and the changing of leaves with this optical microscopy of deformation twins in hi…
RT @624RSG: Are you facing a challenge or dealing with a struggle? People find hope in many different ways, whether it's through family, fa…
RT @AF_Academy: You can’t beat this view. You just can’t. 📸@USAFWingsofBlue https://t.co/JLZcPVp7uP
RT @AirMobilityCmd: #Mobilty #Airmen will move heaven and earth to keep America’s promises to its service members. Check out this story of…
RT @DeptofDefense: Bringing them home. More than 82,000 Americans remain missing from #WWII through the Gulf Wars and other conflicts. The…
RT @USAF_ACC: Today is POW/MIA Day. We will forever remember and honor the lives lost fighting for our country. 🇺🇸 #USAF #POWMIARecognitio
Weren't able to make #ASC19 this year? No problem. We've got the goods. Push ▶️ to hear from first-time attendees a… https://t.co/rEOE1eukwz
Howdy Texans! #AmerciasAirForce is heading to the #lonestarstate on Sept. 27. Hear this #Airman share his love for… https://t.co/BS1ysk4ST3
The return of great power competition requires the U.S. military services to change and adapt quickly. Hear from De… https://t.co/kKiNeHywzp
RT @AirMobilityCmd: The four fans of freedom are blowing strong as a U.S Air Force C-130J Hercules from Little Rock Air Force Base, Arkansa…
RT @ActingSecAF: Kudos to @AirForceAssoc on #ASC19 👏🏻 What a wonderful professional opportunity for #Airmen & industry to expand our compe…
.@ACC_Commander designates the 16th Air Force as a new information warfare numbered #AirForce at #ASC19. As… https://t.co/LMiMJ3rWNO
RT @AstroHague: Thank you to the Airmen across the globe who make the human exploration of space possible. Wishing the @usairforce a happy…
RT @Hanscom_AFB: “The @usairforce is leading the charge across @DeptofDefense. No one else in #government has as much ... of this software…
RT @PACAF: Commanders from Australia, Indonesia, Republic of Korea, Philippines, Thailand and the U.S. met for the 2019 Logistics and Safet…
To all those who helped establish the long blue line past, present and future, we honor you and we remember with th… https://t.co/teymF7proy
#ASC19: "We’re all in this together trying to make your service to country the best experience on the planet. We w… https://t.co/rdbCDBJr2c