An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

News | Oct. 31, 2017

On guard against cyber threats

By Tom Gagnier U.S. Central Command Public Affairs

Cybersecurity is a combination of processes, practices, and technologies devised to protect our data, information systems, and networks from unauthorized access, misuse, and malicious cyberattacks.

Experts in cybersecurity share information with USCENTCOM personnel during a cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online.
Experts in cybersecurity share information with USCENTCOM personnel during a cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online. (Department of Defense photo by Tom Gagnier)
Experts in cybersecurity share information with USCENTCOM personnel during a cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online.
USCENTCOM Cybersecurity expo
Experts in cybersecurity share information with USCENTCOM personnel during a cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online. (Department of Defense photo by Tom Gagnier)
Photo By: Tom Gagnier
VIRIN: 171026-F-VG904-001
“All of us need to know what to look for and what precautionary actions to take in order to best protect against cyberattacks,” said Gen Joseph L. Votel, commander, U.S. Central Command.

Cybercrimes, such as data breaches of organizational networks have become commonplace according to the Federal Bureau of Investigation’s Cyber Division. Undeterred by the efforts of information technology (IT) professionals, cybercriminals are finding new ways to exploit online computing systems and access private data.

The Defense intelligence Agency offers some security tips that, if performed consistently, may dramatically reduce the chances that information on your computer will be stolen or corrupted, or your organization’s network will be attacked:

  • Lock your computer when you are away from it to prevent another person access to your data.

  • Keep your firewall turned on.  A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the internet.

  • Install and update antivirus software to disarm or remove malicious software.

  • Don’t open an email attachment from someone you don’t know. You could infect your computer with malicious software.

  • Use complex passwords, longer than eight characters, to include upper and lower case letters, numbers, and symbols. Hackers use automated tools that can break simple passwords.

  • Keep your home Wifi network secure by ensuring encryption [password] and firewall are turned on. Wireless routers often come out of the box with these disabled.

USCENTCOM cybersecurity division arranged events throughout the month of October to educate personnel and their families on hazards lurking in the cyber domain, and provide guidance on ways to mitigate these threats.

U.S. Marine Corps Ssgt William Berotte, a cybersecurity technician at U.S. Central command, demonstrated at a cybersecurity awareness expo, how simple it can be to bypass administrator rights and passwords to exploit older computer operating systems.

U.S. Marine Corps SSgt Michael George, USCENTCOM cybersecurity technician (Left), and U.S. Marine Corps SSgt. William Berotte, USCENTCOM cybersecurity technician (Right), demonstrate how simple it is to "hack" on older computer operating system at the USCENTCOM cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online.
U.S. Marine Corps SSgt Michael George, USCENTCOM cybersecurity technician (Left), and U.S. Marine Corps SSgt. William Berotte, USCENTCOM cybersecurity technician (Right), demonstrate how simple it is to "hack" on older computer operating system at the USCENTCOM cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online. (Department of Defense photo by Tom Gagnier)
U.S. Marine Corps SSgt Michael George, USCENTCOM cybersecurity technician (Left), and U.S. Marine Corps SSgt. William Berotte, USCENTCOM cybersecurity technician (Right), demonstrate how simple it is to "hack" on older computer operating system at the USCENTCOM cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online.
USCENTCOM Cybersecurity expo
U.S. Marine Corps SSgt Michael George, USCENTCOM cybersecurity technician (Left), and U.S. Marine Corps SSgt. William Berotte, USCENTCOM cybersecurity technician (Right), demonstrate how simple it is to "hack" on older computer operating system at the USCENTCOM cybersecurity awareness expo, October 26, 2017. The expo provided the opportunity for personnel and family members to talk with subject matter experts and view exhibits that highlight best security practices, in the workplace and home, to protect critical and personal information online. (Department of Defense photo by Tom Gagnier)
Photo By: Tom Gagnier
VIRIN: 171026-F-VG904-004
“It is important to keep your computer’s operating system up to date,” said Berotte.  “Install the latest security patches and updates to help keep your computer free of viruses and other security threats.”

Even with an up to date, virus free computing device there are risks when performing routine online tasks, such as banking and shopping.

David White, a cybersecurity analyst at U.S. Central Command, provided a simple way for internet users to check the security of financial transactions.

“One should ensure that any online financial transaction is securely carried out by verifying the use of Hyper Text Transfer Protocol Secure (HTTPS) protocol at the beginning of the website address on your web browser,” said White.  “Computer users must also be wary of fraudulent websites and suspicious links when shopping online.

A concern for individuals and organizations alike is the data breach.

Data breaches may involve the compromise of financial information such as credit card or bank details, personal health information (PHI), and personally identifiable information (PII).

“Data breaches are commonly not a user initiated issue,” said White. “To protect yourself, ensure you are monitoring your credit report frequently.”

While data breaches may not be caused by individual users, military personnel need to be mindful of disclosing their organization’s critical information.

Critical information is information that could jeopardize personnel safety and mission accomplishment if shared with strangers.

Operations security (OPSEC) is a process that focuses on identifying and safeguarding critical information.  Many of these processes target online behavior.

USCENTCOM cybersecurity division offers some useful tips to keep OPSEC in mind when using the internet:

  • Limit information sharing on social networks. Don’t discuss current and future operations or make references to trends in unit morale or personnel problems.

  • Avoid free public Wi-Fi. There are dozens of online tutorials showing hackers how to compromise public Wi-Fi.

  • Keep your social media profiles on restricted settings, and be cautious of accepting invitations to connect from people you may not know.         

Cyber threats are real and constant. October events are a good reminder to military service members, civilians, and family members, that we should remain vigilant when using computing devices to conduct business online.

The month of October is National Cybersecurity Awareness Month.