Vandenberg initiates information assurance exercise
By 2nd Lt. Matthew Dombrowski, 30th Space Wing Public Affairs
/ Published December 29, 2009
VANDENBERG AIR FORCE BASE, Calif. -- Vandenberg's 30th Space Communications Squadron and Vandenberg's Wing Information Assurance Office conducted Operation Catch an Eagle to evaluate information protection posture of the base by sending a phishing e-mail asking for personally identifiable information Dec. 8. The e-mail was sent from a supposedly legitimate authority, however had no valid digital signature. Although the majority of the base population handled the suspicious e-mail properly there is still a need to raise cyber vigilance for base network users.
Phishing is a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly. Every year, theft due to phishing scams amounts to approximately $3 billion.
While some users on base encrypted their responses to the emails or replied without providing any information, it is important to note that any response, regardless of what it entails, can grant a malicious adversary access to that system. For this reason, any response to the email mandated account disabling and retraining. An ideal information protection posture would have meant that no users responded to the email or provided any personally identifiable information, however the exercise increased user awareness of being targeted in phishing schemes.
As a reminder, if you receive an email asking for personally identifiable information, ensure that the email is digitally signed and verified before providing an encrypted response. If the email is not digitally signed and verified, do not respond and notify your unit Information Assurance Officer.
If you have any questions about this exercise or other policies, contact Vandenberg's Wing Information Assurance Office at 805-606-7173.