Airmen were put to the test when the 86th Airlift Wing inspector general and the 86th Communications Squadron executed a cybersecurity phishing email exercise Feb. 26 on Ramstein.
The purpose of the exercise was two-fold: to test network users’ computer training and readiness and to test the responses of both the information assurance office and the unit information assurance officer.
Phishing emails are crafted to look genuine and are tools for cyber criminals to use in order to gain access to a computer or network. They attempt to trick users into unwittingly opening attachments or clicking on links that lead to malware and viruses that can compromise computers. In this exercise the email was titled, “Changes to military retirement,” and was sent from the organization “Ramstein/A1.”
While USAFE/A1 is a legitimate organization designation, Ramstein/A1 is fictitious. This was done intentionally to demonstrate that cyber criminals do research and try to closely mimic facts, said Capt. Jesse Nelson, 86th CS operations flight commander.
“The goal was to make the email as realistic and believable as possible,” he said. “Gone are the days of the obvious (phishing) attempts.”
Master Sgt. Annette Owens and Master Sgt. Anthony Ford, both lead wing readiness inspection planners for the 86th IG office, worked with Nelson and the 86th CS Information Assurance and Cyber Vulnerability offices to carefully craft the exercise.
Nelson explained there were two primary warning signs users should have questioned: first, the fictitious email sender, “Ramstein A/1,” and second, the attachment contained in the email that was not digitally signed.
“This was a good opportunity to really test our user computer security training and demonstrate the importance,” Nelson said. “It only takes one person to compromise the network.”
Owens also added that the exercise was a good reminder for all users to be more vigilant when it comes to cybersecurity and protecting the network. It is important to maintain mission readiness.
“It is important to remember that our network is only as strong as our weakest link,” Ford said.
The inspection team provided a few tips to help protect the network: Always look for a digital signature, be more skeptical and vigilant, and review the response card that should be located next to the computer.
Nelson also added that it is important to remember that network security is not just something the communication squadron takes care of — it is a shared responsibility and starts with the user.
Ford gave credit to the cyber vulnerability management office that worked hard to ensure the exercise was a success. The team crafted a well-designed phishing email that became an eye-opener for many after it caught them hook, line and sinker.
Results for the inspection are still being compiled.