The Air Force Network is constantly monitored for possible security breaches. (Travis Nuckolls / Air Force)
A rash of breaches of personally identifiable information on the Air Force’s main computer network has prompted the service to crack down on violators.
The Air Force said it tracked about 500 PII breaches on the Air Force Network, or AFNET, over a recent three-month period. And on Oct. 24, the Air Force began locking out AFNET users who are caught inappropriately storing or transmitting such information over the network. The new policy affects all airmen, employees or contractors who use the Air Force Network.
The 68th Network Warfare Squadron and 352nd Network Warfare Squadron, which make up part of the Cyberspace Defense Analysis Weapon System, monitor the network for breaches and violations. When they find one, they report it to the 624th Operations Center, which then reports the breach to 24th Air Force Commander Maj. Gen. J. Kevin McLaughlin. At that point, the violator is locked out of the network and his wing commander is notified.
“A violator’s account will only be unlocked once the first O-6 in their chain of command certifies that the individual has accomplished all necessary actions, to include remedial training,” McLaughlin said.
PII can include information such as someone’s name, address, Social Security number, medical records, financial records, or any other data that can be used directly or with other data to identify, contact or locate a person. A breach is defined as a loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access, or any other situation where someone other than an authorized user, and for other than an authorized purpose, has access or potential access to PII, in either physical or electronic form.
“These breaches can range from one individual sending a performance report containing a Social Security number to another military account without encryption, to the sending of a personnel roster with thousands of pieces of PII to a personal email account, outside of the Air Force Network,” said Air Force Space Command spokeswoman Capt. Christina Sukach. “These breaches do not necessarily translate to stolen identities or other malicious uses of personal information, but they do increase the risks to individuals and to the Air Force Network.”
For example, Sukach said, someone could use network users’ personal information to create a spear phishing campaign to try to gain access to the Air Force Network, or they could steal the user’s identity or otherwise fraudulently use their information. Some breaches can be accidental, and some could be malicious, she said.
Sukach would not release specific information on the 500 information breaches the Air Force observed.
Gen. William Shelton, commander of Air Force Space Command who is responsible for the security and defense of the AFNET, issued a warning Oct. 25 to alert airmen to the threats and the consequences for breaking the rules. “We are taking several steps to improve notification and reporting of PII incidents,” Shelton said in a release. “PII violations create both a personal and operational risk for all of us.”