From Office of the Deputy Chief of Naval Operations for Information Warfare (N2N6)
Although cybersecurity is important every day, October’s National Cybersecurity Awareness Month provides the Navy with the opportunity to highlight the critical importance of cybersecurity throughout the enterprise – outlining how adversaries operate, what the Navy is doing to improve its cybersecurity, and what you can do at work and at home to protect the Navy and yourself from cyber threats.
The consensus among our senior military and civilian leaders is clear; the cyber threat is real, and the stakes – in this new era of great power competition – are high.
“Americans and our allies are under attack every day in cyberspace.”
– John Bolton, National Security Advisor
“…persistent campaigns in and through cyberspace that pose long-term strategic risk to the Nation…”
– Department of Defense upon release of its 2018 Cyber Strategy
Despite alarm bells by senior officials, skepticism about the cyber threat remains. Because we can’t see what’s happening in cyberspace like we can in the physical world, observers and stakeholders alike may not fully grasp the prevalence and severity of cyber threats.
Someone would probably notice if coworkers tried to copy or photograph hundreds of thousands of pages of military documents. Yet the same result, the loss of valuable and potentially mission-critical information can be accomplished inconspicuously through a cyberattack, and in fact, hackers have remotely compromised the networks of defense contractors and stolen sensitive military data through just such means.
Similarly, a kinetic attack on a power plant would be obvious and invite an immediate response, while cyberattacks are unseen and more difficult to trace, which is why Russian hackers were able to covertly disable equipment at a Ukrainian power company in 2016, cutting off power to the city of Kiev for over an hour.
Lest we think our infrastructure is immune, the U.S. government acknowledged Russian hacking and infiltration of our power companies earlier this year, reinforcing the fact that our adversaries are capable of and continuously attempting to breach our networks, systems and critical warfighting infrastructure in an effort to compromise military readiness and operational security.
Understanding the consequences of our actions in cyberspace is essential to combating cyber threats, and Cybersecurity Awareness Month is an important time for us all to be reminded of the ways in which we can contribute to either the strength or the weakness of the enterprise, through our day-to-day actions – at work, at home and at sea.
Connecting an unauthorized thumb drive that contains malicious software to the network is an innocent mistake with potentially damaging consequences. A weak password could allow adversaries to gain access to the network, and causes a majority of system breaches. Posting updates on social media that give clues as to the locations of ships and Sailors could compromise operational security.
In the vast majority of cases, cyber threats don’t cause fires or explosions, and they are not accompanied by grand declarations by state actors, which is exactly what makes them so dangerous. They are unseen, they are real and they can be crippling to our Navy. Sailors, civilians, contractors and families are our front line of defense in this fight – and by adhering to cybersecurity policies, directives and best practices – we can all help keep the Navy secure, as well as protect ourselves and our families while online.
The Navy is counting on you to help protect it from cyber threats. Be on the lookout for updates throughout the month providing information on how our adversaries operate, what the Navy is doing to combat threats, and what you can do to protect the Navy and yourself in the cyber domain.
Editor’s note: Info-graphic data sources include the Defense Information Systems Agency, McAfee, Trustwave and Verizon.