HomeNewsArticle Display

Rise of the Cyber Wingman: 10 principles Airmen must know

U.S. Air Force photo illustration.

U.S. Air Force photo illustration.

THE PENTAGON -- Every day, malicious code, worms, botnets and hooks attack Air Force computers hardware, software and the Internet. They infiltrate classified information and compromise national security. In response, the Air Force is stepping up its mission to defend cyberspace.

Cyberspace adversaries attack Department of Defense computer networks every day. They range from individual hackers, criminal organizations and terrorists, to nation states. Though they aren't successful the majority of the time, they have stolen classified information from networks and computers, including future weapon systems, logistics information and Airmen's personal information.

Mission success is the goal of protecting networks from attack. In August, Chief of Staff Gen. Norton Schwartz outlined steps the Air Force is taking to centralize this mission. He said that those steps are just the beginning. "To make significant progress we must also change the way we think about the cyberspace domain," General Schwartz wrote to Air Force members in a service-wide email.

The most common way of getting information is phishing. This attack targets the weakest link in network security - the user. It involves sending e-mails containing attachments and linked Web sites that appear legitimate. Phishing tricks Airmen into downloading malicious code which provides a door into that network or computer from remote locations. Phishing happens at work or home.

"Applying our Wingman culture in the cyberspace domain gives us a powerful advantage - every Airman is a defender in cyberspace," said General C. Robert Kehler, Air Force Space Command commander.

The activation of 24th Air Force Aug. 18 helps define Air Force requirements and establishes training standards for cyber warriors. The next step is to educate every Airman about the Cyber Wingman campaign.

"We must all conduct ourselves as "Cyber Wingmen," recognizing that our actions and activities on the network affect every other Airman and impact our ability to execute the broader Air Force mission," General Schwartz said.

The "Rise of the Cyber Wingman" philosophy incorporates the following 10 guiding principles every Airman needs to know and use to secure cyberspace.

1. The United States is vulnerable to cyberspace attacks by relentless adversaries attempting to infiltrate our networks- at work and at home- millions of times a day, 24/7.

2. Our adversaries plant malicious code, worms, botnets and hooks in common Web sites, software and hardware such as thumbdrives, printers, etc.

3. Once implanted, this code begins to distort, destroy and manipulate information, or "phone" it home. Certain code allows our adversaries to obtain higher levels of credentials to access highly sensitive information.

4. The adversary attacks your computers at work and at home knowing you communicate with the AF network by e-mail, or transfer information from one system to another.

5. As Cyber Wingmen, you have a critical role in defending your networks, your information, your security, your teammates and your country.

6. You significantly decrease our adversaries' access to our networks, critical USAF information, and even your personal identity, by tak┬Čing simple action.

7. Do not open attachments or click on links unless the email is digitally signed, or you can directly verify the source- even if it appears to be from someone you know.

8. Do not connect any hardware or download any software, applications, music or information onto our networks without approval.

9. Encrypt sensitive but unclassified and/or mission critical information. Ask your CSA for more information.

10. Install the free Department of Defense anti-virus software on your home computer. Your CSA can provide you with your free copy.

"By embracing, understanding and applying each of these rules, we will deliver on our promise to fly, fight and win in air, space and cyberspace," General Schwartz said.
USAF Comments Policy
If you wish to comment, use the text box below. AF reserves the right to modify this policy at any time.

This is a moderated forum. That means all comments will be reviewed before posting. In addition, we expect that participants will treat each other, as well as our agency and our employees, with respect. We will not post comments that contain abusive or vulgar language, spam, hate speech, personal attacks, violate EEO policy, are offensive to other or similar content. We will not post comments that are spam, are clearly "off topic", promote services or products, infringe copyright protected material, or contain any links that don't contribute to the discussion. Comments that make unsupported accusations will also not be posted. The AF and the AF alone will make a determination as to which comments will be posted. Any references to commercial entities, products, services, or other non-governmental organizations or individuals that remain on the site are provided solely for the information of individuals using this page. These references are not intended to reflect the opinion of the AF, DoD, the United States, or its officers or employees concerning the significance, priority, or importance to be given the referenced entity, product, service, or organization. Such references are not an official or personal endorsement of any product, person, or service, and may not be quoted or reproduced for the purpose of stating or implying AF endorsement or approval of any product, person, or service.

Any comments that report criminal activity including: suicidal behaviour or sexual assault will be reported to appropriate authorities including OSI. This forum is not:

  • This forum is not to be used to report criminal activity. If you have information for law enforcement, please contact OSI or your local police agency.
  • Do not submit unsolicited proposals, or other business ideas or inquiries to this forum. This site is not to be used for contracting or commercial business.
  • This forum may not be used for the submission of any claim, demand, informal or formal complaint, or any other form of legal and/or administrative notice or process, or for the exhaustion of any legal and/or administrative remedy.

AF does not guarantee or warrant that any information posted by individuals on this forum is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. AF may not be able to verify, does not warrant or guarantee, and assumes no liability for anything posted on this website by any other person. AF does not endorse, support or otherwise promote any private or commercial entity or the information, products or services contained on those websites that may be reached through links on our website.

Members of the media are asked to send questions to the public affairs through their normal channels and to refrain from submitting questions here as comments. Reporter questions will not be posted. We recognize that the Web is a 24/7 medium, and your comments are welcome at any time. However, given the need to manage federal resources, moderating and posting of comments will occur during regular business hours Monday through Friday. Comments submitted after hours or on weekends will be read and posted as early as possible; in most cases, this means the next business day.

For the benefit of robust discussion, we ask that comments remain "on-topic." This means that comments will be posted only as it relates to the topic that is being discussed within the blog post. The views expressed on the site by non-federal commentators do not necessarily reflect the official views of the AF or the Federal Government.

To protect your own privacy and the privacy of others, please do not include personally identifiable information, such as name, Social Security number, DoD ID number, OSI Case number, phone numbers or email addresses in the body of your comment. If you do voluntarily include personally identifiable information in your comment, such as your name, that comment may or may not be posted on the page. If your comment is posted, your name will not be redacted or removed. In no circumstances will comments be posted that contain Social Security numbers, DoD ID numbers, OSI case numbers, addresses, email address or phone numbers. The default for the posting of comments is "anonymous", but if you opt not to, any information, including your login name, may be displayed on our site.

Thank you for taking the time to read this comment policy. We encourage your participation in our discussion and look forward to an active exchange of ideas.