24th Air Force   Right Corner Banner
Join the Air Force

Library > The Cyber Space
The Cyber Space

Welcome to the Cyber SpaceWelcome to the Cyber Space - where readers can find information of interest and cyber security tips provided by 24th Air Force and other government entities. The content is intended to be a "one-stop shop" of useful and educational links, stories and materials for both Air Force members and the public. All content is unclassified and can be shared with family and friends. If you have suggestions of additional, non-copyrighted content, please  e-mail the 24th Air Force Public Affairs office at 24af.pa@us.af.mil.



The appearance of hyperlinks does not constitute endorsement by 24th Air Force, Air Force Space Command, the United States Air Force, or the Department of Defense of the external Website, or the information, products, or services contained therein. For more information, click this link.
tabAFCYBER Commander's Highlights 
The NSA's Cyber Best Practices for Home ComputingBest Practices for Keeping Your Home Network Secure
This document is one of many the Information Assurance Directorate of the National Security Agency freely provides to the public outlining practical tips for improving the security of all kinds of applications, operating systems, routers, databases and more. This latest guide will go a long way in helping those who are interested to protect both their public and private networks.
tabWhite House Fact Sheets on Cyberspace 
tabU.S. Government Reports on Cyber 
Department of Defense Cyberspace Policy Report
The Department of Defense has delivered a report to Congress outlining the Pentagon's cyber security policy in accordance with the National Defense Authorization Act.

An excerpt of the report's introduction is as follows:

Cyberspace is a critical enabler to Department of Defense (DoD) military, intelligence, business and, potentially, civil support operations. While the development and integration of cyber technologies have created many high leverage opportunities for DoD, our increasing reliance upon cyberspace also creates vulnerabilities for both DoD and the Nation


GAO Report - Social Media in Federal AgenciesGAO Report to Congressional Requesters on social media use in federal agencies

GAO was asked to (1) describe how federal agencies are currently using commercially provided social media services and (2) determine the extent to which agencies have developed and implemented policies and procedures for managing and protecting information associated with this use. To do this, GAO examined the headquarters-level Facebook pages, Twitter accounts, and YouTube channels of 24 major federal agencies; reviewed pertinent policies, procedures, and guidance; and interviewed officials involved in agency use of social media.

CRS Report on Promoting Global Internet FreedomCongressional Research Service Report on Promoting Global Internet Freedom: Policy and Technology

This report provides information about federal and private sector efforts to promote and support global Internet freedom, a description of Internet freedom legislation from the 112th Congress, and suggestions for further reading on this topic. Two appendixes describe censorship and circumvention technologies.

CRS Report on Terrorist Use of the InternetCongressional Research Service Report on Terrorist Use of the Internet: Information Operations in Cyberspace

This report describes the ways that international terrorists and insurgents use the Internet, strategically and tactically, in pursuit of their political agendas. This discussion covers terrorist information operations in cyberspace but does not discuss similar activities in other domains. The government response is also discussed in terms of information operations. Technical aspects of cybersecurity and network intrusion detection are outside the scope of this report.

Congressional Research Service Report on SpywareCongressional Research Service Report on Spyware: Background and Policy Issues for Congress

The main issue for Congress over spyware is whether to enact new legislation specifically addressing spyware, or to rely on industry self-regulation and enforcement actions by the Federal Trade Commission and the Department of Justice under existing law. Opponents of new legislation argue that industry self-regulation and enforcement of existing laws are sufficient. They worry that further legislation could have unintended consequences that, for example, limit the development of new technologies that could have beneficial uses. Supporters of new legislation believe that current laws are inadequate, as evidenced by the growth in spyware incidents.
tabAcademic Work in Cyberspace 
Naval Postgraduate School Thesis on Optimizing Security of Cloud Computing within the DoDNaval Postgraduate School Thesis on Optimizing security of cloud computing within the DoD

What countermeasures best strengthen the confidentiality, integrity and availability of the implementation of cloud computing with the DoD? This question will be answered by analyzing threats and countermeasures within the context of the ten domains comprising the Certified Information System Security Professional (CISSP) Common Body of Knowledge (CBK). The ten domains that will be used in this analysis include access control; telecommunications and network security; information security governance and risk management; application security; cryptography; security architechture and design; operations security; business continuity planning and disaster planning; legal regulations, compliance, and investigation; and physical security. The results of this research provide a comprehensive guide for any DoD entity attempting to secure its cloud solution.
tabAFNIC Book of the Month 
To provide cyber professionals relevant and current readings on cyberspace operations and theory, the Air Force Network Integration Center commander offers the following monthly book as suggested reading. The books suggested are offered to help cyber professionals see aspects of cyberspace from new perspectives. While readers may or may not agree with authors' points of view, the goal of the book of the month is to encourage thinking outside the average constrains of daily cyberspace operations.

Hope you enjoyed last month's book, The Innovator's Dilemma

October 2012The Idea Factory: Bell Labs and the Great Age of American Innovation

By book cover: what the dormouse saidJon Gertner

A sweeping, atmospheric history of Bell Labs that highlights its unparalleled role as an incubator of innovation and birthplace of the century's most influential technologies.

Bell Laboratories, which thrived from the 1920s to the 1980s, was the most innovative and productive institution of the twentieth century. Long before America's brightest scientific minds began migrating west to Silicon Valley, they flocked to this sylvan campus in the New Jersey suburbs built and funded by AT&T. At its peak, Bell Labs employed nearly fifteen thousand people, twelve hundred of whom had PhDs. Thirteen would go on to win Nobel prizes. It was a citadel of science and scholarship as well as a hotbed of creative thinking. It was, in effect, a factory of ideas whose workings have remained largely hidden until now.

New York Times Magazine writer Jon Gertner unveils the unique magic of Bell Labs through the eyes and actions of its scientists. These ingenious, often eccentric men would become revolutionaries, and sometimes legends, whether for inventing radio astronomy in their spare time (and on the company's dime), riding unicycles through the corridors, or pioneering the principles that propel today's technology. In these pages, we learn how radar came to be, and lasers, transistors, satellites, mobile phones, and much more.

Even more important, Gertner reveals the forces that set off this explosion of creativity. Bell Labs combined the best aspects of the academic and corporate worlds, hiring the brightest and usually the youngest minds, creating a culture and even an architecture that forced employees in different fields to work together, in virtually complete intellectual freedom, with little pressure to create moneymaking innovations. In Gertner's portrait, we come to understand why both researchers and business leaders look to Bell Labs as a model and long to incorporate its magic into their own work.

Written with a novelist's gift for pacing and an ability to convey the thrill of innovation, The Idea Factory yields a revelatory take on the business of invention. What are the principles of innovation? How do new technology and new ideas begin? Are some environments more favorable than others? How should they be structured, and how should they be governed? Can strokes of genius be accelerated, replicated, standardized? The history of Bell Labs provides crucial answers that can and should be applied today by anyone who wants to understand where good ideas come from.
tabSocial Networks - Cyber Tips 
Please click on the links below to get information on protecting yourself & your loved ones on Social Networks.
    Facebook          Google+

  Linked IN         Twitter  Twitter  

tabCyber Tip of the Week 
lock logoWhy are network security warnings important?

Like the real world, technology and the internet present dangers as well as benefits. Equipment fails, attackers may target you, and mistakes and poor judgment happen. Just as you take precautions to protect yourself in the real world, you need to take precautions to protect yourself online. For many users, computers and the internet are unfamiliar and intimidating, so it is appropriate to approach them the same way we urge children to approach the real world.

What are some warnings to remember?

· Don't trust candy from strangers - Finding something on the internet does not guarantee that it is true. Anyone can publish information online, so before accepting a statement as fact or taking action, verify that the source is reliable. It is also easy for attackers to "spoof" email addresses, so verify that an email is legitimate before opening an unexpected email attachment or responding to a request for personal information.

· If it sounds too good to be true, it probably is - You have probably seen many emails promising fantastic rewards or monetary gifts. However, regardless of what the email claims, there are not any wealthy strangers desperate to send you money. Beware of grand promises--they are most likely spam, hoaxes, or phishing schemes. Also be wary of pop-up windows and advertisements for free downloadable software--they may be disguising spyware .

· Don't advertise that you are away from home - Some email accounts, especially within an organization, offer a feature (called an autoresponder) that allows you to create an "away" message if you are going to be away from your email for an extended period of time. The message is automatically sent to anyone who emails you while the autoresponder is enabled. While this is a helpful feature for letting your contacts know that you will not be able to respond right away, be careful how you phrase your message. You do not want to let potential attackers know that you are not home, or, worse, give specific details about your location and itinerary. Safer options include phrases such as "I will not have access to email between [date] and [date]." If possible, also restrict the recipients of the message to people within your organization or in your address book. If your away message replies to spam, it only confirms that your email account is active. This may increase the amount of spam you receive.

· Lock up your valuables - If an attacker is able to access your personal data, he or she may be able to compromise or steal the information. Take steps to protect this information by following good security practices. Some of the most basic precautions include locking your computer when you step away; using firewalls, anti-virus software, and strong passwords; installing appropriate software updates; and taking precautions when browsing or using email.

· Have a backup plan - Since your information could be lost or compromised (due to an equipment malfunction, an error, or an attack), make regular backups of your information so that you still have clean, complete copies. Backups also help you identify what has been changed or lost. If your computer has been infected, it is important to remove the infection before resuming your work. Keep in mind that if you did not realize that your computer was infected, your backups may also be compromised.
tabUS-CERT Self Help Center 
US-CERT Self Help CenterThe United States Computer Emergency Readiness Team's mission is to improve the nation's cybersecurity posture, coordinate cyber information sharing and proactively manage cyber risks to the nation while protecting the constitutional rights of citizens of the United States. They are the operational arm of the National Cyber Security Division at the Department of Homeland Security. Below are links to information provided by US-CERT to assist the public with operating cyberspace technology in a more secure manner. For more information, visit the US-CERT Website.

US-CERT Monthly Activity Summary - September 2011


Recognizing and avoiding e-mail scamsRecognizing and avoiding e-mail scams

This is an introduction to what e-mail scams are, how they work, and how to avoid them.


Avoiding online gaming risksPlaying it safe: avoiding online gaming risks

This paper discusses technological and social risks associated with online gaming.


Banking securely onlineBanking securely online

This paper discusses risks associated with online banking and provides some practices for using it safely.



Using social networking services securelySocializing securely: using social networking services

This paper describes some security risks associated with social networking services and offers tips to minimize these risks.


Cyber threats to mobile phonesCyber threats to mobile phones

This paper describes cyber threats to smartphones and feature phones, describes some of the consequences of such attacks, and offers tips on protecting your mobile phone.

Using wireless technology securelyUsing wireless technology securely

This is an overview of the risks associated with wireless technology and some practices for using it safely.


Risks of ignoring software license agreementsSoftware license agreements: ignore at your own risk

This paper provides an overview of the risks computer users may incur by blindly agreeing to terms contained in software licensing agreements.


Spyware overviewAn overview of spyware

This paper provides an overview of spyware and some practices to defend against it.



Router securitySmall office/home office router security

This paper provides information on home routers and how to increase your router security.


Basics of cloud computingThe basics of cloud computing

This paper provides information on what cloud computing is, how it can help small businesses and home users, and possible security concerns.
tabAir Force PKI Information 
Air Force Public Key InfrastructureA vital element of the Department of Defense strategy in defending its information is the use of a common, integrated DoD Public Key Infrastructure to enable network security services through the enterprise. PKI is significant in implementing the DoD strategy to protect information assets.

The Air Force PKI System Program Office provides information products for all Air Force users to understand new initiatives taking place as new technologies are implemented to provide better protection to Air Force information. Linked below is information on current initiatives. For further information, you can contact the Air Force PKI Help Desk at afpki.helpdesk@us.af.mil.

Air Force PKI Newsletter - Summer 2011The Key to PKI: Air Force PKI Newsletter
Summer 2011

The Key to PKI is published quarterly with the approval of the Air Force PKI System Program Office program manager. The Air Force PKI SPO is the Public Key Infrastructure Section of the Information Assurance Branch, Cryptologic Systems Division, Hanscom Cyber/Netcentric Directorate, Lackland Air Force Base, Texas.

SIPRNet Hardware Token Fact SheetSecret Internet Protocol Router Network Hardware Token Fact Sheet

A new smart card, known as a hardware token, is being evaluated for use on the Secret Internet Protocol Router Network (SIPRNet).

Similary to the Common Access Card, the SIPRNet token contains individual PKI certificates used for network logon, Website authentication, and secure e-mail.

SIPRNet Hardware Token Frequently Asked Questions

Smart Card Logon Next Generation Fact SheetSmart Card Logon / Next Generation Fact Sheet

Smart Card Logon / Next Generation is evolving technology that will empower most Air Force network users with the ability to log on to multiple unclassified Air Force network accounts with a single Common Access Card.

 Inside 24AF

ima cornerSearch
GeneralImagesVideo
  View All RSS RSS feed

tabCyber Stories of Interest
 John Kerry: Cyber Conflict One of World's Greatest Threats
 U.S. Homeland Chief: Cyber 9/11 Could Happen "Imminently"
 Air Force Turns Fighter Planes into Wireless Routers
 Federal spending not all bleak in S.A.
 CyberPatriot Announces Teams Advancing to the National Finals Competition
 Radware Releases Global Security Report - Reveals New Cyber Attack Methods
 Air Force Cyber-Operations Wing to Go on Hiring Binge
 Iran's Cyber Threat Potential Great, U.S. General Says
 Cyber Professionals in the Military and Industry - Partnering in the Defense of the Nation
 Banks Seek U.S. Help on Iran Cyberattacks
 The Growing Problem of Cyber Threats
 Cyber Attacks Bring Call for Help
 'Drive-by Attacks' Top Cyber Threat
 Defense Law Aims to Preempt Software Supply Chain Attacks
 Hackers Secure F-35 Fighter Plans
 Defense Bill Emphasizes Cyber Operations
tabCyberspace Organizations
 24th Air Force finds its place in cyberspace
 National Security Council - Cybersecurity
 U.S. DoD Cyber Strategy
 U.S. Cyber Command
 Army Cyber Command
 Fleet Cyber Command
 DoD Cyber Crime Center
 National Security Agency
 Defense Information Systems Agency
 Air Force Network Integration Center
 Air University
 Air Force Institute of Technology

The Official Web Site for 24th Air Force
Site Map      Contact Us     Questions     USA.gov     Security and Privacy notice     E-publishing