WASHINGTON (NNS) -- The Department of Homeland Security's "If You See Something, Say Something"™ campaign raises our awareness of terrorism indicators, and stresses the importance of reporting suspicious activity to law enforcement.
A similar approach is needed in the cyber domain to protect the Navy's systems and networks. If you see something suspicious or unauthorized, say something, because vigilance and adherence to cybersecurity best practices protects the Navy's operational capabilities.
What kinds of things should you look for and who should you tell?
According to the Navy Information Assurance Program, commanding officers, commanders, officers-in-charge, and directors are responsible for the overall implementation of information assurance (now called cybersecurity) at the command level. They appoint information assurance managers (IAM) who report to the command on all cybersecurity matters.
Bottom line: Report suspicious or unauthorized cyber activity to your IAM, who should be identified in the plan of the day.
Now, what kind of activities should you report to your IAM?
Best practices for keeping Navy networks and systems secure are important to remember. Topping the list of best practices is "Don't Take the Bait," which describes a form of email spoofing called "phishing" and how to recognize it. Phishing may involve sending unwanted e-mail messages, often with malicious content, in large quantities to an indiscriminate set of recipients in the hopes that at least one "takes the bait."
If you're on the Navy Marine Corps Intranet (NMCI), report spam and suspected phishing emails by forwarding them as an attachment to nmci_spam@navy.mil, then delete them from your inbox and sent items folder. Doing so will help NMCI block spammers and phishers. Also, report these emails to your IAM.
For non-NMCI users, the best practice for possible phishing emails or emails that contain suspicious attachments is to delete them as well as report them to your IAM.
Unsolicited emails that request sensitive personal or organizational information should be reported to your IAM. Attackers with this information can hurt you personally by stealing your identity, threaten the operational security of the command, or make themselves appear legitimate to others so they can compromise the Navy's cyber defenses.
Report any unauthorized devices connected to the network. Devices like thumb drives and cell phones may inadvertently contain software that allows an intruder inside the Navy's defenses if they're plugged into Navy computers or systems.
Peer-to-peer (P2P) file sharing programs, like some that share music files, should also be reported to your IAM because they can spread bad software inside the Navy's network defenses.
If the answer to any of the below questions raised by the Department of Homeland Security's Computer Emergency Response Team is "yes", report the incident to your IAM.
* Suspicious questioning. Are you aware of anyone attempting to gain information in person, by phone, mail, email or other means regarding the configuration or cybersecurity posture of the Navy's network, websites, software or hardware?
* Unauthorized access. Are you aware of anyone attempting (either failed or successful) to gain unauthorized access to systems or data?
* Unauthorized changes or additions. Has anyone made unauthorized changes to the Navy's hardware or software without the knowledge, instruction, or consent of the Information Technology Department?
* Unauthorized use. Are unauthorized people using Navy systems for storing or processing data? Are former Navy personnel still accessing Navy systems?
You are the target, but you are also the solution. Knowing the types of activities that could compromise the Navy's cyber defenses or indicate malicious intent as well as who should be alerted will help protect our mission, systems, networks and data.
Vigilance and commitment to cybersecurity is essential for protecting the Navy. Don't let complacency create new vulnerabilities.