The Air Force failed to effectively manage and investigate numerous cyber events in 2009, according to a recent Air Force Audit Agency report based on a 2010 investigation. For example, the Air Force Computer Emergency Response Team, responsible for monitoring suspicious activity on the Air Force network, did not even investigate 23 percent, or 18 of 78, “category 5” cyber events, found the AFAA auditors. A category 5 activity could expose Air Force systems to increased risk, such as an Air Force user accessing a domain known to host malicious files. Network personnel also failed to implement corrective actions, like restricting access to certain websites, streaming media, and social networking, to prevent cyber incidents from recurring, stated the auditors. The report recommended, and the Air Force agreed, that 24th Air Force—USAF’s cyber operations arm—should boost its network storage capacity so personnel can retain audit logs that will help them keep track of malicious websites. The Air Force also should establish a standard list of restricted proxy server categories, according to the report. These changes are expected to be in place by January. (Full report; caution, large-sized file.)
Earlier this spring, the 388th Fighter Wing proved just 12 Airmen can operate an F-35 contingency location, refueling and rearming the fighters at spots across Georgia and South Carolina. The demonstration, part of exercise Agile Flag 23-1, marks yet another proof of concept for the Air Force’s plan to send…