The Air Force failed to effectively manage and investigate numerous cyber events in 2009, according to a recent Air Force Audit Agency report based on a 2010 investigation. For example, the Air Force Computer Emergency Response Team, responsible for monitoring suspicious activity on the Air Force network, did not even investigate 23 percent, or 18 of 78, “category 5” cyber events, found the AFAA auditors. A category 5 activity could expose Air Force systems to increased risk, such as an Air Force user accessing a domain known to host malicious files. Network personnel also failed to implement corrective actions, like restricting access to certain websites, streaming media, and social networking, to prevent cyber incidents from recurring, stated the auditors. The report recommended, and the Air Force agreed, that 24th Air Force—USAF’s cyber operations arm—should boost its network storage capacity so personnel can retain audit logs that will help them keep track of malicious websites. The Air Force also should establish a standard list of restricted proxy server categories, according to the report. These changes are expected to be in place by January. (Full report; caution, large-sized file.)
More than seven weeks still remain until the 2023 fiscal year begins on Oct. 1, but observers of Congress are already warning that time is running out for lawmakers to pass the annual National Defense Authorization Act and appropriations bill that will fund the Pentagon before that deadline. Should Congress…