April 27, 2015 --
In today's environment of easy and anonymous access to personal information, it is more important than ever to do everything individuals can to keep themselves and their loved ones safe online.
Recent events such as the posting of names and addresses of 100 service members on the Internet by the terrorist group Islamic State of Iraq and Syria/Islamic State of Iraq and the Levant have highlighted the very real risk of sharing personal information online. The information ISIS/ISIL posted did not come from hacked databases or sophisticated computer intrusions, it came from publicly available information openly accessible on the Internet, on personal and official websites.
Islamic State of Iraq and Syria/Islamic State of Iraq and the Levant took advantage of what many other cyber criminals already know: that the Worldwide Web can be a gold mine which produces nuggets of a wide variety of personal information. People oftentimes share more information than they realize and ISIS/ISIL has become very good at finding disparate data points, then connecting the dots for bad purposes.The lack of physical interaction gives individuals a false sense of security and provides the impression that they are sharing the information only with friends, rather than everyone else online.
Navy and Marine Corps personnel and their families should be aware that what they and others share about them online can place them in jeopardy. As service members or families of service members, they are a prime target and their online postings may be unknowingly providing valuable information that could be used to target them, their families and their fellow service members.
Any information that identifies an affiliation with the Department of Defense could make personnel a potential target of terrorist groups or a lone-wolf radical. This includes pictures of service members in uniform, other military identifiable items or posts about the U.S. military on social media sites.
Take the time to develop good operational security practices with your online identity and with your use of technology. Service members should ensure they are not discussing mission-related activities or details online. Be mindful of the vulnerability of location services embedded in most social network platforms and camera apps, which generate metadata that can be exploited to identify service members and detect patterns and frequently visited locations. Individuals should disable or delete accounts they are no longer using and take extreme care with how and to whom they provide their personally identifiable information.
Personnel should start now to ensure they and their families are staying safe online and in the real world. The Naval Criminal Investigative Service has developed reference materials for Department of Navy personnel to use to ensure that they are not placing themselves at unnecessary risk. Local NCIS offices can provide commands with handouts and also provide briefings in conjunction with the NCIS crime reduction campaign. Information about physical security steps individuals can take can be found in the handout "NCIS Threat Management: Security Recommendations," available at www.ncis.navy.mil.
Additionally, the Department of Defense website, DOD.gov, provides the "Guide to Keeping your Social Media Accounts Secure." This downloadable PDF provides specific guidance on steps that can be taken to keep Facebook, Twitter, Instagram and Flickr accounts safe, such as modifying specific security settings, creating secure passwords and deleting old accounts.
Protecting yourself in the virtual world is just as important as protecting yourself in the physical world. The adversary is watching and there is a heightened need for continued awareness, vigilance and reporting of suspicious activity. Remember, "If you see something, say something."
Report suspicious activity to your local NCIS office at 229-639-5512; online at NCIS.navy.mil or by calling the NCIS Hotline at 1-877-579-3648.