USMC bans Facebook, Twitter

[dapaterson]

Marines ban Twitter, Facebook, other sites

The U.S. Marine Corps has banned Twitter, Facebook, MySpace and other social media sites from its networks, effective immediately.

The Marine Corps fears that social media sites such as Facebook could pose a security risk.

"These internet sites in general are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries," reads a Marine Corps order, issued Monday.

"The very nature of SNS [social network sites] creates a larger attack and exploitation window, exposes unnecessary information to adversaries and provides an easy conduit for information leakage that puts OPSEC [operational security], COMSEC [communications security], [and] personnel... at an elevated risk of compromise."

The Marines' ban will last a year. It was drawn up in response to a late July warning from U.S. Strategic Command, which told the rest of the military it was considering a Defense Department-wide ban on the Web 2.0 sites, due to network security concerns.

http://www.cnn.com/2009/TECH/08/04/marines.social.media.ban/index.html

 

[PACRESGRU]

I can and do both empathize and agree with that decision. I mean, you don't see a Taliban page on Facebook, do you?

 

[SARgirl]

Interesting.  However, now that Pandora's Box has been opened on networking sites, I don't see how there could ever really be a 100% effective ban on these sorts of sites.  The ban could only really be, at best, enforced while the soldiers were at work and even if the soldiers were told no networking sites were allowed during their personal lives, there are endless family members and friends who often times will have this or that regularly posted information and photos on networking sites or blogs to showcase the solider or soldiers who they are so proud of.  Loss of information, which could potentially... possibly... maybe... compromise security, is every where across the internet; pretty tough close that box once opened.

 

[Rigger052]

There is, sadly enough, a Facebook page supporting the Taliban. There is also a group trying to get said page banned from Facebook ( Ban the group "Taliban Soldiers are heroes").

The security issue posed here is definitely viable, however it is not necessarily the Marines themselves that may be the only ones that could violate OPSEC, or COMSEC. The families of said Marines would also have to maintain vigilance that a seemingly innocent picture or statement not violate these tenets as well. A single comment alone could provide very minimal insight into something like an operation for example, but several comments pieced together over time could prove useful to the wrong people.

Just my  :2c:

 

[Roy Harding]

I understand the motive behind this move.  I don't know how effective the action will be.

As others have noted - you can ban Marines from using these networks - but those Marines have families, over whom the Marine Corps exercises no control.

I think a better approach may be to "co-opt" these sites. Regarding how to do that, however, I have no clue. 

Apparently - neither does the Marine Corps.

 

[Greymatters]

Its a pretty tricky situation - how will they monitor and enforce this rule?  Or is it merely a catch-all so that if someone does blow OPSEC using one of these accounts they can be held accountable for it?

The drift into personal areas is also of interest - is a person banned from using these sites only during deployments?  Or is it meant to apply to any Marine currently engaged in active service?  Will it also apply to all vendors and service providers who have contracts with the USMC?

I guess we'll have to wait for a few court cases to see how this works out...

 

[Doom]

I can and do both empathize and agree with that decision. I mean, you don't see a Taliban page on Facebook, do you?

Actually I think there are many. How ever, I didn't stumble upon the one mentioned by Rigger052. There are many other ones on there. Many with no wall posts etc. I was just brought to look them up when you guys mentioned something.

Other than that I fully support the banning of such social websites, for that very reason. You never know who may be watching and what they're looking at. For instance you don't want to put ones personal interests at risk while performing duty etc. I guess you could say it was a worth while move in the long run. I'm not sure you're allowed on those sites in the Canadian Forces. But I'm sure there might be a little leeway.

I guess we'll have to wait for a few court cases to see how this works out...

As Greymatters states, this is probably true. And knowing the American government it might be enforced. I wonder what any punishment for breaking the rules would be though (such as proxies etc)

 

[Greymatters]

With the way Facebook has changed its system the last few months, it is also very easy to make your account or a group account 'invisible' to the general public.  For every Taliban-related group you find, there's likely to be at least another out there you cant see. 

The messaging section of Facebook is still considered very secure from viewing by third parties - but protecting your account from hacking/unwanted viewers is still highly dependent on the wisdom of the user...   

 

[Fusaki]

The security issue posed here is definitely viable, however it is not necessarily the Marines themselves that may be the only ones that could violate OPSEC, or COMSEC. The families of said Marines would also have to maintain vigilance that a seemingly innocent picture or statement not violate these tenets as well. A single comment alone could provide very minimal insight into something like an operation for example, but several comments pieced together over time could prove useful to the wrong people.

  True, but...  If all members of the CF were threatened administrative action if they did not delete their Facebook accounts, the amount if intelligence gathered by the enemy would drop to a fraction of what it is today. 

As pointed out above, a soldier might know not to post sensitive material on on his Facebook page but his family and friends might not realize the gravity of these things.  While comments from girlfriends and relatives might be individually insignificant, when  linked together they can paint a clearer picture of what our plans are. 

Facebook facilitates the linking of intelligence through each user's Friend's List.  Any spy or terrorist could easily make up a Facebook profile with some slutty chick's photos and just start searching profiles through the occupation "Canadian Forces".  After being accepted as a friend by only a few army guys, a spy or terrorist only needs to start going down the soldier's Friends List adding people.  What 19 year old army guy could resist turning down a friend request from a good looking girl, even if he's not sure how he knows her?  From there, it's viral.  Once a guy sees that he has other friends in common with this "girl", he's more likely to assume that he met her at Shots/Sweetwaters/ect last Thursday.  Before you know it, any spy or terrorist posing as an attractive woman through Facebook has used soldier's Friends Lists to link together all sorts of "insignificant" comments from well intentioned but security unaware civvie friends and family members. 

If you take the soldiers off Facebook, then you've mitigated the enemy's ability to link little bits of int into the big picture.

 

[Fusaki]

As well, I'm ashamed to admit that I have a Facebook account and I am a part of the problem.

To be honest, I'm feeling a little hopeless about the situation.  The scenario I've described above actually happened to me.  A few months ago a chick with slutty photos tried to add me as a friend.  I saw that we had quite a few mutual army guy friends, so I emailed around to figure out how I knew her.  Surprisingly, not one of my friends knew her either.  I emailed my buddies to let them know how suspicious I thought this was, and while some of them took my advice and blocked her others blew me off as paranoid.

That night, I called the MPs at CFB Petawawa to report what I considered to be a security issue.  Those complacent fu*ks blew me off and told me that I and all my buddies should just know better then to post sensitive material on Facebook.  My response: "Well yeah, no shit, but shouldn't you do something about this? Maybe tell NIS or something?" Nope, apparently it's no big deal - especially when you've got guys on base doing 60 in a 50 zone. :

So, I'm at a state now where I'm just frustrated with the complacency I see.  I know I should delete my Facebook account, but what difference is one guy going to make?  The people who I thought should care don't, so what's the point?

 

[The Bread Guy]

While the Marines have moved forward with a ban, there's still a debate elsewhere in the American military (I realize there's a difference between INDIVIDUAL FaceBook accounts and INSTITUTIONAL accounts, but the wrestle still seems to be there):

"Southcom Embraces Two-Way Impact of Social Media"

"Pentagon Social Media Czar Pushes Web 2.0, Despite Ban Threat"

"The 'happy' medium between OPSEC and social networking: Can it be achieved?"

Stars & Stripes:  "Defense officials are looking into a military-wide ban on social networking sites like Twitter and Facebook because of security concerns related to the Internet portals."

Navy Times:  "The Defense Department is all a-Twitter about whether to allow service members continued access to highly popular social networking sites on government computers because of network security, bandwidth and privacy concerns....":"

 

[Matt_Fisher]

From reading the article on CNN, it appears that the Marine Corps has banned Facebook and Twitter only from government computer networks, in that they're more concerned about virus', worms, etc. infecting the network, as well as some OPSEC issues. 

In this Associated Press article on Yahoo News, it states that Marines are still free to use these social networking sites on their personal computers at home
http://news.yahoo.com/s/ap/20090804/ap_on_go_ca_st_pe/us_pentagon_internet
The Marine Corps on Monday issued an administrative directive saying it was banning the use of Marine network for accessing such sites as Facebook, Twitter and MySpace. The order doesn't affect Marines' private use of such networks on personal computers outside of their jobs.

Out of curiosity, does DND/CFs ban access to such sites on the DWAN/DIN/government computers?

 

[The Bread Guy]

Out of curiosity, does DND/CFs ban access to such sites on the DWAN/DIN/government computers?

Don't know about DND policy/access, but I know my little part of the federal government firewalls FaceBook.

 

[George Wallace]

This brings us all back to Killing with Keyboards which I would imagine is a presentation that is making its rounds in US Security Briefings.


Online presentation developed by Raytheon in conjunction with The Boeing Company Future Combat Systems Office of the CIO, for Policy and Standards.

 

[tomahawk6]

Twitter has beaten the casualty notification team on more than one occaision.

 

[Yrys]

Twitter has beaten the casualty notification team on more than one occaision.

Sheez!

Why would someone be that careless ?

 

[The Bread Guy]

Twitter has beaten the casualty notification team on more than one occaision.

FACK!!!!!!!  Not on...

Why would someone be that careless ?

Just like people posting to FaceBook without thinking, and sending e-mails without thinking, Twitter's too easy to use quickly (before engaging brain, in some cases).

 

[Yrys]

Just like people posting to FaceBook without thinking, and sending e-mails without thinking, Twitter's too easy to use quickly (before engaging brain, in some cases).

We all have our moment of stupidity,
but I find that one %&*%&)*& !

 

[The Bread Guy]

This, from the Armed Forces News Service (highlights mine):

As Pentagon officials weigh the benefits and risks of social networking sites such as Twitter and Facebook, they hope to craft a policy that shores up security vulnerabilities without requiring a ban.

Meanwhile, the Marine Corps has clarified its guidelines on social networking, and officials said they would consider the findings gleaned in the Pentagon policy review due out in late September.

Defense officials have said the policy review will attempt to balance the pros of social networking – such as its value for recruiting, public affairs and communication between troops and their families -- against the potential security risks they create, which include violations of operations security, network vulnerability and bandwidth drain.

Asked if the Pentagon is leaning toward a policy that doesn’t require a departmentwide ban, Pentagon spokesman Bryan Whitman replied, “I think certainly it is.”

“We need to do this comprehensive review, determine what the vulnerabilities are, match that against the benefits we receive from being able to use these new tools and capabilities, and then try to establish a policy that will accommodate all of that,” Whitman said in an interview yesterday.

Defense Secretary Robert M. Gates is slated to receive a report on the threats and benefits of Web 2.0 tools before the end of the month, and a departmentwide policy is due in late September. Both Gates and Navy Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, have embraced the new technologies ....

 

[X-mo-1979]

Honestly go on the RCR,RCD facebook groups.There's a list of people with pictures of who are in each unit!Not to mention the little "shout out's" to the regiment FROM Afghanistan.None of these are private groups.Anyone can go on and see.

However...
It's pretty easy with a bit of history of posts readings on this site to realize who people are,where they are going.

So what do we ban soldiers from doing after facebook?