[NPMUG] US Marines banned from Twitter, Facebook, MySpace... (( as discussed tonight at the NPMUG ))

Dave Sevick dave at davesevick.com
Wed Aug 5 22:40:39 MDT 2009 

US Marines banned from Twitter, Facebook, MySpace...

It must be a pretty miserable existence being far away from your  
family and loved ones if you're fighting a distant war on behalf of  
your country. Creature comforts like the internet can, of course, help  
you stay in touch with the folks you left back home - but, for members  
of the US Marines at least, one way of keeping communications open has  
just been firmly shut.

The US Marine Corps has banned with immediate effect the use of social  
networking websites including Twitter, Facebook and MySpace from its  
networks.

It appears that the leaders of the US Marine Corps are not concerned  
about soldiers wasting time on social networks, but with the  
opportunities that exist for hackers to exploit their careless use.



A source told Wired Magazine, "The mechanisms for social networking  
were never designed for security and filtering. They make it way too  
easy for people with bad intentions to push malicious code to  
unsuspecting users."

Here's part of the official order banning use of the social networking  
sites (SNS).

[Social networking sites are] A PROVEN HAVEN FOR MALICIOUS ACTORS AND  
CONTENT AND ARE PARTICULARLY HIGH RISK DUE TO INFORMATION EXPOSURE,  
USER GENERATED CONTENT AND TARGETING BY ADVERSARIES. THE VERY NATURE  
OF SNS CREATES A LARGER ATTACK AND EXPLOITATION WINDOW, EXPOSES  
UNNECESSARY INFORMATION TO ADVERSARIES AND PROVIDES AN EASY CONDUIT  
FOR INFORMATION LEAKAGE THAT PUTS OPSEC, COMSEC, PERSONNEL AND THE  
MCEN AT AN ELEVATED RISK OF COMPROMISE. EXAMPLES OF INTERNET SNS SITES  
INCLUDE FACEBOOK, MYSPACE, AND TWITTER.

ACCESS IS HEREBY PROHIBITED TO INTERNET SNS FROM THE MCEN NIPRNET,  
INCLUDING OVER VIRTUAL PRIVATE NETWORK (VPN) CONNECTIONS.

By the way, I don't know why they insisted on using capital letters.  
Maybe it makes it easier to read in the middle of a noisy battle or  
something.

My reading of the order is that soldiers can still access the social  
networks privately from their own computers, but not from military  
networks. So that - I am sure - will be some relief.

The recently published Sophos Security Threat Report revealed that a  
quarter of organizations have been exposed to spam, phishing or  
malware attacks via sites such as Twitter, Facebook, LinkedIn and  
MySpace.



We're going to see more and more attacks happening via social  
networks. Blocking their use entirely may be possible in organizations  
like the US Marines, but you'll find that a much harder decision to  
justify in a business environment. Instead, make sure that your users  
are properly defended from the threats when Tweeting and Facebooking  
online.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://davesevick.com/pipermail/npmug/attachments/20090806/71098a96/attachment.htm

More information about the NPMUG mailing list