U.S. Navy Works to Limit Sailors' Cyber Vulnerabilities
The U.S. Navy is working to address its known cyber vulnerabilities on multiple fronts, including adversaries' ability to target and track individual sailors on social media.
“In the era of Great Power Competition, we have a responsibility to ask ourselves whether past practices make good sense in the current operating environment,” said Geoff Tokajer, director of the U.S. Navy’s identity management program. “Current practices provide our adversaries with everything they need to conduct surveillance and compile target lists - we are changing that.”
Reacting to the threat, the Navy is adjusting its policy and training to mitigate the vulnerabilities inherent in personal social media use. The immediate actions of the program will encompass the review and modification of distribution practices for advancements, promotions, program selections and command assignments.
The guidelines for sailors boil down to three basic bullet points - a modern version of the famous "Loose Lips Sink Ships" slogan:
- Know who you are following online
- Know who is following you
- Think about the information you are giving out before posting on social media
“Our adversaries will use every means possible to weaken our capabilities, to include targeting sailors on their personal social media accounts. As we are taught in all of our security training, we must remain vigilant to ensure we protect ourselves and the critical operational information of the fleet," said Vice Adm. John Nowell, the chief of naval personnel.
The Navy also warns sailors that anything they post privately could become public at any time if their accounts are hacked - and that hacking is a distinct possibility. Weak passwords, weak privacy options and allowing third-party apps to access accounts are all potential vulnerabilities. "Diligently review who has access to your accounts and eliminate apps you aren’t familiar with or no longer use," the service's manual warns.