Operations Security ( OPSEC ) April 2020 - OPSEC Protecting Sensitive Information
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Operations Security ( OPSEC )
April 2020
OPSEC Protecting Sensitive Information
Today’s Key Threats
Ever use wireless at a hotel
while TDY?
Assume it is “dirty”
Army Regulation
530-1 requires all
Soldiers be trained
in OPSEC annually
and hear the
Commander’s
Critical Information
that requires
The last AR was more clear with examples, it stated YOU MUST NOT share
photographs displaying critical or sensitive information, this includes
Improvised Explosive Device (IED) strikes, battle scenes, casualties,
destroyed or damaged equipment, personnel killed in action (KIA), both
friendly and adversary, and the protective measures of military facilities,
military vehicles…)
OPSEC –
MENG
Critical
Information
List
OPSEC – Common Maine “issues” (CRITICAL INFORMATION “leaked” on Social media by Soldiers or their loved ones) •1. Specific details of current or upcoming missions/operations •2. Movement dates - deploy/return, arrived, and locations. •3. Information about sensitive missions, sensitive equipment or facilities. •4. Security procedures. •5. Physical vulnerabilities of our facilities or vehicles. …. other •6 – Our house is empty while we are (…at drill this weekend, deployed, skiing…) •7- What medication Nana is taking: “… she’s on OxyContin for the pain” 8. Tour TDY: “I’m deploying to NTC in August for 6-months”
Jumping into Social Networking
Why is this considered
OPSEC?
If a soldier or family
member has their bank
account emptied, or home
robbed – they are ‘out of
play” for a while.
OPSEC – Managing the State of Maine We love posting pictures of things we are not supposed to. Posting the names of “friendly” foreigners or bodies is against Army Regulation.
OPSEC – Managing the State of Maine Recently MENG personnel posted pictures from a restaurant, tagging the “whole team” showing which country they were all in – in real time. Shared it “globally”
Knowing OPSEC let’s you figure out
what they want to know about your
facility and Operations
What would an adversary (foreign enemy, anti-
government terrorist…) want to know about us?A Maine National Guard Soldier made
this his Profile Picture in 2 different
social media accounts
This is an example of a picture our
enemy wants and they don’t need to
send a runner to go take itOn the day they arrived in Afghanistan, a
soldier posted: “This is the view from my
front door for the next year”
The video included fencing, a panoramic view of the gates, towers and all
other protective measures.A different Soldier’s email THE DAY BEFORE they were to fly into Afghanistan
In this one example, over 38,000 Hotmail employees have instant access to this soldier’s email about the convoy that is planning on going from Kabul to Camp Eggers tomorrow.
More on the example, over 38,000 Hotmail employees have instant access to this soldier’s email about the convoy that is planning on going from Kabul to Camp Eggers tomorrow.
UMaine systems (email) are hacked into fairly regularly.
Sending email from our protected Military systems to these less protected systems creates vulnerabilities for the TAG’s Critical Information
Maine soldier posted this… This is not OK on so many levels. Shows who took it, TTPs, the exact location, etc
“Pumpkin, I need you to
stay strong for mommy.
I’m what they call a
Fobbit – I never leave
the base. I’m getting
good at making coffee.
Imagine that, me good at
“Chris was looking for a Snickers bar…”cooking Give mom a
hug for me. I love you”
“…we took an IED on the ride back” Daddy
Some Soldiers make a choice to not tell the family what he’s doing in
Afghanistan, But his buddy is posting pics and descriptions.Unit Websites and newsletters! CPT D on Hilltop X– we know who he is, and we know where he is, we don’t need to share that with everyone. Excellent example of a good unit newsletter. The unit and family know who they are talking about, and about where they are stationed.
THE BIG FOUR 1)Once you post something online, it is out there FOREVER! 2)Don’t assume your stuff is password (or privacy) protected. 3) There are no limits to what is available, and what tools criminals can use to see what you post. 4) Assume Hotel (and free) wifi is dirty, looking to get passwords and financial data.
How serious are we? Soldiers: A failure to comply with these orders, directives, or policies may be punished as violations of a lawful order under Article 92 of the Uniform Code of Military Justice (UCMJ) or under other disciplinary, administrative, or other actions as applicable. Family: Personnel not subject to the UCMJ who fail to protect critical and sensitive information from unauthorized disclosure may be subject to administrative, disciplinary, contractual, or criminal action. (This info includes photographs displaying critical or sensitive information. Examples include but are not limited to Improvised Explosive Device (IED) strikes, battle scenes, casualties, destroyed or damaged equipment, personnel killed in action (KIA), both friendly and adversary, and the protective measures of military facilities, military vehicles…)
OPSEC
Operations Security
MSG John Adam Knoblach
State Security Manager
Maine National Guard
207-430-5646
Email:
john.knoblach.mil@mail.milYou can also read
