I thought Marines improvise, adapt, overcome… and never quit.
Last Updated on Wednesday, 5 August 2009 05:01 Written by Jeffreycarr Tuesday, 4 August 2009 03:19
Yet this decision by the U.S. Marine Corps to pull the plug on all Web 2.0 apps is exactly that – quitting the fight. Wrong decision, Marines!
How do you deal with a new adversary? Do you say, we just won’t fight them? The exploitation of social networks is a new adversarial tactic, not just for the DoD but for every nation that stands up a military service (including Russia).
Here’s a rule of thumb. You will never, ever encounter a single challenge, problem, or obstacle where the correct action is to quit. Not ever.
There are many things that the Armed Services can do to mitigate the potential for harm that exists in its members use of social software. And almost all of the them begin with specialized training. I can certainly help you arrange for that, if you’re interested.
As a US Marine the title of this post makes me cringe. Sadly I must agree with the author. The DOD must learn to use these tools effectively and educate the end user, not create barriers which will be subverted and therefore outside of oversight.
Thanks for allowing my previous comment on this matter.
As a Marine too, it makes me happy to see the Marine Corps doing something to mitigate the issues till something better can be designed. Reality check, most people, including military members, do not have the knowledge to mitigate and handle the threats posed through social media. The level of implied trust on social networks, for most, is such that it easily allows for crackers to feed their exploits on to systems. The military as a whole is doing what it can to mitigate another threat vector.
I would love to teach the military how to handle themselves on NIPR, not just social media. But, even with training, you’re still going to have someone screw up and allow something on NIPR which could compromise the entire network. It only takes one to ruin an entire network. I would think the fidelity of a network is more important than PFC Smith tweeting about his chow hall lunch taco was worse than the burger he ate yesterday. Stuff like that can wait till they get home.
Thanks for your comment, Mike. You make a key point about what happens during bans of all types.
Thanks for the counterpoint, Josh, however banning the use of social media only creates an illusion of security. The same vulnerabilities exist post-ban as pre-ban because so many OPSEC violations have already occurred, and will continue to occur via cell phones or home computers. As far as it being a vector for malware, that’s only true if the user is not up to date on spyware protection and if the user is foolish enough to click on suspicious links.
One word: Linux.
I agree OPSEC is and will forever be an issue with these sites. However, OPSEC is not the concern behind these bans. I believe, as it states in the articles, the security of NIPR and possibly SIPR is at risk from individuals who don’t know any better. Aps in Facebook can be an easy way to target persons. Most users believe that because these aps are in Facebook for their use that they must be safe. Some aps even redirect you to a completely separate non-facebook server in order to bring their product. You say it would take a foolish person. I say it takes an average person. You and I and those chatting here are ahead of the power curve and have an understanding of computer issues that the average person would never have.
…British Ministry of Defense has issued its Online Engagement Guidelines for the troops.
http://www.mod.uk/NR/rdonlyres/D2AC8314-3B15-4DEB-A769-6C85AF4BDA80/0/20090805UMODOnlineEngagementGuidelinesVersion10.pdf
Good find on the MoD guidelines, Snow. The UK has taken a far more balanced approach in how they are handling the risks/benefits.