OPSEC 101
SOCIAL MEDIA
LET'S PLAY TIKTOK
INSIDER THREAT
MISCILLANEOUS
100
What is OPSEC (Operations Security)?
An analytical process that allows commanders to make informed risk based decisions on what information they need to protect and how to protect it.
100
Name this photo-sharing app for uploading personal pictures and videos. With over 1 billion monthly active users in 2020, it is currently the sixth most popular social networking service (SNS) worldwide.
What is Instagram.
100
True or False: Connecting your TikTok account with other SNS profiles (e.g., YouTube) increases your account’s discoverability.
True
100
What is an insider threat?
An insider threat uses authorized access, wittingly or unwittingly, to harm national security through unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions resulting in loss or degradation of resources or capabilities.
100
This policy is located in command instruction _ and directs the proper disposal of unclassified documents generated in the command
What is the 100% Shred Policy
200
What are the five components of OPSEC?
Five components: identification of critical information, analysis of threats, analysis of vulnerabilities, assessment of risks, and application of appropriate countermeasures
200
Under Security setting in Instagram, this feature protects your account against identity theft and takeovers.
What is two-factor authentication?
200
True or False: TikTok accounts are strictly private.
False: TikTok accounts can be public or private. Content posted on public accounts is indexed by search engines and can be viewed by anyone, including non-TikTok users.
Posts made on private accounts are shared with followers that have been approved by the account owner.
Regardless of privacy settings, TikTok has access to all users and may share it with third parties. It is recommended that you keep your TikTok account set to private at all times!!!!
200
Which type of information could reasonably be expected to cause serious damage to national security if disclosed without authorization?
What is classified?
200
List 3 Reportable Criteria in this case.
Listen Carefully!
"John," a Navy IT contractor with privileged user (PU) status, encountered several issues which alerted the command to notify the Insider Threat Program of his activities.
On one occasion, John disabled a coworker's login access to a company issued laptop after becoming frustrated when the coworker did not respond to email requests for information.
On another occasion, while his supervisor was on personal leave, John utilized his privileges to gain access to his supervisor's computer where he viewed financial and accounting records containing proprietary company information and employee personal identifiable information (PII). John took screenshots of the records and sent them to his work email.
Later that day, another worker overheard John yelling profanities from a server room; it is unknown whether his outburst was related to what he saw in those records.
Finally, the new IT Director of John's company noticed that the previous Director's high-level network credentials were still active. When the new Director attempted to remove the old Director's accesses, he was approached by John.
John explained that he was using the previous Director's credentials to gain a higher level of access to company resources and assets in the performance of his job.
As a result, John was given a security violation by the company's Director of Operations.
Misuse of Information Technology
Security Infractions or Violations
Unusual Behavior and Signs of Excessive Stress
300
What is critical information?
Specific facts about friendly (U.S.) intentions, capabilities, or activities vitally needed by adversaries for them to plan and act effectively so as to guarantee failure or unacceptable consequences for accomplishment of friendly objectives.
Simply: The unclassified Information we must protect to ensure success and is the same information the adversary needs to prevent our success.
300
Fill in the blank: Disclosing _______ on social media platforms for example, could eventually lead to your association with a command and/or event, and then further lead to the disclosure of critical information.
What is personal information?
By comparison, personal information, although doctrinally not considered “Critical Information”, may lead to your association with the military or military operations, and possibly related to operational aspects.
300
True or False: TikTok is accessible on government-issued mobile devices.
In 2019 and 2020, the U.S. Department of Defense released guidance recommending that personnel delete TikTok from personal electronic devices due to data security concerns.
Military branches have also banned the installation and use of TikTok on government-issued mobile devices.
300
Recent Examples of Insider Threat Cases in the digital space:
The August 2022 conviction of a Twitter employee took bribes in exchange for accessing, monitoring, and conveying the private information of Twitter users to officials of the Kingdom of Saudi Arabia and the Saudi Royal family.
Who is Ahmad Abouammo?
300
Authorities estimate that this foreign contractor and his firm overcharged the Navy by about $35 million. All defendants were charged with offenses allegedly committed while they were assigned to the Navy's Seventh Fleet, based in Japan.
Who is Leonard Francis (AKA "Fat Leonard")?
400
From an operational perspective, where are some examples of critical information?
Critical information will derive from our operational aspects (Presence, Capability, Strength, Intent, Readiness, Timing, Location, Method).
400
What information is embedded in this photo?
Geotagging: Latitude/longitude/altitude will be imbedded in digital photos where the photo was actually taken.
In 2007, new AH-64 Apache helicopters arrived at a base in Iraq. Soldiers took pictures on the flight line.
From the photos that were uploaded to the Internet, the enemy was able to determine the exact location of the helicopters inside the compound. A mortar attack was conducted, destroying four of the Apaches.
400
True or False: Don’t embed your posts with hashtags (e.g., #flashback, #quarantine). Hashtags increase your posts’ visibility and make them searchable by others.
True.
400
List 5 reportable suspicious activities, behaviors or potential security incidents to protect against insider threat.
Attempt to access sensitive information without the need-to-know, unauthorized removal of sensitive information, unusual request for sensitive information, bringing an electronic device into prohibited areas, sudden purchases of high value items/living beyond one’s means, overseas trips for no apparent reason or of short duration, alcohol or drug problems, abrupt changes in personality or workplace behavior, consistent statements indicative of hostility or anger toward the United States and its policies.
400
What is the term for information collected from multiple sources?
What is Data Aggregation?
Open source collection provides enemy most of their intelligence
Manchester Document: 80% of information collected is done so legally through internet, trash and media
**Small details put together give big picture**
500
What are CIL's specific to NEPMU-6?
Identification, strength, and mission readiness of assigned personnel locations of our FDPMUs/IAs, SOPs, evacuations routes and procedures, recall rosters, organizational rosters, computer passwords, user I.D's, equipment capabilities, floor plans, identification and relation of command personnel with security clearance or access, immunization, medical requirements, health status, and deficiencies, location, itineraries, and travel modes of key military and civilian personnel, manpower gains or losses associated with contingency operations or exercises.
500
Answer these 2 questions correctly.
1. Who oversee's the NEPMU-6 Facebook page?
2. True or False: All information slated for public release includes OPSEC review.
1. OIC provided oversite of the Facebook Page. PAO manages it.
2. True. Almost all commands have either an official .mil website and/or a Facebook page managed by an administrator, and every command should have a public release review process in place, and that includes an OPSEC review.
500
What is TIKTOK, what company owns it, and where is its headquarters?
TikTok is a video-sharing social networking service (SNS) and entertainment platform owned by ByteDance, an Internet technology company headquartered in Beijing, China. TikTok encourages users to record, share, and react to short videos as a form of creative expression. It also encourages users to download, edit, and reshare videos posted by other users.
TikTok became popular in the U.S. in 2018, hosting 800 million monthly active users in 2020.
500
What are 8 examples of potential threat indicators?
Difficult life circumstances, extreme, persistent interpersonal difficulties, hostile or vindictive behavior, criminal behavior, unexplained or sudden affluence, unreported foreign contact and travel, inappropriate, unusual, or excessive interest in sensitive or classified information, mishandling of classified information, divided loyalty or allegiance to the U.S.
500
Indicators are friendly, detectable actions that reveal critical information and vulnerabilities. What are the indicators in the picture shown.
The Commanding Officer of a nuclear powered aircraft carrier with a vehicle registered in Virginia.