News Article View

Military bases tighten up on Internet chitchat

AVIANO AIR BASE, Italy -- Operation security experts across the Air Force are focusing more attention on the idle chitchat that now runs rampant among Internet blogs.

Typically a mix of what is happening in a person’s life and what’s occuring on the Web, blogs are the public diaries of the 21st century. The activity of updating a blog is “blogging” and someone who keeps one is a “blogger.” Blogs are usually updated daily using software that allows people with little or no technical background to update and maintain the blog.

“Over time, people can learn an awful lot from these sites,” said Tech. Sgt. Vernon Coughran, Aviano’s OPSEC program manager. “Some of the most seemingly innocent information discussed over the Internet can be pieced together to form a much larger Military bases tighten up on Internet chitchatpicture of our capabilities and vulnerabilities, and that can be costly from a force protection standpoint.”

Blog themes are as varied as their authors. Many focus on politics or family issues. The number of blogs posted by military personnel in Iraq is expected to swell to more than 1,000 by the end of the year. For some, it’s an easy way to share photos and news with a lot of folks back home. Others take a stab at telling the “real story” about what’s happening in Iraq.

“A lot of these sites are a gold mine if you’re looking for information about a military member’s lifestyle, what his or her family is up to, what major events are going on, and who the important people are in the unit or community,” Sergeant Coughran said. “Not every adversary will want all this information, but we know for certain that these are pieces of the puzzle that terrorists go after.”

The importance of exploiting open-source materials and building a profile of the U.S. servicemember was addressed in a terrorist handbook, dubbed “The Manchester Document,” that was confiscated in England in February 2000. The handbook encouraged its spies to give attention to the opinions, comments and jokes of the common people.

“It’s the same principle as answering the phone in your office when a coworker is absent,” explained Sergeant Coughran. “We must be aware not to volunteer that he or she is TDY, where they’ve gone, how long they’ll be gone and so on. A simple ‘No’, with maybe a ‘May I help you?’ instead, would be sufficient.”

Another example of an OPSEC violation would be a military blog with too much information. Often, these are maintained by a spouse and provide a name and photo of the servicemember, the couple’s birth dates, a home address and even when and where she or he received medical treatments. The information could be used for identity theft or to target the family.

“The point we’re trying to make to the audience is that all critical information is important
to protect, even if it’s unclassified,” said Sergeant Coughran. “It’s not that we shouldn’t use the technology or the convenience of the Web. We should understand the risks, adjust how we deal with the vulnerabilities, and use the technology accordingly.”