Cybersecurity is Everyone’s Responsibility

Our online activity has real-world consequences for mission success and the safety of our forces. Malicious actors and criminals routinely exploit social media and messaging platforms to manipulate individuals and gather sensitive information.

Their goals? Access your personal details, professional affiliations, credentials, and even classified information. These actors often create fake personas, establish trust over time, launch spear-phishing or device exploitation attempts, and conduct influence and social engineering operations.

With emerging tools like artificial intelligence, malicious activity is becoming harder to spot but there are ways to protect yourself:

• Assume You Are a Target: Operate under the assumption that your public-facing activity is being monitored by adversaries.
  • Limit details shared on social media: Limit visible personal details, travel plans, and workplace information. Limit who can view your personal info on social media.
  • Beware of Phishing: Be extra vigilant for phishing emails and messages. These may be crafted to look like official communications or news updates. Avoid moving conversations to private apps or unfamiliar platforms
• Be Skeptical: Treat urgent, pressuring, or unusual messages with suspicion. Be cautious of flattery, urgency, or vague offers.
  • Avoid Suspicious Links: Never click on unknown links or open unexpected attachments. Think Before You Click!
  • Verify Requests: Confirm sender identity through a trusted channel before acting on requests involving credentials or sensitive information. Reverse-search images and verify new contacts before engaging. Be wary of unsolicited friend/connection requests or direct messages, as these are common tactics for intelligence gathering and spear-phishing
• Stay vigilant. Protect yourself, your network, and the mission. Individual vigilance is a critical line of defense.
  • Practice OPSEC: Avoid discussing sensitive topics in public spaces and never post real-time locations or routine patterns.
  • Secure Your Accounts: The most significant threats facing service members, their families, and civil servants are the hacking of social media accounts and phishing attempts.

Take the following proactive steps now:

1. Enable Multi Factor Authentication (MFA): Activate MFA on all personal and professional accounts, including social media, email, and financial services. Use an authenticator app for greater security. MFA provides a critical barrier against unauthorized access, even if an adversary has your password. This is a key component of good "cyber hygiene."
2. Strengthen Your Passwords: Change passwords on key accounts, especially social media. Use a long, complex, and unique passphrase for each service. Avoid reusing passwords. Adversaries often use previously breached password lists to gain access. A unique, complex passphrase for each account mitigates this risk.
3. Review Privacy Settings: Set all personal social media accounts to the most private setting. Limit who can see your posts, friends list, and personal information like your location and employer. This reduces your "digital signature," making it harder for adversaries to profile you, your family, or your unit for targeting and intelligence gathering.

Reporting: If you notice anything suspicious, DO NOT RESPOND, CLICK, OR FORWARD IT. Report it immediately by notifying Naval Criminal Investigative Services (NCIS) at FEEVR@ncis.navy.mil or follow the reporting guidance provided by your command

Cyber and operational security is everyone’s responsibility. Every one of us must reinforce our personal and professional cyber defenses to ensure the security of our information and the integrity of our mission. Your diligence is our first line of defense.