Social networking: Don’t be Captain Obvious! Published Nov. 4, 2010 By Master Sgt. Jaime Kelly 90th Missile Wing Operations Security Program Manager F. E. WARREN AIR FORCE BASE, WYO. -- Social networking sites are great ways to connect with people, share information, and market products and services. However, these sites can also provide the "bad guys" or adversaries, such as terrorists, spies and criminals, with the critical information they need to disrupt your mission and harm you, your co-workers or even your family members. Did you know that according to the Al Qaeda Handbook, terrorists search online for data about "government personnel, officers, important personalities, and all matters related to them; i.e., residence, work place, times of leaving and returning, children and places visited." The reason for wanting this information is so the adversary can use this information against you. Air Force Global Strike Command, as well as the rest of the Air Force, is considered a "hard target" and this information is sometimes difficult to acquire. Why would the adversary want to waste their time on these targets when they can hit the "soft targets" such as family members to receive information? Another thing to keep in mind is when you sign up for social networking sites, there is a user agreement - in fine print - that explains you are giving them authorization to use your information that you post on your social networking site. Facebook uses a company called Regroup. All of your information is aggregated and there for the world to see. This is a great place for adversaries to go for quick information. It is every AF member's duty to protect critical information. Critical information is any information that your organization considers sensitive. Some examples are job title, operations, security, logistical data, schedules and travel itineraries, and photos of you, your family and co-workers. Here are a few examples of how information that is posted on the web can harm your organization or even yourself: A U.S. Government official on sensitive travel to Iraq created a security risk for himself and others by tweeting his location and activities every few hours. A deployed member kept friends up-to-date via online profiles while on Twitter; her home was burglarized while she was away. Most individuals do not realize that when they post pictures online using a high quality camera or even most of the new phones that these pictures contain something called metadata, which is data about data. This metadata is copied and stored as part of a JPEG in a picture and shows the global positioning satellite coordinates of where the picture was taken. How easy is it for the adversary to take those coordinates and drop them into a search engine to find out where that picture was taken? What is the best countermeasure? Don't post critical information! If you don't want it public, don't post it. Search engines and functions make it easy for adversaries to find what they are interested in. Once information is on the internet, it is there forever. Don't be Captain Obvious! The more information adversaries can obtain, the more opportunities they have to cause damage at your expense. Practicing good operations security will minimize the risks that come from participating in social networking sites, and help you to recognize and protect your critical information.