Tuesday, March 6, 2018

Cyber-Security for Police Officers


In April 2015, the FBI warned "Law enforcement personnel and public officials may be at an increased risk of cyber-attacks. These attacks can be precipitated by someone scanning networks or opening infected emails containing malicious attachments or links. Hacking collectives are effective at leveraging open source, publicly available information identifying officers, their employers, and their families. With this in mind, officers and public officials should be aware of their online presence and exposure. For example, posting images wearing uniforms displaying name tags or listing their police department on social media sites can increase an officer's risk of being targeted or attacked."

The FBI recommended that law enforcement personnel take the following steps to protect themselves against being targeted by hacktivists:
  • Turn on all privacy settings on social media sites and refrain from posting pictures showing your affiliation to law enforcement.
  • Be aware of your security settings on your home computers and wireless networks.
  • Limit your personal postings on media sites and carefully consider comments.
  • Restrict your driver license and vehicle registration information with the Department of Motor Vehicles.
  • Request real estate and personal property records be restricted from online searches with your specific county.
  • Routinely update hardware and software applications, including antivirus.
  • Pay close attention to all work and personal emails, especially those containing attachments or links to other Web sites. These suspicious or phishing emails may contain infected attachments or links.
  • Routinely conduct online searches of your name to identify what public information is already available.
  • Enable additional email security measures to include two factor authentication on your personal email accounts. This is a security feature offered by many email providers. The feature will cause a text message to be sent to your mobile device prior to accessing your email account.
  • Closely monitor your credit and banking activity for fraudulent activity.
  • Passwords should be changed regularly. It is recommended to use a password phrase of 15 characters or more. Example of a password phrase: Thisisthemonthofseptember,2014.
  • Be aware of pretext or suspicious phone calls or emails from people phishing for information or pretending to know you. Social engineering is a skill often used to trick you into divulging confidential information and continues to be an extremely effective method for criminals.
  • Advise family members to turn on security settings on ALL social media accounts. Family member associations are public information and family members can become online targets of opportunity.
Many of the recommendations made by the FBI can be used by non-law enforcement personnel to protect themselves as well.

Following the FBI's recommendations in 2015, the Office of Justice Programs published a guide Understanding Digital Footprints: Steps to Protect Personal Information, in September 2016. This guide provides material designed to assist law enforcement personnel in protecting themselves and their families from becoming cyber targets: protecting personal information, cyber dos and don'ts, and links to further cyber training and resources.


Social Media Recommendations for the Police

You Have The Right to Remain Silent.
  • What do you have to gain from posting? If you stand to lose more than you stand to gain-you have the right to remain silent.
  • If you're posting out of anger-maybe in a political discussion-then you should stop & think before engaging anyone online.

Be Careful About What You Say.
  • There is no such thing as a "private" social media account-especially when you are known to be a law enforcement officer.
  • Your "private" messages can be screen-captured and can still be shared.
  • Ask yourself if all of your social media "friends" are actually your friends? Do you know them well enough to trust them with your career?

Will You Need to Defend What You Said?
  • Sure, other people will probably come to your defense if an argument ensues. The problem is, you now need to be defended.

Who Will Come to Your Defense, Even if You Don't Ask?
  • You can't choose your defenders in the world of social media.
  • Members of fringe organizations or individuals whose profile pictures are offensive and do not represent your beliefs can quickly jump into the fray to "defend" you but actually make things much worse.

Think Before You Post and Protect Your Accounts.
  • Don't be afraid to walk away from a debate. Put down your phone, walk away from your desktop, and do something that'll make you happy.
  • Before posting, ask yourself, "How is my life and career going to practically benefit from this exchange?" If you don't think you'll see any positive results, then why engage in this?
  • Unfollow or unfriend toxic people. You're not obligated to give people access to you.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.