OPSEC and Wireless Communications DD MMM YY

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Smartphone Security How safe are you?. Main Points 1. Malware/Spyware 2. Other Mischief 3. How a phone might get infected 4. Staying Safe a. Malware b.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Beyond WiFi: Securing Your Mobile Devices Thomas Kuhn Information Technology Assistance Center (iTAC) Kansas State University.
CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
By Paul Capers.  A cell phone is a portable telephone that does not use a wired connection. It connects to a wireless carrier network using radio waves.
Introduction Our Topic: Mobile Security Why is mobile security important?
Cyber Crimes.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
ESCCO Data Security Training David Dixon September 2014.
Staying Safe Online Keep your Information Secure.
Cyber Security. Security – It’s About Layers There’s no one stop solution to protection Each layer you add, an additional tool will be needed to pierce.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.
Topic 5: Basic Security.
Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH FLEET    1 Overall Classification of this Briefing is UNCLASSIFIED Operations Security.
By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.
FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH FLEET    1 Overall Classification of this Briefing is UNCLASSIFIED//FOUO Phishing.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Overall Classification of this Briefing is UNCLASSIFIED//FOUO
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
Information Technology Security Office of the Vice President for Information Technology New Employee Orientation II.
Wireless Network By Mohammed AL Amoudi. Overview Definition of Wireless Reliability Speed Security Conclusion.
Cyber Security and Computer Safety
Chapter 40 Internet Security.
Information Technology Acceptable Use An Overview
Trend Micro Consumer 2010 Easy. Fast. Smart.
East Carolina University
3.6 Fundamentals of cyber security
IT Security  .
Information Security.
Wireless Network Security
BYOD Enterprise Mobile Security for IOS Devices
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Staying Austin College
Security in Networking
© EIT, Author Gay Robertson, 2017
Overall Classification of this Briefing is UNCLASSIFIED
Cybersecurity Awareness
Call AVG Antivirus Support | Fix Your PC
Contact Norton Antivirus | Norton Antivirus Support UK
Information Security Awareness 101
Command Indoctrination Operations Security DD MMM YY
Risk of the Internet At Home
Internet of Things Vulnerabilities
JEB – Little Creek (Bldg 1126)
Cyber Security and Computer Safety
Industry Best Practices – Security For Smartphones / Mobile Devices
Top Ten Cyber Security Hygiene Tips
How to keep the bad guys out and your data safe
Marcial Quinones-Cardona
OPSEC and Wireless Communications DD MMM YY
Command Indoctrination Operations Security DD MMM YY
Personal Mobile Device Acceptable Use Policy Training Slideshow
OPSEC and Wireless Communications DD MMM YY
Presentation transcript:

OPSEC and Wireless Communications DD MMM YY

Outline OPSEC Overview What is wireless Use of wireless in the Navy Why we can’t use wireless Wireless threats What we can do about it

Operations Security A 5 step process that … Identifies, controls and protects sensitive, critical unclassified information about a mission, operation or activity Assesses potential threats, vulnerabilities, and risk Utilizes countermeasures to mitigate an adversary's effectiveness against a friendly operation OPSEC is and Information Related Capability that is simply a process put in place to protect an organization’s critical information from being collected by adversaries. The 5 Steps are: -Identify Critical Information -Analyze Threats -Analyze Vulnerabilities -Assess Risk -Apply Countermeasures OPSEC must be used by every command to protect their unique critical information from being exploited by their adversaries.

What is Wireless Communication? Wireless communication is simply: The transfer of information between two devices that are not connected by an electrical conductor Generally, via a radio frequency signal upon which data is transmitted or received

Can We Use Wireless Devices? Yes. But according to DoDD 8100.02… Wireless devices shall not be used for storing, processing, or transmitting classified information without explicit written approval of the cognizant Designated Approving Authority (DAA) Cellular/PCS and/or other RF or Infrared (IR) wireless devices shall not be allowed into an area where classified information is discussed or processed without written approval from the DAA in consultation with the Cognizant Security Authority (CSA) Certified TEMPEST Technical Authority (CTTA) Wireless technologies/devices used for storing, processing, and/or transmitting information shall not be operated in areas where classified information is electronically stored, processed, or transmitted unless approved by the DAA Essentially: You cannot operate a wireless device on a DoD network or in a classified area without prior consent of the DAA for the Navy

Why Can’t We Use Wireless Devices? Wireless devices are inherently not secure.

Smartphones Smartphones are some of the most popular and intrusive wireless devices

More Than Just a Phone Up until the mid 2000’s, the circled words on this screen were used to describe computers and their capabilities. Do you associate any of these words with your home phone? That is if you still have one.

The Future Does this slide depict the decline of the home computer? Instead of a computer in every home, will we have two, three or maybe more smartphones in every household?

Smartphone Use 2017 The smartphone has made information sharing quick, easy and able to be conducted on the run. What about the talking piece? 2015, phone calls finally make the list of activities, albeit the 4th most popular thing to do on you smart “PHONE”.

But What Are We Really Doing? Smartphones exist for only one reason… To transmit information from one person to: Another person Many people Everyone What information are we transmitting? Our conversations Our thoughts and ideas Pictures and videos Metadata Ambient data Unintentional data

Talking Conversation in public Be aware of your surroundings Does everyone around you need to know what you are talking about Does your side of the conversation give away critical information Be aware of your surroundings Be conscious of the information you are speaking about Who else may be listening Don’t sell the farm So when we do talk on our smartphones, do we do it as if nobody is around to hear us? What are you talking about when you are on the phone?

Other Smartphone Capabilities GPS and EXIF data Microphone Bluetooth Video Recording Accelerometer Web browsing Near Field Communication Radio Frequency Identification

2017 Mobile Stats

Malware Growth from 2016 - 2017

Ransomware Growth in a Year

FBI Insight "Mobile phones are a huge source of vulnerability. We are definitely seeing an increase in criminal activity.” Gordon Snow, assistant director of the Federal Bureau of Investigation's Cyber Division Contact lists, location data, text messages, Social Networking and banking information are just some of the things stored on or conducted with smartphones. Is this information important to you? How cautious are you with your information?

An App for That 2.8 million apps available for Android 2.2 million apps available for iPhone

Vulnerabilities Before you surrender your life to your smartphone, ensure you research and understand the vulnerabilities that may come with the technology Smartphones are great tools for our everyday life, but they also open our lives up to adversaries hoping to do us harm in some sort of fashion.

FitBits FitBit Wireless vulnerabilities: Malicious code can be transferred to FitBit by infected servers. FitBit then propagates the virus to other devices via Bluetooth. Virus can then deliver payload to other computers

WiFi WiFi networks beacon their SSID so wireless devices can locate the network and the network access point With free and simple to use software, someone could easily hack a WiFi network password that uses WEP, or WPA encryption If you are not using WPA2 to secure your WiFi network you are vulnerable to attack Wardriving: Driving around to find weakly secured WiFi networks to hack If you are on the same network as someone else, you are trusting them to have access to ALL of your files

WiFi Cont. Computers that have Wireless Network Interface Cards are also susceptible to attack: Attackers can search for and locate Wireless NICs on devices and then remotely connect to those devices This can be done by spoofing the MAC address of a trusted device or simply beaconing the NIC

Landline Vs Wireless

Value How would you feel if your phone was lost or stolen What would you do to get it back The information on this slide shows that we truly do feel we have important information on our phones but the only threat is loss or theft, not remote access.

Security Risk What is the biggest security risk when it comes to wireless usage? Answer: You……. The user. Like most people, when it comes to new technology, we want it and we want it now. We usually start using this technology for all the benefits promised without understanding the vulnerabilities or the security features available

DON’T DO IT Navy Networks In October 2010, CTO 10-084 was released prohibiting the connection of unapproved USB mass storage devices to government networks This includes connecting a smartphone to a DON computer “just to charge it”. Lack of compliance could result in data exfiltration, spillage and the spread of malware DON’T DO IT Can introduce malicious code to the network, provide an avenue to exfiltrate data from the device, or provide adversaries access to critical unclassified or classified networks

Recommendations Never store sensitive data on smart phones Enable password protection Update device regularly, include anti-virus software Do not open suspicious email or click unknown links Do not leave phone unattended in public Activate lock-out screen Enable encryption where possible Only purchase apps from legitimate marketplaces Turn off GPS & Bluetooth when not in use Never “jailbreak” or “root” smartphone Understand apps you download/use and what data the app accesses Disable Geo-tagging Keep phone screen clean Data sanitize your device before redistributing Recommendations for smartphone use.

Don’t Be the One Do not be the one who introduces a vulnerability into our DoD networks Our adversaries are constantly probing our network for weaknesses in order to: Collect critical or classified information Interrupt our ability to communicate Attack our critical infrastructure Decrease our capabilities Decrease our mission effectiveness If you do not understand the risk you cannot assume it Be a good steward of technology and information

Summary OPSEC Overview What is wireless Use of wireless in the Navy Why we can’t use wireless Wireless threats What we can do about it

JEB – Little Creek (Bldg 1126) Questions www.navy.mil/OPSEC Naval OPSEC App Collaboration at Sea @NavalOPSEC Facebook.com/NavalOPSEC Youtube.com/USNOPSEC OPSEC@Navy.mil 757-417-7100 opsec@navy.mil JEB – Little Creek (Bldg 1126) 2555 Amphibious Drive Virginia Beach, VA 23459-3225

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.