[Infowarrior] - DOD May Ban Twitter, Facebook as Security ‘Headaches’

Richard Forno rforno at infowarrior.org
Thu Jul 30 17:47:48 UTC 2009 

Danger Room What’s Next in National Security
Military May Ban Twitter, Facebook as Security ‘Headaches’
	• By Noah Shachtman
	• July 30, 2009  |
	• 12:21 pm  |
	• Categories: Info War

http://www.wired.com/dangerroom/2009/07/military-may-ban-twitter-facebook-as-security-headaches/

The US military is strongly considering a near-total ban on Twitter,  
Facebook, and all other social networking sites throughout the  
Department of Defense, multiple sources within the armed forces tell  
Danger Room.
It’s the latest twist in the Defense Department’s tangled  
relationship with so-called “Web 2.0″ sites. But while earlier  
social media blockades have been thrown up over bandwidth and secrecy  
concerns, this fresh ban stems from fears that Facebook and the like  
make it far too easy for hackers and cybercrooks to gain access to the  
military’s networks.

Last week, U.S. Strategic Command issued a “warning order” to the  
rest of the military, asking for feedback on a social media ban on the  
NIPRNet, the Defense’s Department’s unclassified network.  
(Naturally, access is already denied on the secret and top secret nets.)

“The mechanisms for social networking were never designed for  
security and filtering. They make it way too easy for people with bad  
intentions to push malicious code to unsuspecting users. It’s just a  
fact of life,” says a source at Stratcom, which is responsible for  
securing the military’s “global information grid.”

Last month, for instance, well-known venture capitalist Guy  
Kawasaki’s Twitter account was hijacked, and used to spread a sex  
video come-on to his 139,000 followers. Those following the link were  
asked to install a software update. The application was, in fact, a  
Trojan, which allowed hackers to take over a user’s machine.

Similarly, one variant of the nasty Koobface worm searches a PC to  
find a Facebook cookie. Then the malware program uses that information  
to gain access to the user’s Facebook account. Once it’s in,  
Koobface spreads messages to online friends, enticing them to download  
viruses and Trojans.

“People are much more trusting of a message from a friend or  
colleague on a social network than they are of an e-mail, because  
they’re used to e-mails being forged,” says Graham Cluley, a senior  
consultant with the network security firm Sophos. That’s ironic, he  
adds, because “social networks aren’t really doing enough to stop  
these things. With GMail or Hotmail or a military e-mail account,  
messages are scanned for spam and viruses. Social networks aren’t  
doing that scanning. They aren’t checking if a link posted to a wall  
is malicious or spammy. They’re just letting it through.”

Officially, “the concept of allowing access to social networking  
sites (SNS) on the Department of Defense .mil networks is currently  
under review at this time,” a Stratcom spokesperson e-mails Danger  
Room. “It would be premature to comment on the outcome of the  
review.”

But unofficially, the ban is all-but-certain, military officers and  
civilian employees say. Many are upset, because after years keeping  
the social networks at arms’ length, the armed services appeared to  
be finally embracing the Web 2.0 sites. The Army recently ordered all  
U.S. bases to provide access to Facebook. The Chairman of the Joint  
Chiefs of Staff has 4,000 followers on Twitter. The Department of  
Defense is getting ready to unveil a new home page, packed with social  
media tools.

“We fought so hard for this,” says one Army source. “This is a  
huge step backwards.”

Under Stratcom’s plan, units that have to regularly communicate with  
the civilian world, like media relations and recruiting, may be given  
“dirty computers” — machines that are connecting only to the  
public internet, and not to the military’s private networks. The rest  
of the Defense Department would be cut off from the social media  
sites, despite protests from inside the Pentagon.

People started working with these social networks “before we got a  
handle on how to use them in the context of the Department of  
Defense,” a Stratcom source says. “Now, they’re just too big of a  
headache.”

More information about the Infowarrior mailing list