When talking about OPSEC as it pertains to the Armed Civilian, here is what I mean:
Operations Security, or OPSEC,is the process by which we protect unclassified information that can be used against us. OPSEC should be used to protect information, and thereby deny the adversary the ability to act. Nearly 90% of the information collected comes from “Open Sources”. Any information that can be obtained freely, without breaking the law, is Open Source. It is social network sites, tweets, text messages, blogs, videos, photos, GPS mapping, newsletters, magazine or newspaper articles, your college thesis, or anything else that is publicly available.
In the age of social media, people are more at risk of being exploited regarding OPSEC than ever before. Think how many times you have seen a person’s tweets or Facebook post and in a span of eight hours or so have been able to basically draw a detailed GPS map of where they have been, who they talked to and in some instances what they did exactly. This is not good folks. Not good at all. And it’s not because most people have something to hide or are criminals per se, it is the opposite actually; it is because people with nefarious intentions could use this information to their advantage in a number of criminal misadventures. Now I know what most of you are going to say: “But I only have my FRIENDS able to see my post, people that I Know and Trust…” The problem with that kind of thinking folks is that even though you may know and trust them, your friends may not practice good OPSEC. They may “accidentally” talk to people you may not know; and most of the time it is not done in a vindictive manner, it is just something that slips out. How many times have you been in an elevator, lobby or doctors waiting room and you overhear a phone conversation that is just a bit TMI (Too Much Information)? Believe it or not folks there are people (criminals) that troll public places listening and looking for juicy intel just like this everyday of the week. Sometimes it may be targeted, other times it may be accidental.
Some recent examples of bad OPSEC includes:
- A Family broadcast on FB and Twitter they are about to go on Vacation. With a bit of cross-referencing, a group of professional thieves find out the address and scope it out. When the family returns from the Bahamas two weeks later they return to an empty house.
- A woman broadcast on FB the Place and Time of an exercise group that meets in a church. The group met rather early at 5am. Church surveillance cameras showed a man dressed in law enforcement SWAT clothes show up at around 4am hoping to catch the woman there alone. He did… and murdered her.
- A notice about a six year old’s Child’s Birthday swimming Party is posted on Facebook. A local pedophile recently released from prison finds out about it through a family friend. The pedophile is discovered later to have taken several pictures of children in their bathing suits and posted them to a child sex website.
So bottom line guys Be Smart about what you say online, and who you say it too.
Stay Alert, Stay Armed and Stay Dangerous!
Right on, bro! I’ve been concerned about OPSEC since before I even heard the term explained to me. I have NEVER posted anything to Facebook or Twitter, nor will I start. This CO skipped those outlets from the get-go. Sure, I may miss connecting with an old high school friend or two, and maybe even a distant relative, directly. But the rest of my friends and relatives do all that already, so why start!?