CHARLOTTE, NC (WBTV) - With such a large military population, people living across North Carolina need to be aware of how self-proclaimed terrorists are targeting members of the US military and their families.
WBTV Cyber Expert Theresa Payton has a warning for all of us.
She says terrorists abroad are encouraging "lone wolf" attacks against the military members and their families using a hacking technique called doxing. The way Theresa describes it, it is when a person or group of people take all of your personal information from social media and post it online. "Docs" about you are stolen. Sometimes, she says, they break into servers and/or cloud email or storage and dump your private correspondence and information online.
In one particular case a group claiming to be aligned with ISIS says it broke into Department of Defense databases to "dox" the military. In that case the FBI and Defense Department are still investigating.
Payton is a former White House Chief Information Officer and is CEO of cyber security firm Fortalice Solutions. She has actually spent time with the military and their families in places like Camp LeJeune to teach them how to cover their tracks and protect themselves online. Her advice follows:
TO PROTECT YOUR PRIVACY:
For military families, and that extends out to the extended families like the proud moms and dads, siblings and grandparents, I am suggesting 5 steps.
There is more that each family can do and I want these families to be cautious but at the same time, when we run and hide, the bad guys win. So find your personal comfort level with these tips.
1. When using video conferencing software while overseas, make sure you use a reputable private VPN service. Tie it to email addresses and accounts that are not tied to social media. Some of the free services have leaked location data, IP addresses and other info in the past so these extra steps can be an added layer of protection.
2. Use vigilance when posting photos that are taken overseas. You can go to your digital camera, or phone, and turn off geocodes when you take shots to help remove that metadata from the shot.
3. Before you post, remember the "bad guy" rule, could a bad guy use this to compromise myself or a loved one? If the answer is yes, use more private sharing services.
You can set up an invitation only photo sharing account. These are still hackable but not as publicly known or easy to get to.
4. Consider using some encryption apps for ongoing communications. Two apps I personally use and like are Threema & Signal.
5. Stalk yourself like a bad guy - Google your US military member and your family - what do you find? Check all of your social media accounts - look at your sharing & privacy settings & look at whether or not you post geolocation