US Marines banned from Twitter, Facebook, MySpace…

It must be a pretty miserable existence being far away from your family and loved ones if you’re fighting a distant war on behalf of your country. Creature comforts like the internet can, of course, help you stay in touch with the folks you left back home – but, for members of the US Marines at least, one way of keeping communications open has just been firmly shut.

The US Marine Corps has banned with immediate effect the use of social networking websites including Twitter, Facebook and MySpace from its networks.

It appears that the leaders of the US Marine Corps are not concerned about soldiers wasting time on social networks, but with the opportunities that exist for hackers to exploit their careless use.

US Marines with computers

A source told Wired Magazine, “The mechanisms for social networking were never designed for security and filtering. They make it way too easy for people with bad intentions to push malicious code to unsuspecting users.”

Here’s part of the official order banning use of the social networking sites (SNS).

[Social networking sites are] A PROVEN HAVEN FOR MALICIOUS ACTORS AND CONTENT AND ARE PARTICULARLY HIGH RISK DUE TO INFORMATION EXPOSURE, USER GENERATED CONTENT AND TARGETING BY ADVERSARIES. THE VERY NATURE OF SNS CREATES A LARGER ATTACK AND EXPLOITATION WINDOW, EXPOSES UNNECESSARY INFORMATION TO ADVERSARIES AND PROVIDES AN EASY CONDUIT FOR INFORMATION LEAKAGE THAT PUTS OPSEC, COMSEC, PERSONNEL AND THE MCEN AT AN ELEVATED RISK OF COMPROMISE. EXAMPLES OF INTERNET SNS SITES INCLUDE FACEBOOK, MYSPACE, AND TWITTER.

ACCESS IS HEREBY PROHIBITED TO INTERNET SNS FROM THE MCEN NIPRNET, INCLUDING OVER VIRTUAL PRIVATE NETWORK (VPN) CONNECTIONS.

By the way, I don’t know why they insisted on using capital letters. Maybe it makes it easier to read in the middle of a noisy battle or something.

My reading of the order is that soldiers can still access the social networks privately from their own computers, but not from military networks. So that – I am sure – will be some relief.

The recently published Sophos Security Threat Report revealed that a quarter of organizations have been exposed to spam, phishing or malware attacks via sites such as Twitter, Facebook, LinkedIn and MySpace.

We’re going to see more and more attacks happening via social networks. Blocking their use entirely may be possible in organizations like the US Marines, but you’ll find that a much harder decision to justify in a business environment. Instead, make sure that your users are properly defended from the threats when Tweeting and Facebooking online.