Active-duty members of the U.S military spend a lot of time on social media – more time than the general population, in fact. According to one survey, service members spent an average of 9 hours per day on Instagram in 2020, compared with 6.2 hours for non-military users.
On the one hand, this makes sense: given the isolation that service members can feel while deployed, social media provides a channel to stay connected with friends and family back home. On the other hand, it also opens them up to threat actors who don’t have their best interests in mind.
In 2021, the number of cyberattacks originating through social media increased by 103% – ultimately, our military personnel are trained and entrusted to use dangerous weapons. But higher ups need to recognize that social media itself is a dangerous weapon, and training is needed to make it safer for service members.
Social Media Threats to U.S Service Members
In today’s connected world, war and geopolitical conflict is not limited to the battlefield – foreign adversaries will use any means available to access and compromise service members. Here are just a few of the ways that battle is fought in the digital ecosystem:
- Compromised Location Data
Information shared on social media platforms can betray sensitive movements to enemies – this problem has cropped up in Ukraine, where videos posted to TikTok have led Russian operatives to triangulate the position of soldiers, leading to attacks. In 2018, U.S service members accidentally compromised sensitive positions in Afghanistan while using the popular exercise app Strava. - Extremist Recruitment
Social media and messaging platforms are increasingly used by extremist networks to recruit service members and spread disinformation that can disrupt military organization. Earlier this year, a 24-year-old Army private pleaded guilty to plotting a terrorist attack against his brigade, under the influence of online co-conspirators. - Digital Fraud
Cyber actors capture information from digital devices for use in further attacks, which may include phishing, credit card theft and crypto scams. Not only do these attacks endanger service members, but data collected can compromise their position to nation state actors – especially when geotargeting is involved.
Using Social Media More Safely
In recent years, U.S military branches have recognized the foreign influence potential of apps like TikTok and banned them from use. But similar dangers lurk across the platforms which are still available for them – fortunately, there are ways service members can use social media more safely.
- Scale back social media use, limiting interactions to friends and family, preferably through private and secure channels rather than public ones.
- Avoid using apps that rely heavily on the sharing of geolocation data, especially when on the field.
- Avoid sharing photos or videos from the field at all, even if they do not seem compromising – keep information general and never share specifics about where you are, or what you are doing.
- Do not respond to unsolicited messages; do not click on unexpected or suspicious links, even if they appear to originate from a trusted source.
- Be mindful about your exposure to political messaging. Recognize that you are being constantly targeted both by foreign and domestic actors who have an agenda – whether that is to demoralize, deceive or take advantage of you.
While passive threats still lurk across many online platforms and mobile apps – such as unmonitored third-party code which can quietly siphon data from users in the background – following these practices will help to mitigate the active ones (phishing attacks, social engineering attempts, malware, etc.).
What About Business-Oriented Platforms?
Today, there are millions of fake social media accounts that may try to pass themselves off as colleagues, friends, and other trusted individuals—billions are identified and removed every year. DeepFakes make this type of scam a bigger concern, as they provide an endless source of original and non-traceable profile images.
In June the FBI issued a warning which confirmed what we already knew from extensive experience – scams are a significant threat. Any user-first platform is vulnerable to trafficking fraudulent activity, including crypto fraud, spear phishing, ransomware, and more.
These platforms are used to target government employees through fake accounts. A former CIA officer was recently sentenced to prison for 20 years after he shared military secrets with Chinese intelligence officials who first approached him via a business-oriented social platform.
While service members may still find social media useful, they should approach each platform cautiously and be especially wary of unsolicited messages, links or unexpected connection requests.
Conclusion
The men and women serving the United States at home and abroad deserve the understanding, training and protection they need to stay secure from nation-state actors and cybercriminals. Protecting them begins with raising awareness of the threats they face online, and safer ways to use social media – but that’s just a start.
As digital threats increase, online platforms based in the U.S have a responsibility to build better digital safety and trust protections for all their users, including service members. By collaborating with government agencies and military branches, they can learn to recognize and eliminate digital actors who specifically target military personnel and make the Web a safer place for everyone.