Social Media and Military Security

Earlier this week, the Department of Defense (DoD) made it known it is considering banning access to Facebook, Twitter and all other Web 2.0 social networking sites from military computers. The “warning order,” as reported by Wired’s Danger Room went into some detail:

“The mechanisms for social networking were never designed for security and filtering. They make it way too easy for people with bad intentions to push malicious code to unsuspecting users. It’s just a fact of life,” says a source at Stratcom, which is responsible for securing the military’s “global information grid.

Price Floyd, the military’s new social-networking czar, said no final decision has been made yet regarding a Web 2.0 block. “An analysis is being conducted,” Floyd told Danger Room. (Source: Milblogging)

I really don’t think “malicious code” has anything to do with this. I think the issue is much more nuanced and highly more politicized.

I’ve heard stories (I wish I could find them in the small time I have to research this) that the problem isn’t so much the blogging or microblogging by individual soldiers… most of our uniformed bloggers are following the rules. There is a set of rules, or Operations Security (OPSEC) instructions that guide what soldiers are allowed to share.

Interesting thing (at least as of 2007), these OPSEC rules are (or at least were) on the Army’s restricted knowledge base on their intranet — meaning contractors and family members would have no access to the file. Truth be told, I’m not a person who reads such rules if they don’t apply to me, and I’d guess that even given the opportunity to review the document, there’s really very little that the military can do to stop Army spouses and family members from blogging whatever they want to blog about.

So…. the story I heard is that there’s this base in the Field that was kind of an ad hoc base — a small security force to guard the base because its security was that no one knew it was there. Soldiers on the base would blog about their daily activities, being fairly mindful of their OPSEC instructions. Their spouses, being somewhat in the dark about what their soldiers were doing and where they actually were, started co-blogging to exchange information and piece together where the soliders were, what they were doing, etc. And they figured it out, which then freaked the DoD out.

With the traceability of information known to link back to the sources — the soldiers on that base — the community around them was able to aggregate and piece together some critical information intended to be kept a secret.

Now that’s what I’ve heard. I don’t know how true it is, but since I haven’t seen this discussed elsewhere, it makes me at least assume it’s truthy. It’s highly contentious to point the finger at military family, which I can see why the DoD would go out of their way to not bring that into their argument for blocking social media.

It would also make sense that with this “warning order” a whole other part of the DoD, starting with Price Floyd, is looking to collect opinions on this. Because it’s a double-edged sword. The military is going to have a hard time recruiting soldiers if they can’t use the tools they want to use in communicating with friends and family abroad. We’re not writing a lot of paper-based letters anymore, where it was easy to monitor what was being said — and because it was paper-based, it was at least another step more difficult to share that information in a globally-viewable way.

I welcome any thoughts or expansions to validate or dispute this post in the comments.