How’s this for a case of cross-border crime? In mid-October, a citizen of Kosovo was arrested in Malaysia for sending ISIS extremists in Syria information he’d hacked from servers in the USA. It’s a perfect example of the enemy we’re facing right now: a widely distributed network of maniacs, representing scores of nationalities, united only by their islamist ideology and the World Wide Web.
It’s the “Web” bit of this mess that’s the real problem, unfortunately, because the jihadist loons are sharing it with the rest of us. We don’t see them around much, because most of us don’t speak Arabic or have any great urge to watch the latest beheading videos, but there are plenty of them online and they’re not as reluctant to enter our spaces as we are theirs. Of course, there are plenty of intelligence operators who do poke around in the extremist forums, and they can find their way into some real gold mines of useful information, but that works both ways. The fact is, the internet is a security nightmare and most of us aren’t anywhere near careful enough about how we use it.
There are already posts here about the basics of personal security, covering what you shouldn’t put on social media and that sort of thing, but it’s worth repeating. Lots of small pieces of information, none of them very significant in and of itself, can be collected and pieced together into a very detailed picture of you and your job. Geotagged photos are a real nightmare for this – people have been identified as members of Special Forces units because they sent an innocent-looking photo that revealed where they actually were. But, this is all stuff that can be collected from a simple trawl. Hacking is also a real concern.
Just think about what’s stored on your PC and its associated cloud accounts. Your contact list alone could be a real prize for a terrorist. You probably have a bunch of emails about upcoming social events and, while the old CO’s leaving party might not seem all that exciting to you, there’s probably someone out there who’d like him to go out with more of a bang than you were planning. Even a list of phone numbers can yield a lot if, for example, terrorists can find someone at the phone company who’s open to pressure or bribery.
The fact is that anything in the cloud or on an internet-connected device is vulnerable to hacking. That’s why it’s vital to use strong passwords. Most sites or apps suggest you use at least six or eight characters, but that’s not good enough. Ten is just about adequate; twelve or fourteen is better. Don’t use anything as a password (or part of a password) that could be deduced from your life. No birth dates, favorite sports team, name of your dog or anything like that. If you can’t remember random character strings, create one from two or more words, ideally in different languages – best of all, languages you don’t speak – then add some numbers and other characters. Don’t add them in predictable places like the start or end, either.
Now do that for every password you have. It’s not good enough to use a slight variation for each account, and using the same password for everything is just not smart. If you have trouble remembering them all, you can buy a password safe app that protects them all behind another password, so you just have to remember one – or you can get the same effect by storing them in a password-protected Word document. Whichever you use, make sure the boss password that protects all the others is an absolute bastard- 30 characters of mixed Cyrillic and Hebrew script?- whatever; just make it completely impossible to guess and long enough that a brute force attack will take decades to find it. Then make sure you remember it, and don’t write it down!
The only way to stay completely safe from hackers is to go live with the Amish – these days there’s an increasing chance even your TV is internet-enabled and has a Wifi adapter. It’s not that hard to make yourself a difficult target though, and well worth the effort. Otherwise, the next name emailed to Syria by some fanatical nutcase could be yours.
Disclaimer: The content in this article is the opinion of the writer and does not necessarily reflect the policies or opinions of US Patriot Tactical.