What are social networking sites? * Social networking sites, sometimes referred to as “friend-of-afriend” sites, build upon the concept of traditional social networks where you are connected to new people through people you already know. The purpose of some sites may be purely social, allowing users to establish friendships, while others focus on establishing business connections. Although the features of social networking sites differ, they allow users to provide information about themselves and offer some type of communication mechanism (forums, chat rooms, email, instant messenger) that enables a user to connect with other users. * Credit in part to Mindi McDowell, US-CERT Social Networking Sites and Children Many of these sites have become a mainstream medium for teens. Some sites even attract pre-teens—even kids as young as 5 or 6.* These days, many kids draw little distinction between real life and online life. They may use social Web sites designed (specifically) for children such as Webkinz or Club Penguin, or social Web sites designed for adults such as Windows Live Spaces, YouTube, MySpace, Flickr, Twitter, Facebook, and others. ** Whatever they’re doing, they should understand that many of these Web pages can be viewed by anyone with access to the Internet.** • OnGuard Online ™ Sep 07 ** Microsoft, 03 Dec 08 What security implications do these sites present? * Social networking sites rely on connections and communication, so they encourage users to provide a certain amount of personal information. When deciding how much information to reveal, children may not exercise the same amount of caution as they would when meeting someone in person, because: the internet provides a sense of anonymity the lack of physical interaction provides a false sense of security (social network) users tailor the info for their friends to read, forgetting that other may see it, too they want to offer personal insights to impress potential friends or associates. Sometimes it may be a case of “bragging rights” (look at what I can do), bravado or in response to a dare. * Credit in part to Mindi McDowell, US-CERT What security implications do these sites present? * While the majority of children using these sites may not pose a threat to each other, there are malicious people who are drawn to them because of the accessibility and amount of (personal) information that’s available. The more information a (stranger) has about your children, the easier it is for them to take advantage of them. Using information that children freely post about their location, home life, school, hobbies, interests, photos, videos, likes/dislikes and friends, a malicious person could impersonate a trusted friend, convince them to provide more personal information, coerce them into committing an act that parents or friends wouldn’t otherwise endorse, commit cyberbullying, or entice them into a dangerous liaison. * Credit in part to Mindi McDowell, US-CERT The Good, the Bad and the Ugly: Facebook and other social networking sites have some positives: immediacy, quick linkage to people one wants to stay in touch with, and a sense of constant togetherness that is otherwise impossible.* Social networking is hugely popular and it is also big business. However, anything your children put on social networking sites can be compromised. Hackers may use information your children post as well as their picture in a non-flattering, detrimental, or hurtful way.* Presently, child molesters, sexual predators, scam artists and cyberbullies have been discovering that these sites can also be exploited to find victims.** * credit in part to Dr. Yvonne Fournier, News Blaze, 01 Jul 09 ** credit in part to Tony Bradley, About.com, undated “Facebook is the new playground for phishers*” Why? Facebook has made things relatively easy for computer criminals. “Behind every successful criminal computer hack a simple two-step process: gain trust, then exploit that trust with an attack. Computer criminals will tell you that gaining trust is the hard part. Consider a real-world parallel: Breaking into a bank is difficult. But if you befriend a guard, he’ll eventually let you walk right in through the front door.“ “Facebook users assume a level of trust they just should not assume when using the site. Phishing attacks have been popping up nearly every week on Facebook and other social sites like Twitter. Victims receive e-mails from friends with innocent-sounding messages, such as ‘click on this video.’ Those who are duped then surrender their login information on a rogue Web site, and then a criminal is off to the races with their identity.” * Credit in part to Bob Sullivan, 02 Jun 09 Experiences of children regarding social media and on-line use* -- 9 out of 10 children have been accidentally exposed to pornography 20% of teens say they have sent/posted nude or semi-nude photos or videos of themselves 39% of teens say they send or post sexually suggestive messages 48% of teens say they have received sexually suggestive messages 44% of teens say it is common for sexually suggestive messages to get shared with people other than the intended recipient 33% of on-line solicitations of minors is via social networking sites; and, 32% of on-line teens have been contacted by strangers on-line * Kathy Peel, “Family Manager,” 2009 NBC News Dateline* – (Social Networks) “It’s a world where the kids next door can play any role they want. They may not realize everyone with Internet access, including sexual predators, may see the pictures and personal information they post. “When ‘Dateline’ surfed MySpace, we found scenes of binge drinking, apparent drug use, teens posing in underwear, and other members simulating sex, and in some cases even having it. We also found less provocative pages ….. but potentially even more dangerous: teens listed not only their names, and addresses, but even cell phone numbers and after school schedules.” * Reported by Rob Stafford, Correspondent, NBC News, Apr 06 Photo sharing sites are used by thousands to post and share photos. Child molesters and sexual deviants can search these sites and bookmark their favorite photos of young boys and girls. •Credit in part to Tony Bradley, About.com, (undated) •Photo courtesy NBC Dateline The Ugly Side of Social Networks – Cyberbullying* Cyberbullying is one of the fastest growing problems facing parents, school administrators and local governments around the world. “Cyberbullying” is defined as using the computer or other electronic devices to intimidate, threaten or humiliate another individual. It commonly takes place on the Internet among students from a given school or neighborhood and can involve adults as well as teens. It has become a worldwide problem because of the difficulty in tracking occurrences. In some cases, it may be accepted as humor; but in many others, it may go too far. When a child takes her/his own life because she or he was cyberbullied, it has gone too far. * Cyberbullyalert.com, 13 Oct 08 What is OPSEC and how does it apply to your children and these Social Network sites? “OPSEC” stands for Operations Security. It is a security program that tries to protect unclassified sensitive information from disclosure to people who might use that information against you. While OPSEC has been a Department of Defense program for over 30-years, only recently has the Army realized that the concepts of this program can be applied to the personal information of military personnel, civilian employees and contractors, as well as their families. At home, OPSEC helps protect personal information that could be misused by malicious persons, hackers or criminals. THERE ARE FIVE STEPS IN THE OPSEC PROCESS STEP 1. Identify Critical (sensitive) Information Help your children understand what information should be kept private* – full name, social security number, street address, phone number, bank or credit card account numbers, pins, photos that show background information that might reveal their location, passwords, and screen names that could give away their real identity. STEP 2. Analyze the Threats on the Internet Let your child know about phishers, hackers, criminals, scam artists, child molesters, sexual predators, and cyberbullies (who might be someone they know), and how these people can harm them and their family. * OnGuard Online ™ Sep 2007 STEP 3. Analyze the Vulnerabilities What are the privacy rules for the social network sites that your child is visiting? What security controls are there to prevent someone who is not on their friends’ list from logging on and defacing their page or adding disparaging comments to their blog. Are there any parental controls where you can protect what your child can do online, what they can download , and when they can log on.* STEP 4. Assess the Risks Discuss the possibilities for someone to misuse information your child posts on a social network site for identity theft, cyberbullying, acts that could place them in danger or other types of misuse. * OnGuard Online ™ Sep 2007 STEP 5. Apply COUNTERMEASURES to guard against those threats, vulnerabilities and risks that have been identified for your child’s social networks: Use privacy settings to restrict who can access and post blogs, photos, or pages on your child’s website.* Explain that kids should post only information that both they and you are comfortable with strangers seeing.* Remind your kids that, once they post information online, they can’t take it back (Even if they delete information from a site, older versions may exist on someone else’s computer and could still be circulated on-line).* * OnGuard Online ™ Sep 2007 STEP 5. COUNTERMEASURES cont. Know how your kids are getting online (more and more, kids are accessing the Internet through cell phones. Find out what limits, if any, you can place on your child’s cell phone).* Talk to your kids about bullying (online bullying can take many forms, from spreading rumors online and posting or forwarding private messages without the sender’s OK, to sending threats).* Discuss why they should avoid sex talk online (research shows that teens who don’t talk about sex with strangers are less likely to come in contact with a sexual predator).* Advise your kids to trust their gut instinct if they have suspicions. Encourage them to tell you if they feel anxious, threatened, or aren’t comfortable because of something happening online.* * OnGuard Online ™ Sep 2007 STEP 5. COUNTERMEASURES cont. Review your kids’ social networks’ Privacy Policies, FAQs, and parent sections to understand its features and privacy controls.* Take extra steps to protect preteens and younger children, such as keeping the computer in an open area like the kitchen or family room. Use the Internet with them to help develop safe surfing habits. Take advantage of parental controls on some operating systems that let you manage your kids’ computer use, what sites they can visit, what they can download, and when they can go online.* Go where your preteens and younger children go online. Sign up for—and use—the social network sites that they visit and let them know you are there.* Review your child’s friends list. You may want to limit your child’s online friends to people your child actually knows and is friendly with in real life.* * OnGuard Online ™ Sep 2007 Online Sources for more Information/Reporting*: Federal Trade Commission – www.OnGuardOnline.gov the FTC works for consumers to prevent fraudulent, deceptive and unfair practices in the marketplace, and provide information to help consumers spot, stop, and avoid them. http://www.ftc.gov/bcp/consumer.shtm the FTC also offers the latest educational information and ways to protect yourself and your children from the latest scams. ConnectSafely – www.connectsafely.org A forum for parents, teens, educators, and advocates to discuss youth online safety. Cyberbully411 – www.cyberbully411.org provides resources and opportunities for discussion and sharing for youth—and their parents– who are or may be targets for online harassment. * OnGuard Online ™ Sep 07; ISSA Alamo Chapter 2009; and 1st IO Command, Jun 09 More Online Sources for Information/Reporting*: GetNetWise – www.getnetwise.org a public service sponsored by Internet industry organizations and public interest organizations who work to provide Internet users with resources that will help them make informed decisions about their and their family’s use of the Internet. Internet Keep Safe Coalition – www.iKeepSafe.org a coalition of 49 governors/first spouses, law enforcements, American Medical Association, American Academy of Pediatrics, and other associations by providing tools and guidelines that help promote safe Internet and technology use among children. Staysafe – www.staysafe.org an educational site intended to help consumers understand both the positive of the Internet as well as how to manage a variety of safety and security issues online. * OnGuard Online ™ Sep 07 and ISSA Alamo Chapter 2009 More Online Sources for Information/Reporting*: Wired Safety – www.wiredsafety.org an Internet safety and help group that provides education, assistance and awareness on cybercrime and abuse, privacy, security, and responsible technology use. Cyberstalking, Cyberbullying and Harassment Report Form – https://www.wiredsafety.org/forms/stalking.html Family Manager – www.familymanager.com Jan Peel offers many tips on many issues to include facts and figures about the dangers for children on social networks. National Center for Missing and Exploited Children – www.missingkids.com, www.netsmartz.org a private, non-profit organization that helps find missing children, prevent child abduction and (online) sexual exploitation. * OnGuard Online ™ Sep 07 and ISSA Alamo Chapter 2009 More Online Sources for Information/Reporting*: Cybertipline (child pornography/online solicitation) – https://secure.missingkids.com/missingkids/servlet/Cybertip Servlet?LanguageCountry=en_US provides a reporting form that, when completed, will be forwarded to local law enforcement. For immediate threats, call 911. Norton Family Online Safety Guide http://www.symantec.com/norton/familyresources/resources. jsp?title=online_safety_guide Webroot Software – Protecting Children Online – http://www.webroot.com/En_US/csc/malware-kids-online.html Isafe – http://www.isafe.org/ a leader in Internet safety education Kidsmart - http://www.kidsmartearlylearning.org/EN/index.html provides a guide to early childhood learning and technology * OnGuard Online ™ Sep 07 and ISSA Alamo Chapter 2009 More Online Sources for Information/Reporting*: FBI – http://www.fbi.gov/publications/pguide/pguidee.htm provides a parent’s guide to Internet safety Parentalsoftware.org – http://www.parentalsoftware.org/ provides information on parental control software that allows parents to see everything their children are doing online Bexar County District Attorney – http://www.bexar.org/da2/ provides information on identity theft, child pornography and sex offender database If your child becomes a victim of a phishing incident, forward the phishing e-mail to www.IFCCFBI.gov, or REPORTPHISHING@ANTIPHISHING.ORG * OnGuard Online ™ Sep 07; ISSA Alamo Chapter 2009; and 1st IO Command, Jun 09 Websites for young children: www.whyville.net www.clubpenguin.com http://kids.nationalgeographic.com/ www.kidswirl.com www.disney.com www.webkinz.com www.there.com www.smoogies.com www.woogieworld.com www.dizzywood.com www.fantage.com www.neopets.com These websites are not endorsed by the U.S. Army, but are offered as a sample of what is available. Check for reviews of these websites for their educational value, language, and security. STAY AWARE OF THE THREAT THAT SOCIAL NETWORKS CAN POSE FOR YOUR CHILDREN! IF YOU HAVE QUESTIONS, USE THE ONLINE SOURCES FOR FURTHER INFORMATION; OR, CONTACT YOUR UNIT OPSEC OFFICER, YOUR FAMILY READINESS SUPPORT ASSISTANT, OR THE BASE/BRIGADE SJA. presented by