14 DAY TRIAL // An alert from the FBI on Tuesday draws attention to threats issued by hacktivists against law enforcement officers and public officials, who could fall victim to cyber-attacks and doxing operations.
The Bureau warns that information revealed online via social media profiles could lead to identifying public servants, thus exposing them and their family to potential risks.
Risk of cyber-attacks, doxing or swatting
“For example, posting images wearing uniforms displaying name tags or listing their police department on social media sites can increase an officer's risk of being targeted or attacked,” the FBI says.
Doxing is an online research practice that relies on compiling information available online to identify an individual, and it is often used in targeted cyber-attacks.
Since social network profiles are a trove of personal data, these are most of the times the starting point, and could lead to attackers learning home addresses, phone numbers, email addresses, family members, relatives or workplace.
Such information can be collected and posted on sharing platforms in an organized form, along with the reason the target should be attacked.
The FBI says that recent evidence points to the fact that family members of targeted officers and officials are also at risk of cyber-attacks, doxing and swatting, a practice that involves directing armed police units to an address by claiming that a critical situation is under development.
FBI offers online security guidelines
Advice for limiting online exposure and thus defending against this type of threats is provided in FBI’s alert.
Apart from making sure that antivirus and software products are up-to-date, the guidelines for online security include enabling privacy settings on social media websites and avoiding publishing posts or comments that reveal affiliation with law enforcement or any details that could lead to identification.
Turning on two-factor authentication (2FA) is also on the list, along with exerting caution with emails and messages from unknown sources, which may lead to malicious online locations; direct phone calls can also be used for extracting personal information.
Among the best practices online, the recommendations include the use of strong passwords or even passphrases, at least 15 characters large, composed of letters, symbols and numbers.
Another recommendation is to advise family members to adopt the same security practices and refrain from making public relevant personal information.