R 221913Z FEB 22
MSGID/GENADMIN/CMC DCI IC4 WASHINGTON DC//
SUBJ/CYBERSECURITY TIPS FOR MARINES AND THEIR FAMILIES//
REF/A/DOD MEMO/28 JAN 22 REF/B/MARADMIN/17 FEB 22//
NARR/REF A IS MARADMIN 058-22, MARINE CORPS CYBERSECURITY RESPONSIBILITY REMINDER/REF B IS DOD CIO MEMO, IMPORTANCE OF MAINTAINING CYBER AWARENESS//
POC/R. A. LETTEER/CIV/DEPUTY, COMPLIANCE BRANCH, CYBERSECURITY/DCI IC4/TEL: 571-256-8859/EMAIL: RAY.LETTEER@USMC.MIL//
GENTEXT/REMARKS/1. This is a Deputy Commandant for Information (DC I) and Marine Forces Cyberspace Command (MARFORCYBER) coordinated message. Education and awareness are critically important in the fight against cybercriminal activity. Reference A reminded users of the Marine Corps Enterprise Network (MCEN) of their responsibilities to safeguard the integrity of our network. This message addresses other concerns outlined in Reference B by recommending cybersecurity best practices for the total force and their families.
2. Keep Your Software Up to Date. Ransomware attacks are increasingly common, targeting both businesses and individual consumers. You can protect yourself from most ransomware by turning on automatic system updates for all your connected devices, including your personal cellular devices, home computers and tablets, and smart home appliances. You should also enable automatic security updates for your software, especially your web browser.
3. Use Anti-Virus Protection. All modern versions of Microsoft and Apple operating systems (OSs) include built-in anti-virus protection. For Linux-based OSs, there are also a number of very capable free anti-virus programs. Whatever OS you use, ensure the anti-virus functions are enabled and have automatic updates turned on.
4. Use Strong Passwords or a Password Management Tool. Although it is convenient to use the same password on different accounts, doing so increases the risk of having those accounts compromised. Choose a unique password for each account and ensure it has a mixture of uppercase, lowercase, numbers, and special characters. A strong and easy to remember approach is to create three or four words of five to six characters each, combined together, using the mixture pattern mentioned. Password management tools offer a way to generate and store well-crafted passwords and can be found in application stores on all major platforms.
5. Use Two-Factor or Multi-Factor Authentication. Enable two-factor or multi-factor authentication whenever it is offered. These kinds of authentication add additional layers of security to the standard password-only method of online identification; the second form of authentication most commonly comes in the form of an email or SMS message with a passcode or series of numbers. Some websites also offer commercially available alternative tokens that you can purchase for an even higher level of protection.
6. Phishing Scams. We complete annual cybersecurity training that addresses phishing; even though this threat is not new, you need to take it seriously and protect yourself and your family. In a phishing scam attempt, the attacker poses as someone or something the sender is not, in order to trick the recipient into providing private information, like personal passwords, bank account information, or credit card details. Verify who the sender is whenever possible and use an alternate means of communicating with someone if you suspect the sender may not be who they say they are. For example, if you get a message on a social media site from an old friend asking for something, reach out to them via a text message or phone call rather than responding in the same social media site.
7. Protect Your Personal Identifiable Information (PII). PII is any information that can be used by a cybercriminal to identify or locate an individual. Do not post details like your date of birth, home address, or family relations on social media sites.
8. Use Your Mobile Devices Securely. Ensure you only install applications from trusted sources and have a passcode or biometric scans enabled for access. If your mobile device is lost or stolen, it cannot be easily accessed.
9. Do not Use Public Wi-Fi unprotected. If you must use publicly available Wi-Fi, use a freely available Virtual Private Network (VPN) from your application store of choice. Use your cell network if you do not have access to a VPN when security is important.
10. Use a Credit Freeze and Check Your Credit Report. All three credit reporting agencies allow for an individual to place a “freeze” on their credit. It will then take additional steps to obtain new credit in your name, thereby decreasing the chance someone can steal your identity. Check your credit report regularly for any lines of credit opened without your knowledge. Federal law requires credit reporting agencies make a free credit report available to individuals at no cost at least once every 12 months; those can be accessed at annualcreditreport.com.
11. The Department of Homeland Security, Cybersecurity & Infrastructure Security Agency website (https:(slash)(slash)www.cisa.gov/cybersecurity-awareness-month) provides a wide range of publically available cybersecurity awareness resources, launched in observance of Cybersecurity Awareness Month in Oct 2021.
12. For additional information, email HQMC_DCI_IC4_ICC_CY_Executive@usmc.mil.
13. Released authorized by BGen Joseph A. Matos, Director, Information, Command, Control, Communications and Computers (IC4) Deputy Commandant for Information (DC I).//