Step 2: Threat assessment: Identify potential cybersecurity threats.
The next step is to identify who is a threat to the organization's critical information.
There may be numerous adversaries who target different information, and companies must consider any competitors or hackers who might target the data.
The goal of threat analysis is to understand how adversaries could target an organization and use information to their advantage.
The threat analysis includes identifying potential adversaries and their associated capabilities and intentions to collect, analyze, and exploit critical information and indicators.
Organizations should seek support from their security, intelligence, and counterintelligence experts
The next step is to identify who is a threat to the organization's critical information.
There may be numerous adversaries who target different information, and companies must consider any competitors or hackers who might target the data.
The goal of threat analysis is to understand how adversaries could target an organization and use information to their advantage.
The threat analysis includes identifying potential adversaries and their associated capabilities and intentions to collect, analyze, and exploit critical information and indicators.
Organizations should seek support from their security, intelligence, and counterintelligence experts
Step 3: Vulnerability analysis: Identify weaknesses in security
In this stage, the organization examines potential weaknesses among the safeguards in place to protect critical information and identifies which ones leave it vulnerable.
This step includes finding any potential lapses in physical and electronic processes designed to protect against the predetermined threats or areas where a lack of security awareness training leaves information open to attack.
To perform vulnerability analysis, an OPSEC analyst must consider the adversary's perspective and try to identify any susceptibilities that could be exploited.
This includes:
• The types of activities an adversary could observe
•The types of information an adversary could collect
•Organizational weaknesses that an adversary could exploit
•Potential gaps in physical or electronic processes
•Areas where a lack of security awareness training could leave information vulnerable
In this stage, the organization examines potential weaknesses among the safeguards in place to protect critical information and identifies which ones leave it vulnerable.
This step includes finding any potential lapses in physical and electronic processes designed to protect against the predetermined threats or areas where a lack of security awareness training leaves information open to attack.
To perform vulnerability analysis, an OPSEC analyst must consider the adversary's perspective and try to identify any susceptibilities that could be exploited.
This includes:
• The types of activities an adversary could observe
•The types of information an adversary could collect
•Organizational weaknesses that an adversary could exploit
•Potential gaps in physical or electronic processes
•Areas where a lack of security awareness training could leave information vulnerable
Step 4: Assess risks
Risk assessment is a key step in the Operations Security (OPSEC) process, which is a strategy and process for managing risk and security. The goal of OPSEC is to protect sensitive information and prevent it from falling into the wrong hands
In a risk assessment, you compare threats and vulnerabilities to determine the potential risk of adversary intelligence collection activities.
This includes assessing How likely it is that you will be targeted, information exploited and the consequences of exploiting your information
The level of risk you determine will help you decide if you need to assign a countermeasure to a vulnerability.
For example, if the vulnerability is high and the adversary threat is clear, you might expect adversary exploitation and assess the risk as high. In this case, you would need to implement countermeasures to mitigate the risk or reduce it to an acceptable level.
However, if the vulnerability is low and the adversary's collection ability is moderate or low, you might determine the risk as low and not require any protective measures
Risk assessment is a key step in the Operations Security (OPSEC) process, which is a strategy and process for managing risk and security. The goal of OPSEC is to protect sensitive information and prevent it from falling into the wrong hands
In a risk assessment, you compare threats and vulnerabilities to determine the potential risk of adversary intelligence collection activities.
This includes assessing How likely it is that you will be targeted, information exploited and the consequences of exploiting your information
The level of risk you determine will help you decide if you need to assign a countermeasure to a vulnerability.
For example, if the vulnerability is high and the adversary threat is clear, you might expect adversary exploitation and assess the risk as high. In this case, you would need to implement countermeasures to mitigate the risk or reduce it to an acceptable level.
However, if the vulnerability is low and the adversary's collection ability is moderate or low, you might determine the risk as low and not require any protective measures
Step 5: Apply Countermeasures
Countermeasures are intended to prevent an adversary from successfully obtaining critical information.
Countermeasures should be applied when the level of risk is determined to be unacceptable and are implemented to mitigate risk or to reduce risk to a more acceptable level.
Countermeasures can include:
•Educating yourself: Learn about threats and vulnerabilities
•Using security precautions: Use physical, personal, and cyber security measures
•Enforcing policies: Create new policies around sensitive data
•Manipulating an adversary's perception: Hide or control indicators, vary routes, or modify schedules
•Using technological solutions: Encrypt files, use multi-factor authentication, or segment networks
Countermeasures are intended to prevent an adversary from successfully obtaining critical information.
Countermeasures should be applied when the level of risk is determined to be unacceptable and are implemented to mitigate risk or to reduce risk to a more acceptable level.
Countermeasures can include:
•Educating yourself: Learn about threats and vulnerabilities
•Using security precautions: Use physical, personal, and cyber security measures
•Enforcing policies: Create new policies around sensitive data
•Manipulating an adversary's perception: Hide or control indicators, vary routes, or modify schedules
•Using technological solutions: Encrypt files, use multi-factor authentication, or segment networks
Now that we have a full understanding of what Operational Security is and how it works, let’s see how it affects us.
You see.. Anyone can use the principles of OPSEC to protect themselves and their privacy.
It’s up to you if you want to follow OPSEC, all we can do is show you the way
You see.. Anyone can use the principles of OPSEC to protect themselves and their privacy.
It’s up to you if you want to follow OPSEC, all we can do is show you the way
Rule no.6
Do not give away your location and personal info.
In creating those rules, we were mainly focused on your telegram presence and how to protect yourself.
https://t.me/AzazelMain/1244027
Do not give away your location and personal info.
In creating those rules, we were mainly focused on your telegram presence and how to protect yourself.
https://t.me/AzazelMain/1244027
Telegram
Azazel News in Doomsday Preppers and Survivalist.
Welcome newbie.
If you wanna be here, obey our rules:
1. NO RACISM
2. NO ASSHOLES
3. NO POLITICS
4. RESPECT ADMINS
5. STFU WHILE THE CLASS IS TAUGHT
6. DO NOT GIVE AWAY YOUR LOCATION AND PERSONAL INFO, OPSEC RULES
--- OPSEC CHECK ---
--General Settings…
If you wanna be here, obey our rules:
1. NO RACISM
2. NO ASSHOLES
3. NO POLITICS
4. RESPECT ADMINS
5. STFU WHILE THE CLASS IS TAUGHT
6. DO NOT GIVE AWAY YOUR LOCATION AND PERSONAL INFO, OPSEC RULES
--- OPSEC CHECK ---
--General Settings…
Let’s focus on step 1:
Identifying critical information (CI)
(CI) is the first step in the Operations Security (OPSEC) cycle.
CI is information that an organization determines is important and could be harmful to the organization if exposed to an adversary.
CI can be classified or unclassified and may be part of a larger puzzle.
Identifying critical information (CI)
(CI) is the first step in the Operations Security (OPSEC) cycle.
CI is information that an organization determines is important and could be harmful to the organization if exposed to an adversary.
CI can be classified or unclassified and may be part of a larger puzzle.
1. Patterns and predictive behavior.
From reading group comments it’s easy to predict who will comment on which type of content.
While this itself isn’t necessarily an issue, it can give others an idea of your patterns and behaviors online & IRL as well.
The fix?
Observe & be aware of your patterns and behaviors so you have an understanding of your vulnerabilities, its risks and have the ability to implement countermeasures if necessary.
Some patterns are harmless and can stay put-others need to be reconsidered.
Don’t follow the same patterns: Be unpredictable!
Don’t let your “playbook” be transparent online or IRL.
If you have to use same routes and places...be aware of people and cars you might often see. Can anyone be tracking you? Is anything feeling off?
From reading group comments it’s easy to predict who will comment on which type of content.
While this itself isn’t necessarily an issue, it can give others an idea of your patterns and behaviors online & IRL as well.
The fix?
Observe & be aware of your patterns and behaviors so you have an understanding of your vulnerabilities, its risks and have the ability to implement countermeasures if necessary.
Some patterns are harmless and can stay put-others need to be reconsidered.
Don’t follow the same patterns: Be unpredictable!
Don’t let your “playbook” be transparent online or IRL.
If you have to use same routes and places...be aware of people and cars you might often see. Can anyone be tracking you? Is anything feeling off?
2. Collecting data from social media sites.
This is where some of you fail.
Using the same username for telegram, instagram and X?!
How hard do you think it would be to connect your dots?? No bueno😬
Another big one:
NEVER post pics or videos of yourself or your children on social media.
Additionally, do not post current locations or your plans especially while you are there.
It is not too difficult to map out a persons patterns and behaviors using a simple glance thru social media.
This is where some of you fail.
Using the same username for telegram, instagram and X?!
How hard do you think it would be to connect your dots?? No bueno😬
Another big one:
NEVER post pics or videos of yourself or your children on social media.
Additionally, do not post current locations or your plans especially while you are there.
It is not too difficult to map out a persons patterns and behaviors using a simple glance thru social media.
Media is too big
VIEW IN TELEGRAM
There have been multiple instances where woman or kids were tracked and kidnapped through social media accounts using location pattern tracking or other critical information.
In 2020, the National Center for Missing and Exploited Children reported 3,000 cases of social media-related kidnapping."
https://wifitalents.com/statistic/social-media-kidnapping/
https://wifitalents.com/statistic/social-media-kidnapping/
3. Interception of communications.
Be a digital ghost:
• Have several email accounts for different purposes.
• Have several phone / phone #’s.
•Turn cookies off
•use Brave browser or VPN.
•Trim tracking links after “?”
•Don’t mention sensitive information over phone conversations or in front of Alexa or smartwatch lol
For starters, this means you'll have several digital me's, every single one is different, incomplete, and can’t be easily connected to real you.
Signs of phone being listened to:
•sudden low battery life,
•antivirus stopped working,
•weird noise while talking,
•overheating,
•data upload suddenly huge
(More on this later)
Be a digital ghost:
• Have several email accounts for different purposes.
• Have several phone / phone #’s.
•Turn cookies off
•use Brave browser or VPN.
•Trim tracking links after “?”
•Don’t mention sensitive information over phone conversations or in front of Alexa or smartwatch lol
For starters, this means you'll have several digital me's, every single one is different, incomplete, and can’t be easily connected to real you.
Signs of phone being listened to:
•sudden low battery life,
•antivirus stopped working,
•weird noise while talking,
•overheating,
•data upload suddenly huge
4. Using people to collect information.
This why we do not encourage side chats with unknown members.
💥ESPECIALLY FAKE AZAZEL SCAMMERS💥
This is why your children do not talk to strangers.
You can glean a shitload of info in a simple 2 minute conversation if you know what to look for and are good at noticing things.
(More on this below)
This why we do not encourage side chats with unknown members.
💥ESPECIALLY FAKE AZAZEL SCAMMERS💥
This is why your children do not talk to strangers.
You can glean a shitload of info in a simple 2 minute conversation if you know what to look for and are good at noticing things.
While it is very useful for photographers, it is not good having all those information turned on in your phone camera app. Go into settings and turn it off (please be advised different phones have different settings). And while some apps like telegram usualy scrub it for you upon photo upload, other apps don't. Also if you loss your phone or get hacked, it would be so easy to track your moves.
Go check your phone camera app settings, as well as details of photo taken and details of screenshot taken, it shouldn't include any more that in this examples below ⬇️
https://www.persnicketyprints.com/how-to-read-digital-photo-metadata-on-a-phone/
Go check your phone camera app settings, as well as details of photo taken and details of screenshot taken, it shouldn't include any more that in this examples below ⬇️
https://www.persnicketyprints.com/how-to-read-digital-photo-metadata-on-a-phone/
Persnickety Prints
How to Read Photo Metadata on Your Phone • Persnickety Prints
Our #1 question- How Big Will This Print? Learn how to read digital photo metadata and pixels on your smart phone.
6. Location sharing devices:
Your electronic devices, the one where you use location services, where you have Ebank, fitness trackers, smart watch, IOT home devices installed, should not be the one you use your telegram (or work / family photos) on.
It is very hard to turn off something that runs in the background all the time, but there is an option on some phones to turn location trackers off.
Email services like gmail and Google all have options where you can find location options to turn them off.
If you must use your phone to use telegram then TURN LOCATION SERVICES OFF!
Your electronic devices, the one where you use location services, where you have Ebank, fitness trackers, smart watch, IOT home devices installed, should not be the one you use your telegram (or work / family photos) on.
It is very hard to turn off something that runs in the background all the time, but there is an option on some phones to turn location trackers off.
Email services like gmail and Google all have options where you can find location options to turn them off.
If you must use your phone to use telegram then TURN LOCATION SERVICES OFF!
❤3