National Academy of the Security Service of Ukraine logo

National
Academy
of Security Service
of Ukraine

National Academy
of Security Service of Ukraine

УКР

National Academy of the Security Service of Ukraine

Phone
063 229 58 45
Advice: How to act in emergencies
Integrity

Advice: How to act in emergencies

Military behaviour when using social media

Ukrainian servicemen should pay special attention to the publication of their personal data due to the situation in eastern Ukraine. The enemy may use your data to establish deployment sites and personnel of the Armed Forces of Ukraine. Such a mistake could cost someone’s life or provoke the interest of the Russian special services.

You should comply with the following rules on the internet:

  • Restrict access to personal data in privacy settings.
  • Regularly check your social media friend list and unfriend random or sus-picious people. 
  • Do not publish photos and videos which can facilitate the location data, armament and activities of your military unit or other formations.
  • Do not use Russian social networks VKontakte, Odnoklassniki and LinkedIn, as well as QIP messenger even via VPN services. This refers to "Mail.ru" and "Yandex" systems, especially in case of official email corre-spondence in the "gov.ua" domain area. These resources transmit to Rus-sian special services personal information, including e-mail, phone number, date and IP address registration, as well as the last visit, etc. 
  • Do not install Russian mobile applications such as DMB Timer, DMB, DMB Timer +, Dembel and others. During signing up, these applications require your personal data and the information about your department and colleagues.
  • Servicemen involved in the JFO should limit the use of personal modems or routers to enter the internet via a signal transmission which can be de-tected by special equipment and determine their location. 

How to deal with suspicious items

Any suspicious object in an unusual place can be an explosive device. The shape of the discovered item can be deceiving. Common household items, including bags, packages, boxes, toys and likewise are used to conceal explosive devices.

If you do not think the item you found should be in this location please note:

  • Public transport actions: try to determine who the object / item belongs to, ask the people next to you. If the owner is not identified, let the driver know what you found at once.
  • Residential entrance activities: ask the neighbours. If the owner is not es-tablished, contact the nearest police department immediately.
  • Institutional behaviour: inform the administration or security about the discovery.

Do not touch, move or open the detected item. Any action may cause explosion, casualties and destruction, if it turns out to be an explosive device.

Record when suspicious item was found.

Try to keep people as far away from discovery as possible.

Be sure to wait for the investigation team to arrive. (Remember you are an im-portant witness).

Please make it clear to your children that anything found on the street or at the entrance hall can be life-threatening.

Social Media Intrusion Prevention

At first glance, it seems that a personal account on social networks is a personal space. Your account can be threatened by hackers, even with a limited friends-only access.

Several social media security rules:

  • Set a strong login password for your account. The level of security of the account and safety of the information depends on the complexity of the password.
  • Use reliable email services, such as Google, Yahoo, or Ukrainian email programmes when creating accounts. Do not use Russian services prohibited in Ukraine as attackers can easily access your pages on social networks via personal mailboxes on these resources.
  • Use dual authorisation, especially if you log in to the profile from an unfamiliar device.
  • Set up a profile alerts for unauthorised access to your pages.
  • Do not authorise personal or corporate profiles on unknown and insecure devices. These may remember the login and password entered or they may have malware or spyware installed.
  • Do not open attachments in messages from dubious recipients.
  • Phishing is the most common way for hackers to obtain mailbox passwords and social media pages. Do not give your personal data, online payment information or currency exchange information to anyone online.

How to take care of cybersecurity

All users are at risk online without the taking the necessary precautions. Social networks and online services (such as banking) in particular are places where users are at risk of becoming victims of fraud and cyber crime. Criminals look for vulnerable passwords and connections to hack and use your personal or official information. Electronic devices are the largest source of information about you so take care of your own cyber se-curity.

Electronic device safety:

  • Update your device security systems regularly.
  • Back up important files systematically.
  • Set the privacy and security mode for websites.
  • Pay attention to web addresses while paying online: “https://” means that the site takes additional security measures for its customers; “http://” defined the link is not secure.
  • Do not use official mailboxes for private correspondence.
  • Scan USBs or other external devices for malicious applications and viruses before connecting.

Secure Wi-Fi connection:

Free Wi-Fi connections in public places often have no passwords. This makes your device vulnerable to attack. 

  • When signing into a Wi-Fi network, use only Wi-Fi access points that have WPA or WPA-2 security protocols to protect your wireless connec-tion.
  • The best option is to use a personal Wi-Fi modem or access the In-ternet using a prepaid package of mobile operator services.
  • Turn off the “auto Wi-Fi connection” function. 

Spyware Protection:

Most spyware programmes are "embedded" in mobile applications. When you install them on your smartphone you could be allowing them to access your location, contact list, social media accounts and mailboxes. 

  • Install applications only from official and proven services such as Chrome Store, Add-ons and Play Market for Android, App Store for iOS.
  • Do not allow a smartphone, tablet or PC operating system to auto-matically install applications from unknown sources.
  • Regularly delete unused programmes.

Email security: 

If attackers hack into your email they may try to change your passwords, access your personal photos and videos or send spam on your behalf.

  • Enable two-factor authentication with your mobile phone. If an in-truder tries to get the password to your mailbox you will automatically re-ceive an SMS message about unauthorised access.
  • Set a reliable password and do not use the Russian services like “Yandex.ru”, “Mail.ru” for its recovery.
  • Do not open suspicious email attachments that have extensions such as ".exe", ".bat", ".cmd", ".vbs", ".docm", ".xlsm", etc.