Mobile Devices

Submitted

Posted on Thursday, July 6, 2017


Cyber threats are constantly evolving, and so must our defences against them. Hacking technology is free, giving hackers tools to launch cyber attacks.

Your Government of Canada mobile device is an especially attractive target for the information it contains.
A compromised mobile device can put Department of National Defence (DND)/Canadian Armed Forces (CAF) information at risk, which can have severe consequences on the safety and security of Canadians. Help protect yourself against this threat!

1. Who is a target?
• YOU!
• Executives and their
assistants
• Help desk staff and system
administrators
• Users who deal with
sensitive information
• Users with remote access
• Users who interact with the
public

2. How do they do it?
Hackers can illegally access Government of Canada information by:
• Remotely accessing
mobile devices
• Physically tampering
with them
• Using applications such
as location tracking to
determine your location
• Texting messages with
malicious content
• Sending email with links to malicious sites

3. What to do?
• Understand the risks, keep track of your devices, and maintain situational awareness.
• Avoid joining unknown or unsecured Wi-Fi networks.
• Avoid opening files, clicking links, or calling numbers contained in unsolicited text messages or e-mails.
• Maintain up-to-date software, including operating systems and applications.
• Do not use “Remember Me” features on websites and applications - always type your password.
• Stop auto connecting: disable your Bluetooth and wireless when not in use.

4. Traveling soon?
• Know and follow DND/CAF policies.
• Be aware that hotel networks and rooms are monitored.
• Know your surroundings when using your device and constantly be on guard.
• In accordance with the National Defence Security Orders and Directives (NDSOD) Chapter 4, Section 5, when traveling outside of Canada and the US, consult the Counter-Intelligence Unit (NCIU) to determine if you require a defensive security briefing.

5. I think I’ve been hacked. Now what?
• Immediately report the incident to your local helpdesk and unit Information System Security Officer (ISSO).
• Do not use the compromised device to make that call!
• Stop using the device until it is handed in for further inspection.