The Spy in Your Pocket
airplane mode won't cut it
One of the most compartmentalized areas, rightfully, in the national security apparatus involve the electromagnetic spectrum. Has been true for most of the last century.
Radar, radio, and now IP based systems - they all can either be used to find or reveal your side or the other's location. "War winning technology" is perhaps an overused phrase, but some of these capabilities seem to be close to that. Some are hidden in plain sight, others with elaborate cover stories, some hidden in riddles and spin.
One thing I keep telling myself as I type out my thoughts almost every day, is to remember that what I once knew is with each passing year very dated, and even when in the game, for every bit I was read in to, there was an order of magnitude or more that I was not.
We are very good in some areas; very blind in others. Our opponents the same.
As our electronic devices become more a normal part of our lives, it is only natural that this day to day convenience would, with smart people out there, be turned in to a vulnerability.
In 2016, a U.S. defense contractor named PlanetRisk Inc. was working on a software prototype when its employees discovered they could track U.S. military operations through the data generated by the apps on the mobile phones of American soldiers.
At the time, the company was using location data drawn from apps such as weather, games and dating services to build a surveillance tool that could monitor the travel of refugees from Syria to Europe and the U.S., according to interviews with former employees. The company’s goal was to sell the tool to U.S. counterterrorism and intelligence officials.
But buried in the data was evidence of sensitive U.S. military operations by American special-operations forces in Syria. The company’s analysts could see phones that had come from military facilities in the U.S., traveled through countries like Canada or Turkey and were clustered at the abandoned Lafarge Cement Factory in northern Syria, a staging area at the time for U.S. special-operations and allied forces.
When PlanetRisk traced telephone signals from U.S. bases to the Syrian cement factory in 2016, it hadn’t been disclosed publicly that the factory was being used as a staging area for U.S. and allied forces. Moreover, the company could monitor the movements of American troops even while they were out on patrol—a serious operational security risk that opened units up to being targeted by enemy forces, according to the people familiar with the discovery.
When it saw evidence of U.S. missions in the commercial data, the company raised its concerns with U.S. officials, who were alarmed by the possibilities that others could track American soldiers, according to the people. PlanetRisk was working on a tracking tool with the aim of bringing it to the federal defense and intelligence market. The company, which was beaten to market by other competitors and never finished the work, has since been split up, its pieces sold to other defense contractors.
How many of our Sailors - much less the others services personnel - have wifi and bluetooth enabled devices, phones, watches, fitbit, net work of things, etc?
How many of these are ready to respond the minute they get in range of a transmitter looking for them?
How do you even tempest check for them on things such as a carrier of thousands?
I am sure that this is a topic better not discussed too much on this net, about defense or offense, but I would like to think in an optimistic moment that we have the right people with the right answers on this topic.
If not, at war, we will find out soon enough.
I can say with certainty that the concerns you raise in this post have not gone unnoticed by the IW community. There have been a lot of work done over the last several years on TTPs and tools to try and find and cut down on unauthorized Personal Electronic Device (PED) usage. I wouldn't say that the problem has been completely cracked; likely, nothing short of a full ban on such devices aboard ship would be truly effective. The Russians did this, but they don't have to deal with the recruiting problems such a policy would inevitably create!
Remember about 3 years ago that a popular fitness tracker - I seem to recall that it was FitBit - was displaying the fitness courses that many deployed soldiers were running on? And I seem to recall that Russian soldiers were showing up on the same apps.
Our youngsters need to learn the old lesson that "Loose Lips Sink Ships".