www.helpnetsecurity.com
Open in
urlscan Pro
44.241.182.52
Public Scan
URL:
https://www.helpnetsecurity.com/2022/07/13/weaponizing-smartphone-location-data-battlefield/
Submission: On July 28 via manual from US — Scanned from DE
Submission: On July 28 via manual from US — Scanned from DE
Form analysis 2 forms found in the DOM
Name: searchform — GET https://www.helpnetsecurity.com/
<form id="searchform" name="searchform" class="searchform" method="get" action="https://www.helpnetsecurity.com/" role="form">
<div class="input-group">
<input type="search" name="s" id="headerSearchField" class="form-control" placeholder="What are you looking for?" aria-label="Search" value="" tabindex="1">
<span class="input-group-append">
<button class="btn btn-search input-addon-item" type="submit" id="headerSearchSubmit" tabindex="2"><svg class="hic">
<use xlink:href="#hic-search"></use>
</svg></button>
</span>
</div>
</form>POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-195955 mc4wp-ajax" method="post" data-id="195955" data-name="Bottom of the posts Exp_04">
<div class="mc4wp-form-fields">
<center><img src="https://img.helpnetsecurity.com/wp-content/uploads/2021/08/05092721/newsletters-head.jpg"></center>
<br>
<div class="form-check pb-2">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label" for="mcs1">
<b>Daily Newsletter</b> - E-mail sent every business day with a recap of the last 24 hours </label>
</div>
<div class="form-check pb-2">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label" for="mcs2">
<b>Weekly Newsletter</b> - E-mail sent every Monday with a recap of the last 7 days </label>
</div>
<div class="form-check pb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">
<b>(IN)SECURE Magazine</b> - E-mail sent when a new issue is released </label>
</div>
<p></p>
<p>
<label>
<input name="AGREE_TO_TERMS" type="checkbox" value="1" required=""> <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener">I have read and agree to the terms & conditions</a>
</label>
</p>
<div class="input-group">
<input type="email" name="email" id="email" class="form-control border-danger" placeholder="Please enter your e-mail address" required="">
<div class="input-group-append">
<button class="btn btn-danger rounded-0" type="submit">Subscribe</button>
</div>
</div>
<br>
<hr>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1659007211"><input type="hidden" name="_mc4wp_form_id" value="195955"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus The global average cost of a data breach reaches an all-time high of $4.35 million * News * Features * Expert analysis * Videos * Reviews * Events * Reports * Whitepapers * Industry news * Product showcase * Newsletters * * * * (IN)SECURE Magazine Mike Fong, CEO, Privoro July 13, 2022 Share THE WEAPONIZING OF SMARTPHONE LOCATION DATA ON THE BATTLEFIELD For soldiers on the battlefield, the act of turning on one’s smartphone has been described as the digital equivalent of lighting a cigarette, as doing so creates a signal about one’s location that can be picked up by the enemy. Despite this, smartphones have played a meaningful role in recent conflicts, including Russia’s invasion of Ukraine, where the devices have been used for communicating in the event of radio failure, disseminating on-the-ground footage to counter propaganda and maintaining morale by staying in touch with family and friends. How each side collects the adversary’s smartphone location data and shields their own can mean the difference between victory and defeat. HOW SMARTPHONE LOCATION DATA IS OBTAINED For a country at war, monitoring the cellular networks in the conflict zone provides the most comprehensive view of mobile device activity. But before the conflict even begins, the nation can identify phones of interest, including the devices belonging to soldiers. Because mobile app location data is often sold to commercial data brokers and then repackaged and sold to individual customers, a country can access such a database and then pick out the phones likely belonging to soldiers. Such devices will ping regularly in the locations of known bases or other military facilities. It’s even possible to identify the owner of a device by tracking the phone to its home address and then referencing publicly available information. A country can also use information obtained from one or more data breaches to inform their devices of interest. The T-Mobile breach in 2021 demonstrated how much customer data is in the hands of a mobile operator, including a phone’s unique identifier (IMEI) and its SIM card’s identifier (IMSI). Spies can also physically monitor known military sites and use devices known as IMSI catchers – essentially fake cell towers – to collect phone data from the phones in the vicinity. The Kremlin reportedly did this in the UK, with GRU officers gathering near some of the UK’s most sensitive military sites. When a phone of interest appears on the monitored mobile network, the country can keep a close eye on the device’s location and other cellular data. The presence of two or more such devices in close proximity indicates that a mission may be taking place. In addition to monitoring cell networks, a nation at war can utilize IMSI catchers on the battlefield to gather phone data for the purposes of locating and identifying devices. Location can be determined by triangulating signal strengths from nearby cell towers or by pinging a targeted device’s GPS system. Russia’s Leer-3 electronic warfare system, which consists of two drones containing IMSI catchers along with a command truck, can locate up to 2,000 phones within a 3.7-mile range. To counter these location-finding drones, an opposing nation may jam a drone’s GPS signal, using a radio emitter to block the drone from receiving GPS signals. The country can also try GPS spoofing, employing a radio transmitter to corrupt the accuracy of the drone’s reported location. To counter such spoofing, systems for validating GPS signals have been deployed on the battlefield. In the larger picture, the corruptibility of GPS data has forced some nations to build their own geopositioning systems. For the US, M-Code serves as a military-only GPS signal that is both more accurate and provides anti-jamming and anti-spoofing capabilities. Spyware is a more targeted approach to obtaining location data. It can be delivered over the cell network (via a malicious carrier update) or through an IMSI catcher. It’s also not uncommon for operators to pose as single women on social media sites to lure soldiers into downloading a malicious app. Hamas has reportedly used this tactic many times against Israeli soldiers. Such spyware can capture a device’s real-time location, among other capabilities. THE RISKS OF CAPTURED SMARTPHONE LOCATION DATA Of all the signals given off by smartphones in the normal course of operation, location data is perhaps the most valuable during battle. Unlike captured conversations or call metadata, location data is actionable immediately. Location data can reveal troop movements, supply routes and even daily routines. A cluster of troops in a given location may signal an important location. Aggregated location data can also reveal associations between different groups. The obvious risk to soldiers is that their location data can be used by the enemy to direct targeted attacks against them. Notably, it has been reported that a Russian general and his staff were killed in an airstrike in the early weeks of the invasion after his phone call was intercepted and geolocated by the Ukrainians. Short of lethal strikes, location data can be used to inform a country’s strategy. For example, Russia’s phone data-collecting drone flights over Poland and the Baltic states in 2017 suggested to military experts that the country was trying to monitor troop levels at NATO’s new bases to see if there were more forces present there than the alliance had disclosed publicly. SMARTPHONE LOCATION DATA COUNTERMEASURES To counter the capture of location data from soldiers’ smartphones, many countries have understandably banned the presence of these devices on the battlefield. In 2019, for instance, Russia’s parliament unanimously voted to ban smartphones and tablets from being used by on-duty armed forces. However, banning mobile device usage by soldiers who have never known a world without smartphones has its limitations. Since the invasion began, there have been multiple instances of Russian commanders confiscating their subordinates’ personal phones for fear that they would unwittingly give away the locations of their units. Short of an outright ban, soldiers may be encouraged to mind their SIM cards. Ukrainian soldiers have been advised to obtain a SIM card in the conflict zone, which helps shield a device’s identity. During the war in Afghanistan, some top Taliban leaders played SIM card roulette, randomly distributing SIM cards at frequent intervals to elude American trackers. Soldiers are also advised to shield their true locations when smartphones are used. Ukrainian soldiers, for example, are instructed to walk at least 1,600 feet away from their squad position in order to make a phone call, ideally to an area with many civilians. Soldiers can also use a Faraday case to cloak their direction of travel, first heading in the wrong direction before placing their phone in the case. Using a Faraday case is a safer option than turning off the phone, as powering off is a signal in its own right that can invite additional scrutiny, and as the phone may have been hacked to appear to be off when it’s in fact still on and transmitting signals to the enemy. WHAT’S AT STAKE Smartphones are so ubiquitous that their presence on the battlefield is inevitable, even when they’ve been prohibited or otherwise discouraged from use due to lethal consequences. But each location ping gives the enemy another signal that may ultimately culminate in a targeted missile strike or an improved defensive posture. The side that can best fight this information battle very likely has the upper hand in winning the war. Daily Newsletter - E-mail sent every business day with a recap of the last 24 hours Weekly Newsletter - E-mail sent every Monday with a recap of the last 7 days (IN)SECURE Magazine - E-mail sent when a new issue is released I have read and agree to the terms & conditions Subscribe -------------------------------------------------------------------------------- Leave this field empty if you're human: More about * Audax Private Equity * data * data security * Israel * mobile devices * opinion * Privoro * smartphone * smartphones * war Share this FEATURED NEWS * The future of attack surface management (ASM) * The global average cost of a data breach reaches an all-time high of $4.35 million * Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure Find out why developers love Pentest as a Service (PtaaS) WHAT'S NEW THE FUTURE OF ATTACK SURFACE MANAGEMENT (ASM) ONLY 25% OF ORGANIZATIONS CONSIDER THEIR BIGGEST THREAT TO BE FROM INSIDE THE BUSINESS 84% OF ORGANIZATIONS EXPERIENCED AN IDENTITY-RELATED BREACH IN THE PAST 18 MONTHS 1 IN 3 EMPLOYEES DON’T UNDERSTAND WHY CYBERSECURITY IS IMPORTANT DON'T MISS THE FUTURE OF ATTACK SURFACE MANAGEMENT (ASM) THE GLOBAL AVERAGE COST OF A DATA BREACH REACHES AN ALL-TIME HIGH OF $4.35 MILLION ISRAEL’S NEW CYBER-KINETIC LAB WILL BOOST THE RESILIENCE OF CRITICAL INFRASTRUCTURE ORGANIZATIONS ARE STRUGGLING WITH SAAS SECURITY. WHY? TARGETED CAMPAIGN USES INFOSTEALER TO HIJACK FACEBOOK BUSINESS ACCOUNTS Follow us * Features * News * Expert Analysis * Reviews * Events * Reports * Whitepapers * Industry news * Newsletters * Product showcase * Twitter IN CASE YOU’VE MISSED IT * Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure * The infosec investment landscape: Which tech gets the most bucks? * Who are the best fraud fighters? * Dealing with threats and preventing sensitive data loss (IN)SECURE MAGAZINE ISSUE 72 (JULY 2022) * 7 threat detection challenges CISOs face and what they can do about it * How to set up a powerful insider threat program * An offensive mindset is crucial for effective cyber defense Read online © Copyright 1998-2022 by Help Net Security Read our privacy policy | About us | Advertise ×