Threat actors are targeting U.S. military personnel deployed in active war zones, exploiting commercially available location data.
This shows how the global surveillance economy (digital targeted advertising) affects battlefield security.
Location data exposing military location
The US Central Command (Centcom) confirmed this attack and said, “multiple threat reports concerning adversary exploitation of commercial location data to target or surveil U.S. personnel in theater.”
Details about the incident
This alarming development was shared with Reuters by Senator Ron Wyden, but no particular detail about the incident was offered.
But Centcom’s operation area consists of the Gulf, where the US forces are at war with the Iranian military. This is the first time that US forces have confirmed it is being targeted in an active war zone with the help of digital ads that are exposing location data.
Officials’ statements
According to Pentagon and the US lawmakers, “”commercial location data can be used to identify where U.S. troops congregate and their pattern of life, which can be exploited by adversaries to target attacks such as missiles, drones, and roadside bombs, and for counterintelligence.”
Lawmakers warned that “commercial location data can be used to identify where U.S. troops congregate and their pattern of life, which can be exploited by adversaries to target attacks such as missiles, drones, and roadside bombs, and for counterintelligence.”
The risk of digital advertising targeting in wars
Senator Wyden has warned that it is time to “”start treating the adtech industry as a national security threat.”
The problem has again exposed the underlying privacy threats concerning location data, which is the foundation of digital advertising.
The Pentagon did not return messages seeking comment, and lawmakers’ efforts to obtain more information from military officials about the targeting reports.
Attack tactic
The location data is retrieved by apps through smartphones or service providers. For instance, a third-party sometimes collects the data which is sold on the web for advertising purposes.
The privacy threats of selling personal location data is not new. In 2016, a US defense contract bought commercially available location data to trace special ops forces from their domestic bases to a private staging post in Syria, according to a Wall Street Journal (WSJ) report.
Recently, reporters from two German news outlets and the Wired used billions of coordinates from a data broker to leak detailed locations of individuals near eleven US military sites in Germany.
The US lawmakers wrote a letter to the Pentagon which argued that military officials should act faster to protect military personnel, as their location is sometimes exposed due to the complex location data trade market.
The US lawmakers have suggested to:
- Disable location sharing on field smartphones
- Shifting military staff away from Google Chrome in favour of privacy focused browsers.
- Turn off digital advertising on military devices.
The impact
Advertising groups such as the Association of National Advertisers and the Interactive Advertising Bureau have not responded to any questions or comments.
North Carolina Republican and former U.S. Army Special Forces officer, representative Pat Harrigan, co-signed the letter, saying that browsers such as Google Chrome “are built from the ground up to collect and
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: