Fitness app Strava reviewed after GPS poses threat'
US Defence Secretary Jim Mattis has ordered a review of security protocols after fitness tracking devices broadcast patterns of movement at military facilities around the world, including in war zones.
Nathan Russer, a student at the Australian National University in Canberra, drew attention to data when he wrote on Twitter about the images after stumbling upon GPS tracking company Strava's Global Heatmap. “Once you look at Syria you can see a bunch of bright spots,” Russer said.
There is also the risk that Strava itself could become a target of nations trying to mine its data to discover identifiable information about who was wearing the devices.
Jim Lewis, a cyber expert at the Centre for Strategic and International Studies, said that fitness trackers were just one way that all mobile wireless technology can undermine operational security and give adversaries an edge.
“The Russians are pretty good at this and there are ways to combine the data from trackers with social media profiles. Social networks are the bane of operational security.” Lewis said.
The Department of Defence said it encourages all defence personnel, wherever they are, to limit their public presence on the internet. That guidance is even stricter when troops operate in sensitive locations.
The Pentagon said in a statement, without directly confirming that US troops had used the fitness trackers. It read: “DOD takes matters like these very seriously and is reviewing the situation to determine if any additional training or guidance is required,” The Pentagon also said it was considering whether additional steps needed to be taken “to ensure the continued safety of DOD personnel at home and abroad.”
Pentagon spokesman Colonel Robert Manning told reporters at a news briefing he did not know of any instances in which U.S. base security had been compromised as a result of the mapping.