18 July 2022

The weaponizing of smartphone location data on the battlefield

Mike Fong

For a country at war, monitoring the cellular networks in the conflict zone provides the most comprehensive view of mobile device activity. But before the conflict even begins, the nation can identify phones of interest, including the devices belonging to soldiers.

Because mobile app location data is often sold to commercial data brokers and then repackaged and sold to individual customers, a country can access such a database and then pick out the phones likely belonging to soldiers. Such devices will ping regularly in the locations of known bases or other military facilities. It’s even possible to identify the owner of a device by tracking the phone to its home address and then referencing publicly available information.

A country can also use information obtained from one or more data breaches to inform their devices of interest. The T-Mobile breach in 2021 demonstrated how much customer data is in the hands of a mobile operator, including a phone’s unique identifier (IMEI) and its SIM card’s identifier (IMSI).

Spies can also physically monitor known military sites and use devices known as IMSI catchers – essentially fake cell towers – to collect phone data from the phones in the vicinity. The Kremlin reportedly did this in the UK, with GRU officers gathering near some of the UK’s most sensitive military sites.

When a phone of interest appears on the monitored mobile network, the country can keep a close eye on the device’s location and other cellular data. The presence of two or more such devices in close proximity indicates that a mission may be taking place.

In addition to monitoring cell networks, a nation at war can utilize IMSI catchers on the battlefield to gather phone data for the purposes of locating and identifying devices. Location can be determined by triangulating signal strengths from nearby cell towers or by pinging a targeted device’s GPS system. Russia’s Leer-3 electronic warfare system, which consists of two drones containing IMSI catchers along with a command truck, can locate up to 2,000 phones within a 3.7-mile range.

To counter these location-finding drones, an opposing nation may jam a drone’s GPS signal, using a radio emitter to block the drone from receiving GPS signals. The country can also try GPS spoofing, employing a radio transmitter to corrupt the accuracy of the drone’s reported location. To counter such spoofing, systems for validating GPS signals have been deployed on the battlefield. In the larger picture, the corruptibility of GPS data has forced some nations to build their own geopositioning systems. For the US, M-Code serves as a military-only GPS signal that is both more accurate and provides anti-jamming and anti-spoofing capabilities.

Spyware is a more targeted approach to obtaining location data. It can be delivered over the cell network (via a malicious carrier update) or through an IMSI catcher. It’s also not uncommon for operators to pose as single women on social media sites to lure soldiers into downloading a malicious app. Hamas has reportedly used this tactic many times against Israeli soldiers. Such spyware can capture a device’s real-time location, among other capabilities.

The risks of captured smartphone location data

Of all the signals given off by smartphones in the normal course of operation, location data is perhaps the most valuable during battle. Unlike captured conversations or call metadata, location data is actionable immediately. Location data can reveal troop movements, supply routes and even daily routines. A cluster of troops in a given location may signal an important location. Aggregated location data can also reveal associations between different groups.

The obvious risk to soldiers is that their location data can be used by the enemy to direct targeted attacks against them. Notably, it has been reported that a Russian general and his staff were killed in an airstrike in the early weeks of the invasion after his phone call was intercepted and geolocated by the Ukrainians.

Short of lethal strikes, location data can be used to inform a country’s strategy. For example, Russia’s phone data-collecting drone flights over Poland and the Baltic states in 2017 suggested to military experts that the country was trying to monitor troop levels at NATO’s new bases to see if there were more forces present there than the alliance had disclosed publicly.

Smartphone location data countermeasures

To counter the capture of location data from soldiers’ smartphones, many countries have understandably banned the presence of these devices on the battlefield. In 2019, for instance, Russia’s parliament unanimously voted to ban smartphones and tablets from being used by on-duty armed forces.

However, banning mobile device usage by soldiers who have never known a world without smartphones has its limitations. Since the invasion began, there have been multiple instances of Russian commanders confiscating their subordinates’ personal phones for fear that they would unwittingly give away the locations of their units.

Short of an outright ban, soldiers may be encouraged to mind their SIM cards. Ukrainian soldiers have been advised to obtain a SIM card in the conflict zone, which helps shield a device’s identity. During the war in Afghanistan, some top Taliban leaders played SIM card roulette, randomly distributing SIM cards at frequent intervals to elude American trackers.

Soldiers are also advised to shield their true locations when smartphones are used. Ukrainian soldiers, for example, are instructed to walk at least 1,600 feet away from their squad position in order to make a phone call, ideally to an area with many civilians. Soldiers can also use a Faraday case to cloak their direction of travel, first heading in the wrong direction before placing their phone in the case. Using a Faraday case is a safer option than turning off the phone, as powering off is a signal in its own right that can invite additional scrutiny, and as the phone may have been hacked to appear to be off when it’s in fact still on and transmitting signals to the enemy.

What’s at stake

Smartphones are so ubiquitous that their presence on the battlefield is inevitable, even when they’ve been prohibited or otherwise discouraged from use due to lethal consequences. But each location ping gives the enemy another signal that may ultimately culminate in a targeted missile strike or an improved defensive posture. The side that can best fight this information battle very likely has the upper hand in winning the war.

No comments: