NSA Warns Cellphone Location Data Could Pose National-Security Threat


NSA Warns Cellphone Location Data Could Pose National-Security Threat
Disable location-sharing on apps, agency says in new guidance for military and intelligence personnel
‘Location data can be extremely valuable and must be protected,’ the National Security Agency said Tuesday.
By Byron Tau and Dustin Volz Aug. 4, 2020 1:45 pm ET
WASHINGTON—The National Security Agency issued new guidance on Tuesday for military and intelligence-community personnel, warning about the risks of cellphone location tracking through apps, wireless networks and Bluetooth technology.
The detailed warning from one of the nation’s top intelligence agencies is an acknowledgment that Silicon Valley’s practice of collecting and selling cellphone location information for advertising and marketing purposes poses a serious national-security risk to many inside the government.
“Location data can be extremely valuable and must be protected. It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations,” the NSA bulletin warned.
Among its recommendations, the NSA advises disabling location-sharing services on mobile devices, granting apps as few permissions as possible and turning off advertising permissions. The NSA also recommends limiting mobile web browsing, adjusting browser options to not allow the use of location data, and switching off settings that help track a misplaced or stolen phone.
Apps often collect and share anonymized location data with third-party location data brokers who in turn sell their commercial products to government and corporate customers, The Wall Street Journal has reported. The sale of the data, especially to the government, is generally done without consumer awareness.
Other services can estimate a phone’s location based on its proximity to other Bluetooth devices or Wi-Fi networks. More invasive technologies used by law-enforcement and intelligence services—such as “Stingray” cell-tower simulators often used by police to collect location information, as well as Wi-Fi “sniffers” that can extract information about a phone based on network information—can collect a phone’s location without user permission.
The agency’s warning extended beyond phones, noting that fitness trackers, smartwatches, internet-connected medical devices, other smart-home devices and modern automobiles all contain location-tracking potential.
That data is used by commercial entities for targeted advertising, marketing research and investment decisions. But governments world-wide, including the U.S. government, are increasingly interested in collecting commercial information harvested from cellphones to do surveillance and track criminal suspects.
Concern inside the U.S. has grown in recent weeks over the Chinese video-sharing app TikTok, which is owned by Beijing-based ByteDance Ltd. Like many Western apps, the social-media service popular among young people globally collects an array of user data like the consumer’s social-network contacts, GPS position and personal information such as age and phone number.
Intelligence officials worry that kind of information in the hands of a Chinese company could have potential national-security ramifications. President Trump has threatened to use presidential emergency powers to ban TikTok from the U.S. by Sept. 15 unless a U.S. buyer can be found.
The advisory is intended for Defense Department personnel, but acknowledges the mitigation steps might be useful for a range of users.
“While there are countless benefits to using mobile devices, location data exposure can be a risk to users,” Neal Ziring, technical director for cybersecurity at the NSA, said in a statement. “NSA publishes technical and threat analyses based on our authorities and customer needs. As connected mobile devices continue to expand into more networks, we’ve received more queries from our national security customers about using them securely.”
Most of the risks described by the NSA address general, longstanding concerns about how cellphone location data can be passively tracked, stored and shared by apps, advertisers and device manufacturers. But the document also alludes to sophisticated, targeted cyberattacks that can render a phone a high-value espionage tool.
“If a mobile device has been compromised, the user may not be able to trust the setting indicators,” the advisory reads. “Detecting compromised mobile devices can be difficult or impossible; such devices may store or transmit location data even when location settings or all wireless capabilities have been disabled.”
The Defense Department previously raised concerns about how its personnel might be inadvertently revealing sensitive information via location trackers. The fitness app Strava publicly released a map in 2017 of three trillion individual GPS data points from users who logged their running or cycling routes. But within that data, researchers at nongovernmental organizations and journalists gleaned a trove of valuable national-security information—like the location of U.S. forward-operating bases in Afghanistan, the routes of military supply convoys and the location of secret CIA facilities.
The NSA is the U.S. government’s chief supplier of electronic intelligence, tasked with breaking into foreign computer networks to spy on governments and terrorists. But the agency also has a defensive cybersecurity mission.
The NSA rebranded its defensive mission last year under a newly created cybersecurity directorate and has increasingly issued public alerts about specific cybersecurity threats.
https://www.wsj.com/articles/nsa-warns-cellphone-location-data-could-pose-national-security-threat-11596563156

Comments

  1. dominguezmartaAugust 6, 2020 at 1:53 PM

    Hello everyone are you a forex/Binary/indices/crypto trader? or you Have heard about it for long and right now you wish to give it a trial ? please also be careful of these unregulated brokers advertising on the internet.
    You can avoid loses and also make good choices when choosing a broker to trade with.
    So i am recommending an expert(78 years old woman) who is well known all over EUROPE/America for her master class strategy, and her ability to recover loses no matter how long it must have been, she also gives free tutors for beginners.
    I share this because she has led me(and so many other people) away from the paths of failure into success for over 3 years now that I have known her and
    I'm making huge amounts of money through profits.
    Its a blessing to have someone like her
    Helping people like us at this time
    To reach out to Mrs Deja Ellie is very easy and she is ready to take up the challenges with you.
    All you have to do is drop a mail to her email address -( Dejaellie@gmail.com ) i shared this to help someone, you can also share to help someone else too!!!

    ReplyDelete

Post a Comment

Popular posts from this blog

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke...
Read more

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that th...
Read more

New ATM's: withdraw money with veins in your finger

New cash machines: withdraw money with veins in your finger Cash machine technology that reads the pattern of finger veins is already available in Japan and Poland   By Telegraph Reporters 6:59PM BST 15 May 2014 Cash machines could soon be installed with devices that identify customers by reading the veins in their fingers. The technology is already being rolled out in Poland, where 1,730 cash machines will this year be installed with readers, negating the need for a debit card and Pin. Developed by Hitachi, the Japanese electronics firm, the machines read the patterns of the veins just below the surface of the skin on your finger using infra-red sensors. The light is partially absorbed by haemoglobin in the veins to capture a unique finger vein pattern profile, which is matched to a profile. The technology is used by Japanese banks and also in Turkey, offering “groundbreaking levels of accuracy and speed of authentication”, Hitachi said, which in t...
Read more