NSA Warns Cellphone Location Data Could Pose National-Security Threat


NSA Warns Cellphone Location Data Could Pose National-Security Threat
Disable location-sharing on apps, agency says in new guidance for military and intelligence personnel
‘Location data can be extremely valuable and must be protected,’ the National Security Agency said Tuesday.
By Byron Tau and Dustin Volz Aug. 4, 2020 1:45 pm ET
WASHINGTON—The National Security Agency issued new guidance on Tuesday for military and intelligence-community personnel, warning about the risks of cellphone location tracking through apps, wireless networks and Bluetooth technology.
The detailed warning from one of the nation’s top intelligence agencies is an acknowledgment that Silicon Valley’s practice of collecting and selling cellphone location information for advertising and marketing purposes poses a serious national-security risk to many inside the government.
“Location data can be extremely valuable and must be protected. It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations,” the NSA bulletin warned.
Among its recommendations, the NSA advises disabling location-sharing services on mobile devices, granting apps as few permissions as possible and turning off advertising permissions. The NSA also recommends limiting mobile web browsing, adjusting browser options to not allow the use of location data, and switching off settings that help track a misplaced or stolen phone.
Apps often collect and share anonymized location data with third-party location data brokers who in turn sell their commercial products to government and corporate customers, The Wall Street Journal has reported. The sale of the data, especially to the government, is generally done without consumer awareness.
Other services can estimate a phone’s location based on its proximity to other Bluetooth devices or Wi-Fi networks. More invasive technologies used by law-enforcement and intelligence services—such as “Stingray” cell-tower simulators often used by police to collect location information, as well as Wi-Fi “sniffers” that can extract information about a phone based on network information—can collect a phone’s location without user permission.
The agency’s warning extended beyond phones, noting that fitness trackers, smartwatches, internet-connected medical devices, other smart-home devices and modern automobiles all contain location-tracking potential.
That data is used by commercial entities for targeted advertising, marketing research and investment decisions. But governments world-wide, including the U.S. government, are increasingly interested in collecting commercial information harvested from cellphones to do surveillance and track criminal suspects.
Concern inside the U.S. has grown in recent weeks over the Chinese video-sharing app TikTok, which is owned by Beijing-based ByteDance Ltd. Like many Western apps, the social-media service popular among young people globally collects an array of user data like the consumer’s social-network contacts, GPS position and personal information such as age and phone number.
Intelligence officials worry that kind of information in the hands of a Chinese company could have potential national-security ramifications. President Trump has threatened to use presidential emergency powers to ban TikTok from the U.S. by Sept. 15 unless a U.S. buyer can be found.
The advisory is intended for Defense Department personnel, but acknowledges the mitigation steps might be useful for a range of users.
“While there are countless benefits to using mobile devices, location data exposure can be a risk to users,” Neal Ziring, technical director for cybersecurity at the NSA, said in a statement. “NSA publishes technical and threat analyses based on our authorities and customer needs. As connected mobile devices continue to expand into more networks, we’ve received more queries from our national security customers about using them securely.”
Most of the risks described by the NSA address general, longstanding concerns about how cellphone location data can be passively tracked, stored and shared by apps, advertisers and device manufacturers. But the document also alludes to sophisticated, targeted cyberattacks that can render a phone a high-value espionage tool.
“If a mobile device has been compromised, the user may not be able to trust the setting indicators,” the advisory reads. “Detecting compromised mobile devices can be difficult or impossible; such devices may store or transmit location data even when location settings or all wireless capabilities have been disabled.”
The Defense Department previously raised concerns about how its personnel might be inadvertently revealing sensitive information via location trackers. The fitness app Strava publicly released a map in 2017 of three trillion individual GPS data points from users who logged their running or cycling routes. But within that data, researchers at nongovernmental organizations and journalists gleaned a trove of valuable national-security information—like the location of U.S. forward-operating bases in Afghanistan, the routes of military supply convoys and the location of secret CIA facilities.
The NSA is the U.S. government’s chief supplier of electronic intelligence, tasked with breaking into foreign computer networks to spy on governments and terrorists. But the agency also has a defensive cybersecurity mission.
The NSA rebranded its defensive mission last year under a newly created cybersecurity directorate and has increasingly issued public alerts about specific cybersecurity threats.

Comments

  1. Hello everyone are you a forex/Binary/indices/crypto trader? or you Have heard about it for long and right now you wish to give it a trial ? please also be careful of these unregulated brokers advertising on the internet.
    You can avoid loses and also make good choices when choosing a broker to trade with.
    So i am recommending an expert(78 years old woman) who is well known all over EUROPE/America for her master class strategy, and her ability to recover loses no matter how long it must have been, she also gives free tutors for beginners.
    I share this because she has led me(and so many other people) away from the paths of failure into success for over 3 years now that I have known her and
    I'm making huge amounts of money through profits.
    Its a blessing to have someone like her
    Helping people like us at this time
    To reach out to Mrs Deja Ellie is very easy and she is ready to take up the challenges with you.
    All you have to do is drop a mail to her email address -( Dejaellie@gmail.com ) i shared this to help someone, you can also share to help someone else too!!!

    ReplyDelete

Post a Comment

Popular posts from this blog

Report: World’s 1st remote brain surgery via 5G network performed in China

Visualizing The Power Of The World's Supercomputers

BMW traps alleged thief by remotely locking him in car