In today’s world, we use our phones to communicate and share data with anyone across the globe within a matter of seconds, making it crucial to stay connected. However, with a lack of cyber awareness, your phone can act as a tracking device on steroids. With the onset of 5G and cheaper internet plans, social media platforms like Instagram, Facebook, and Reddit have seen a notable rise in the number of accounts. Along with the rest, government organizations and armed forces personnel have also kept themselves updated with the new era of social media.
Although this is used in a positive manner to showcase the work and activities performed by the respective organizations, it may sometimes do more harm than good. With a basic level of OSINT (Open-Source Intelligence) and Geo-Intelligence, a malicious actor may
be able to gather information that they shouldn’t have access to. This information can be gathered from posts by organizations themselves or through a serving or retired personnel.
Although this may sound very “once in a blue moon” threat. unfortunately, malicious actors don’t lack the time and financial support to perform such activities, requiring us to be on our toes.
One example of this is how U.S. soldiers accidentally exposed the location of their bases and outlines via their fitness app, Strava. This case was brought to light in 2016 when Strava released a heatmap of their fitness app usage. After a little digging, people were able to identify U.S. military bases in Iraq, Afghanistan, and Africa, as the map showed the running paths frequently used by soldiers.
This matter was immediately escalated to the Pentagon, which ordered active-duty personnel to avoid using such fitness apps while serving on foreign bases.
However, the U.S. is not the only country that has faced such an issue. During the Russia-Ukraine conflict, Russian soldiers started posting their geo-tagged selfies on social media, revealing their exact locations to the dot. This, in turn, proved to be fatal. One example is a post on VK (a Russian social media platform), where a Russian volunteer posted yet another geo-tagged photo with the 10th Spetsnaz Brigade.
This post was later used by Ukrainian forces to pinpoint the exact location of the troops. They discovered that the troops were stationed at a country club that had been turned
into a temporary base. Shortly after, Ukraine conducted bombings around the area, eliminating the troops. Later, another volunteer posted yet another video of the same place, which further assisted Ukraine in their damage assessment.
Such cases highlight the importance of cyber awareness and having a strong team to enforce OPSEC (Operational Security), along with gathering intelligence on foreign nations using OPSEC. India, having over 1.45 million active personnel, is a big target for such threats. Any active-duty personnel must refrain from using their smartphones around sensitive targets or post any photos on public platforms. They must be trained on how to keep themselves safe on social media and avoid discussing sensitive information with random strangers whom they do not know personally. Such lapses can put not just them, but also the people around them, at risk.
