THE RISK OF PERSONAL SMART DEVICES IN THE OPERATIONAL SECURITY FOR MILITARY BASES, PERSONNEL AND MISSIONS
DOI:
https://doi.org/10.17770/etr2025vol2.8616Keywords:
AI, Cyber Threats, Smart Device, OPSECAbstract
The increasing integration of personal smart devices into military operations has significantly expanded the attack surface, introducing critical security vulnerabilities. This paper explores how smart devices can compromise operational security (OPSEC) through unauthorized data leaks, cyber exploitation, and geolocation tracking. It examines real-world incidents, including security breaches during the Russian-Ukrainian conflict and the exposure of military bases via fitness tracking applications. Additionally, the study analyses adversarial tactics that leverage AI-driven OSINT and behavioural analytics to exploit smart device vulnerabilities. Finally, mitigation strategies, including policy recommendations and technical countermeasures, are discussed to enhance the cybersecurity posture of military personnel and operations.
References
J. K. Kirschbaum et. al., "Internet Of Things: Enhanced Assessments and Guidance Are Needed to Address Security Risks in DOD," United States Government Accountability Office, Washington, USA, Report to Congressional Committees GAO-17-668, 2017.
M. Koller, "Recommendations for Safety-Conscious Smart Device Use by Military Professionals", AARMS., Vol. 21, № 2, pp. 5-14, 2022, https://doi.org/10.32565/aarms.2022.2.1. DOI: https://doi.org/10.32565/aarms.2022.2.1
K. Dhondt et al., A Run a DayWon’t Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks, Conference on Computer and Communication (CCS ’22), November 7-11, 2022, Los Angeles, CA, USA. New York, NY, USA, 16 pages, 2022, https://doi.org/10.1145/3548606.3560616. DOI: https://doi.org/10.1145/3548606.3560616
A. Nocks, The Geointelligence Revolution: Real-Time Reconnaissance and Its Dangers, PIPS, Institute for the Theory and Practice of International Relations, Williamsburg, Virginia, USA, 2018.
Data and Defense: The Case of Strava, Feb. 2, 2018. [Online]. Available: https://medium.com/dfrlab/data-and-defense-the-case-of-strava-6b56ee3b1a2. [Accessed: Feb. 22, 2025].
Russian commander who posted running routine on app is murdered while exercising, July 11, 2023 [Online]. Available: https://g1.globo.com/mundo/noticia/2023/07/11/comandante-russo-que-publicava-rotina-de-corrida-em-aplicativo-e-assassinado-quando-se-exercitava.ghtml [Accessed: Feb. 22, 2025]
S. Szymoniak and K. Foks, “Open Source Intelligence Opportunities and Challenges – A review”, Advances in Science and Technology Research Journal, Vol 18, № 3, pp 123-139, 2024, https://doi.org/10.12913/22998624/186036. DOI: https://doi.org/10.12913/22998624/186036
S. Grooby, T. Dargahi and A. Dehghantanha. Protecting IoT and ICS platforms against advanced persistent threat actors: Analysis of APT1, in In Handbook of Big Data and IoT Security, Springer, Cham, 2019, pp. 225-255. DOI: https://doi.org/10.1007/978-3-030-10543-3_10
D. Dimitrov and D. Nikolov, Current Cybersecurity Issues in the Industrial Control System of Nuclear Power Plants, Vol. 2, Conference on Radiation Safety in the Modern World, November 16-18, 2022, Veliko Tarnovo, Bulgaria, 8 pages, 2022, https://doi.org/10.34660/INF.2023.43.56.040. (In Bulgarian). DOI: https://doi.org/10.34660/INF.2023.43.56.040
N. Takpah and V. Oriakhi, “Cybersecurity Challenges and Technological Intergration in Military Supply Chain 4.0”, Journal of Information Security, Vol. 16, № , pp. 131-148, 2025, https://doi.org/10.4236/jis.2025.161007. DOI: https://doi.org/10.4236/jis.2025.161007
Haaretz Investigation: Intelligence Operation Collected Information on Sensitive Israeli Bases, Soldiers, Oct. 29, 2024. [Online]. Available: https://www.haaretz.com/israel-news/security-aviation/2024-10-29/ty-article-magazine/.premium/intelligence-operation-collected-information-on-sensitive-israeli-bases-soldiers/00000192-d7bb-df2b-a5db-d7bf8d440000 [Accessed: Feb. 22, 2025].
V. Atanasov and Y. Sivkov, Evaluating Yolov5 Models on Thermal Imagery for Aerial Drone Applications, Conference 23rd International Symposium on Electrical Apparatus and Technologies (SIELA), June 12-15, 2024, Bourgas, Bulgaria, 4 pages, 2024, https://doi.org/10.1109/SIELA61056.2024.10637871. DOI: https://doi.org/10.1109/SIELA61056.2024.10637871
Strava oficial site. [Online]. Available: https://www.strava.com/maps/global-heatmap?sport=All&style=dark&terrain=false&labels=true&poi=true&cPhotos=true&gColor=blue&gOpacity=100#1.5/31.1/12.5 [Accessed: Feb. 22, 2025].
Fitness Tracker Data Highlights Sprawling U.S. Military Footprint in Africa, Jan. 29, 2018. [Online]. Available: https://theintercept.com/2018/01/29/strava-heat-map-fitness-tracker-us-military-base/ [Accessed: Feb. 22, 2025].
D. Brown, “Here are some of the biggest reveals from a fitness-tracker data map that may have compromised top-secret US military bases around the world”, Jan. 29, 2018. [Online]. Available: https://www.businessinsider.com/strava-heatmap-most-revealing-images-2018-1 [Accessed: Feb. 22, 2025].
An American fitness app leaked global military bases. Do we still dare to publish our running records?, Jan. 30, 2018 [Online]. Available: https://kknews.cc/world/l2ba32g.html#google_vignette [Accessed: Feb. 22, 2025].
French submarine crew accidentally leak sensitive information through Strava app, Jan. 15, 2025. [Online]. Available:https://www.euronews.com/2025/01/15/french-submarine-crew-accidentally-leak-sensitive-information-through-strava-app [Accessed: Feb. 22, 2025].
M. Maroun and A. Ivanova, Ontology-based approach for cybersecurity recruitment, Applications of Mathematics in Engineering and Economics (AMEE ’20), June 7-13, 2020, Sofia, Bulgaria, 11 pages, 2021, https://doi.org/10.1063/5.0042320. DOI: https://doi.org/10.1063/5.0042320
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Dimitar Dimitrov, Iliyan Iliev
This work is licensed under a Creative Commons Attribution 4.0 International License.
