Users of a fitness tracking app have inadvertently exposed the locations of military bases by publicly sharing their jogging/cycling routes.
Many service people who use Strava, an app which allows them to record their exercise activity using GPS plotting, are sharing their data publicly. Their movements have ended up in Strava Labs’ Global Heatmap consisting of three trillion latitude and longitude points. That resource provides crucial information about how service people move and, by extension, yields insight into where they are stationed.
— Tobias Schneider (@tobiaschneider) January 27, 2018
For instance, Adam Rawnsley of The Daily Beast used the information to hone in on the location of a possible installation for the U.S. Central Intelligence Agency:
Some heavy jogging activity on the beach around what looks like the reported CIA annex at Mogadishu airport pic.twitter.com/1OLP8zWKGl
— Adam Rawnsley (@arawnsley) January 27, 2018
Others have leveraged the Heatmap to identify patrol routes and bases:
Big OPSEC and PERSEC fail. Patrol routes, isolated patrol bases, lots of stuff that could be turned into actionable intelligence. https://t.co/22h1Io6rpv
— Nick Waters (@N_Waters89) January 27, 2018
Nathan Rouser, a student of international security, first came across on the map on a mapping blog and decided to look deeper, The Washington Post reports. Such curiosity led to his discovery of what appeared to be U.S. soldiers’ activity in Syria. He began tweeting about his findings on Twitter, which led other users of the social media platform to do their own digging. Those investigations have uncovered the locations of potential Patriot missile sites and supply routes connecting bases in Afghanistan.
This is a Security Bloggers Network syndicated blog post authored by David Bisson. Read the original post at: The State of Security