Was Iran spying on US troops? Tehran Allegedly Abused Mobile Networks During War: Report | Today’s news

US military personnel and contractors based in West Asia were allegedly targeted in a coordinated cyber surveillance campaign during the Iran war, with actors linked to Tehran exploiting vulnerabilities in global telecommunications networks and commercial smartphone data to track their locations, a Financial Times report said.

The surveillance campaign developed in the weeks before the US-Israeli military operation against Iran in late February and continued after Tehran launched drone and missile attacks on US military installations across the Middle East, the report said, citing telecommunications data from the Mobile Surveillance Monitor research project.

According to a research project, mobile networks across West Asia have seen an increase in suspicious location requests known as SS7 pings, queries sent via Signaling System No. 7 (SS7), a decades-old telecommunications protocol that allows mobile operators to exchange information when subscribers move outside their home networks.

How SS7 enables tracking

Cyber ​​security experts who examined the data told the Financial Times that the volume and pattern of requests suggested a coordinated effort to identify the location of specific mobile devices.

SS7 is the backbone of global telecommunications roaming services, but has long been criticized for security weaknesses that allow entities with legitimate network access to determine a mobile phone’s approximate location. Since Iranian telecom operators maintain roaming agreements with networks in the Persian Gulf and the wider Middle East, they have the technical capabilities to send such requests beyond Iran’s borders, the report said.

“Iran absolutely has the capabilities to acquire real-time, instantaneous and continuous location information. I would be very surprised if Iran was not using SS7 or mobile network access in the region to track US users,” Gary Miller, senior researcher at Citizen Lab cybersecurity, told the Financial Times.

In addition to exploiting telecommunications infrastructure, Iran-linked actors are also suspected of using commercially available smartphone advertising databases to identify the location of devices, particularly in Iraqi Kurdistan, according to a US official cited by the newspaper.

CENTCOM warning in April

Investigators have not found a direct link between the digital surveillance campaign and any specific missile or drone attack. However, several attacks during the conflict targeted hotels in Iraq, Bahrain, home of the US Navy’s Fifth Fleet, and other locations in the Persian Gulf where US military personnel and contractors were present, raising concerns that digital surveillance may have aided Iranian targeting.

The US Central Command (CENTCOM) warned Congress in April that it had received “numerous reports of threats involving the misuse of commercial location data by an adversary to target or track US personnel in theater”.

CENTCOM said it had implemented “unprecedented force protection measures” to protect US troops, but declined to provide operational details. A US official also told the Financial Times that any suggestion that digital surveillance played a significant role in the attacks “is a departure from the facts”.

The findings renewed scrutiny of long-standing vulnerabilities in mobile telecommunications systems.

The growing sophistication of Iran’s cyber capabilities

According to The New York Times, data released by the Mobile Surveillance Monitor showed a wave of requests for SS7 signaling across many telecommunications networks in the Middle East at the start of the conflict. Experts who examined the data said it appeared to be consistent with Iranian efforts to locate US personnel using local mobile networks.

Nikita Shah, a cybersecurity researcher at the Center for Strategic and International Studies, told the publication that the operation reflects the growing sophistication of Iran’s cyber capabilities.

“Iran has become quite creative over the last couple of years, and especially in this conflict. To me, that’s a step forward in sophistication,” she said.

US lawmakers have also raised concerns about the national security risks posed by commercially available location data.

Concerns extend beyond SS7. Former CIA official Michael Stokes told the Financial Times that modern smartphones constantly generate “digital exhaust” containing location information, movement patterns and other metadata that can reveal sensitive information, even if the device itself has not been compromised.

Similar Posts