Operational Security, OPSEC, is a part of the lexicon of every Facility Security Officer, every Counterintelligence Officer, and every member of the uniformed services from day one. Actions and words can and will be used by an adversary as they conduct analysis to put together not only their analytic situational understanding but also their targeting matrix.
The recent article in The Intercept on the alleged marriage of capabilities of Anomaly Six and Zignal Labs to track and collate mobile phone location data and social media purchased directly from Twitter drives home the importance of OPSEC with a sledgehammer.
Anomaly Six and Zignal Labs
Allegedly, Anomaly Six uses cellphone location tracking technology which they purchase “location data, tracking hundreds of millions of people around the world.” According to The Intercept, smartphone apps harvest individual’s location and then send it on to advertisers. The advertisers then apparently resell this data to entities like Anomaly Six. This daisy chain of location data goes to one or more apps and then onward to advertisers, with each step collating and analyzing the data, and it paints one aspect of an individual’s actions and location.
We don’t need to go far back in history to remember the exploitation of health apps GPS tracking which detailed government employee exercise pathways in proximity to key government locations.
How much data are we talking about Anomaly Six allegedly compiling? The “dragnet yields between 30 to 60 location pings per device per day and 2.5 trillion locational data points annually worldwide.” In addition, according to the article, the company has accumulated an email library consisting of over two billion email addresses and individual information associated with the various app registration process.
The other side of the equation, alleged in the article, hinges on the capabilities of Zignal Labs which apparently purchases the Twitter firehose of millions of Tweets. Thus, the Twitter stream, a disparate but relatable data set, is melded with the location data harvested from a user’s device produces – an end result which contains a more finite level of location and perhaps in the aggregate contextual specificity.
The article also alleges that this capability has been used against the United States Defense Department users, has been demonstrated as able to track the Russian military buildup around Ukraine.
Indeed, the ability to walk a given mobile phone’s locations back in time was demonstrated. Using geofencing around the NSA and CIA Headquarters’ buildings as the starting point, 183 separate phones were identified, via commercial capabilities, available for purchase, able to be tracked both historically and going forward. In the demo discussed in the article, an individual was traced between various locations and based on “regularity” their home residence location was deduced with a Google Street View associated view of the location. The next step is easy enough. Delve into public records to identify who resides at the given location.
A foreign intelligence services dream tool.
Yes, an OPSEC nightmare.
Weaponizing mobile phone tracking was recognized early in Russia’s war of choice against Ukraine. On February 26, two days after the initiation of the conflict, the Ukraine Ministry of the Interior asked individual cell phone users to turn off their geolocation capability on their phones as the Russian military was using this information to track Ukraine movements and gathering points.
Then on May 13, retired U.S. Army General Mark Hertling commented in a Tweet how Russian use of cell phones “shows a lack of OPSEC in the Russian army” within the context of a map of Russian cell phone sims overlaid on the Ukraine-Russia front.
Certainly reinforces what intel is showing, and the priority of effort on two of the Russian fronts. Also shows a lack of OPSEC in the Russian army. https://t.co/yFzVhhQqxg
— Mark Hertling (@MarkHertling) May 12, 2022
Zignal and Anomaly Six statements
Zignal’s spokesperson, Tom Korolsyshun told The Intercept, “Zignal abides by privacy laws and guidelines set forth by our data partners.” Zignal added, “While Anomaly 6 has in the past demonstrated its capabilities to Zignal Labs, Zignal Labs does not have a relationship with Anomaly 6. We have never integrated Anomaly 6’s capabilities into our platform, nor have we ever delivered Anomaly 6 to any of our customers.”
While Anomaly Six’s co-founder, Brendan Huff, told The Intercept via email, “Anomaly Six is a veteran-owned small business that cares about American interests, natural security, and understands the law.”
FSO’s will be well served to advise all personnel of the above commercial off the shelf capability, which no doubt is duplicated by nation states and thus an OPSEC threat to any and all government classified engagements. A threat as detailed above, which is both exploitable domestically, as well as when deployed abroad.