Over the weekend, news broke that Strava, a fitness-tracking app, is revealing potentially sensitive information about military bases and supply routes via its global heatmap website.The data map shows 1 billion activities and 3 trillion points of latitude and longitude from “Strava’s global network of athletes”, according to the American company. IT security experts commented below.
Tom Bonner, Senior Manager of Threat Research EMEA at Cylance:
“This incident serves to highlight a distinct lack of operational security employed by various government organisations around the world. Access to personal communication devices with geolocation services should be banned in sensitive/restricted locations, and broader assessments and awareness training undertaken by employers to understand and mitigate the potential risk posed by these types of services.”
.
Oliver Pinson-Roxburgh, EMEA Director at Alert Logic:
“I have seen some bizarre arguments on this in the past with people asking why we should care about hacking devices for location, arguing what could actually be done with the information. The military issues associated with this are alarming, and the military should be regularly testing these issues much like businesses should. There should really be no personal equipment or devices allowed during military operations, and military issued devices should be put through much more rigorous testing to look for different types of threats and risks to that of a commercial product.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.