American service members around the world have potentially been violating operational security by using the popular fitness tracking application Strava during workouts. As a result of the run tracking software, maps of installations manned by forward deployed service members, as well as their frequently traveled routes, have surfaced online, potentially providing valuable intelligence to the enemy.
While there are a number of fitness tracking apps available for the smart phones that have become prevalent in recent years, Strava touts itself specifically as “the social network for athletes.” The application allows runners and cyclists to compete against others by posting maps of terrain covered along with a variety of statistics regarding the workout. In a best case scenario, this form of sharing data permits users to compare their workouts to others who have either covered the same terrain, or by comparing the pertinent details of workouts conducted in different places.
In a worst case scenario, however, Strava’s “heat mapping” offers up an easy to track read-out of installations, including supposedly clandestineclandestineclandestine ones, all around the world.
“This is literally what 10,000 innocent individual screw-ups look like,” Scott Lafoy, an open-source imagery analyst, said of the revelation. “A lot if it is going to be a good reminder to security services why you do opsec (operational security) and why you do manage this sort of thing, and everyone is going to really hope it doesn’t get a couple people killed in the meantime.”
That’s not the only OPSEC concern presented by this form of run mapping – it also offers valuable intelligence on what many refer to as “patterns of life,” an important element in devising offensive operations against a location or group of people. Collecting pattern of life data allows you to better understand a subject’s habits, improving your chances at predicting future actions of those being observed, an important part of planning an attack, among other things.
Special Forces Forward Operating Base in Syria, as depicted by Strava’s heat mapping. (Strava)
“There is no excuse, given all the OPSECtraining we provide, for giving away positions through phone applications,” explained Danielle Bizier, a former counter intelligence officer and instructor with the Defense Intelligence Agency and SOFREP contributor. “These guys should have known better. And if they genuinely didn’t, then clearly we are doing a piss poor job of providing that OPSEC training.”
The Department of Defense has acknowledged that they are currently looking into the problem, and will release further guidance or updates to standard operating procedures as deemed appropriate, according to a statement released over the weekend. For their part, Strava said only that they are invested in helping users better understand how to properly utilize the privacy settings provided within the application.
“The coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain coalition sites and during certain activities. We will not divulge specific tactics, techniques and procedures,” U.S. Central Command wrote in a statement over the weekend.
American service members around the world have potentially been violating operational security by using the popular fitness tracking application Strava during workouts. As a result of the run tracking software, maps of installations manned by forward deployed service members, as well as their frequently traveled routes, have surfaced online, potentially providing valuable intelligence to the enemy.
While there are a number of fitness tracking apps available for the smart phones that have become prevalent in recent years, Strava touts itself specifically as “the social network for athletes.” The application allows runners and cyclists to compete against others by posting maps of terrain covered along with a variety of statistics regarding the workout. In a best case scenario, this form of sharing data permits users to compare their workouts to others who have either covered the same terrain, or by comparing the pertinent details of workouts conducted in different places.
In a worst case scenario, however, Strava’s “heat mapping” offers up an easy to track read-out of installations, including supposedly clandestineclandestineclandestine ones, all around the world.
“This is literally what 10,000 innocent individual screw-ups look like,” Scott Lafoy, an open-source imagery analyst, said of the revelation. “A lot if it is going to be a good reminder to security services why you do opsec (operational security) and why you do manage this sort of thing, and everyone is going to really hope it doesn’t get a couple people killed in the meantime.”
That’s not the only OPSEC concern presented by this form of run mapping – it also offers valuable intelligence on what many refer to as “patterns of life,” an important element in devising offensive operations against a location or group of people. Collecting pattern of life data allows you to better understand a subject’s habits, improving your chances at predicting future actions of those being observed, an important part of planning an attack, among other things.
Special Forces Forward Operating Base in Syria, as depicted by Strava’s heat mapping. (Strava)
“There is no excuse, given all the OPSECtraining we provide, for giving away positions through phone applications,” explained Danielle Bizier, a former counter intelligence officer and instructor with the Defense Intelligence Agency and SOFREP contributor. “These guys should have known better. And if they genuinely didn’t, then clearly we are doing a piss poor job of providing that OPSEC training.”
The Department of Defense has acknowledged that they are currently looking into the problem, and will release further guidance or updates to standard operating procedures as deemed appropriate, according to a statement released over the weekend. For their part, Strava said only that they are invested in helping users better understand how to properly utilize the privacy settings provided within the application.
“The coalition is in the process of implementing refined guidance on privacy settings for wireless technologies and applications, and such technologies are forbidden at certain coalition sites and during certain activities. We will not divulge specific tactics, techniques and procedures,” U.S. Central Command wrote in a statement over the weekend.
The damage, however, may already be done. With billions of data points logged the world over, it may simply be a matter of time before America’s enemies discover a way to leverage the information available in an effective way. Even if the heat mapping of sensitive sites is removed from Strava’s online maps, the data has already reached the internet, where valuable information has a knack for resurfacing.
Featured image created using images from Wikimedia Commons, Pixels
As someone who’s seen what happens when the truth is distorted, I know how unfair it feels when those who’ve sacrificed the most lose their voice. At SOFREP, our veteran journalists, who once fought for freedom, now fight to bring you unfiltered, real-world intel. But without your support, we risk losing this vital source of truth. By subscribing, you’re not just leveling the playing field—you’re standing with those who’ve already given so much, ensuring they continue to serve by delivering stories that matter. Every subscription means we can hire more veterans and keep their hard-earned knowledge in the fight. Don’t let their voices be silenced. Please consider subscribing now.
One team, one fight,
Brandon Webb former Navy SEAL, Bestselling Author and Editor-in-Chief
Barrett is the world leader in long-range, large-caliber, precision rifle design and manufacturing. Barrett products are used by civilians, sport shooters, law enforcement agencies, the United States military, and more than 75 State Department-approved countries around the world.
PO Box 1077 MURFREESBORO, Tennessee 37133 United States
Scrubba Wash Bag
Our ultra-portable washing machine makes your journey easier. This convenient, pocket-sized travel companion allows you to travel lighter while helping you save money, time and water.
Our roots in shooting sports started off back in 1996 with our founder and CEO, Josh Ungier. His love of airguns took hold of our company from day one and we became the first e-commerce retailer dedicated to airguns, optics, ammo, and accessories. Over the next 25 years, customers turned to us for our unmatched product selection, great advice, education, and continued support of the sport and airgun industry.
COMMENTS
There are on this article.
You must become a subscriber or login to view or post comments on this article.