Smartphones: The Next Security Gap

Smartphones: The Next Security Gap

The next major security gaps in the military’s computer networks are likely to be found in the smartphones on which soldiers, sailors and airmen increasingly rely in theater.

The Army may equip every soldier with a smartphone and it has experimented for more than a year with phones and how they might be used at the brigade and below level. The service is seeking NSA certification for iPhones and looking at other ways for them and Android phones to be made secure. But a security briefing today by top research experts at Symantec made clear that both for the military and the general public, security may become a major preoccupation of cell phone users.

Smartphones “are a really rich target,” Joe Pasqua, VP for research at Symantec, said in a briefing for reporters today. For example, Android phone applications receive no security screening before they are released, and iPhone apps receive a cursory scrub. Those apps could be loaded with malware “that can take down a cell tower,” he said. Currently, Android phone face four known malware threats, he said.

In addition to the possible threat from apps, cell phones can be formed into botnets, remotely controlled computer devices turned into a malicious network that hackers have used to great effect in attacking computer networks. Pasqua was careful to note that no one has yet created a botnet with cell phones, but he says it can be done.

The military has ways to make phones more secure, including encryption. Turning off the voice portion of the phone and only allowing it to use the data network would help, Pasqua said. That way all data transmissions can be encrypted, including voice communications using Voice over Internet Protocol (VoIP). Also, locking the phone and only allowing the use of approved apps would help, the Symantec security expert said. The same thing is often done with company-issued laptops.

The military has struggled for the last few years to plug the many online and physical holes in its networks. Buzz readers will remember the now famous episode of the thumb drives strewn in the Pentagon parking lot which, when attached to a computer, introduced pernicious software that appeared to be a cross between a worm and a virus.

Join the Conversation

I won’t pretend to be an expert on this subject, but it seems strange to equip soldiers with the same technology teenage girls carry around in their skinny jeans…

…I would suggest the Army develop their own device, but that would probably turn into a billion dollar debacle.

see the french system felin, they make it in production and with most adavances technology who exist.
They can communicate with that, take photo for give immediately to the HQ, they can speack low, because the sound was give by bones quiver , all soldiers have friend postion in the screen, have one camera for shoot in the corner.…
For one time france have the most advanced combat system in the world, felin was one of the part of future french army, all vehicule gonna be equiped with one similar system.If you will find what is the future army, you need go in france.

These phones are to a degree providing the type of low level networking that FCS program spent millions to develope but failed to field. But starting over, do you invest millions to make a device thats already recieved hundreds of millions of dollars of private R&D or do you start from scratch and invest hundreds of millions of taxpayer money to get something that no one has experiance developing software for?

The Army would be a big enough purchaser it could just simply contract an “Army” configuration of the Iphone or Android phone. The military wants more private R&D and innovation, but too often it is ignored in favor efforts that “reinvent the wheel.”

ANy phone just as any vehicle with a GPS signal can be tracked — just because countries such as Afghanistan may not have the capeability they have allies that do and can pay for that info. We constantly get messages on breaches from phones and computers no matter how many security filters and fire walls we put up. Putting this much tech on our troops just allows the bad guys to track our movements from safer distances and gives them early warning to troops moving in thier direction. WHile I’m glad that I’m retired and dont have to deal with this stupidity I also feel for our troops being put in harms way due to it because some arm chair warrior deems it so because its neat.

… instead of going spending millions on hi tech to compensate for security issues (which is essentially a negative sum game), why not take advantage of low tech (such as SMS interactions) which is MUCH less vulnerable, generally more robust and effective.

It is so simple for the French Command and control. Three Commands, Retreat, Surrender, Call for dinner reservations. The Foreign Legion does not require these high tech toys.

The purpose of an Army smartphone seems ambiguous. Are we talking about a commo unit on the Soldier during actual operations, or a smartphone for time in garrison to hold files and do backend stuff like display training manuals?

Like everything else, instead of rotating between swooning over a new device and getting all technophobic, the Army needs to do a realistic assessment of the capabilities and limitations of these devices, and work the Tactics, Techniques and Procedures accordingly. Like when going into a theater, there will be times when the thing to do is turn the device — off.

i pray god if you don’t was one kid

“I won’t pretend to be an expert on this subject, but it seems strange to equip soldiers with the same technology teenage girls carry around in their skinny jeans… ”

…and this type of thinking is why everything that the military buys costs so much, takes so long, and does so little compared to civilian gear.

I’m reminded of “autistic mode” from Standalone Complex…

Seems like a great concept and it could work with the proper encryption. Not only will it allow for immediate intelligence updates, it would be inexpensive compared to SINGARS since it is a commercial item. There is no need to reinvent the technology. Regarding hackers, I think it depends on the area of operations and the capabilities of the enemy. The military has to continue to be high-tech to stay one step ahead of potential threats.

The difference is that when the French order something they expect it to work, when we order something we expect to get re-elected.

I think if we have the phones rooted/jail broken we could install a secure OS in field and when they leave the area they give the phone to techs who wipe it then reinstall the civilian version of the phone for stateside work. It could be made so that they can’t get into the recovery part of the phone without a docking station and password so the phone can only be wiped by those with clearance. This is a process that could take less then 30 minutes per phone, that’s the whole ‘save-wipe-install’ I do this all the time with my phone going from a mod to preinstalled provider OS. Its only hampered by how much crap you install on the phone.


NOTE: Comments are limited to 2500 characters and spaces.

By commenting on this topic you agree to the terms and conditions of our User Agreement

AdChoices | Like us on , follow us on and join us on Google+
© 2015 Military Advantage
A Monster Company.