An investigation by Le Monde reveals that Strava, the famous running app, can track the movements of military personnel working on French nuclear-powered ballistic missile submarines (SNLE). They are designed to carry and launch ballistic missiles with nuclear warheads discreetly. These submersibles are designed to disappear into the ocean, unbeknownst to foreign powers. They play a central role in nuclear deterrence, the military strategy aimed at preventing any conflict by dissuading an adversary from launching an attack.
According to investigations carried out by our colleagues, some of the military personnel at the French base on the island of Longue, in Finistère, use the app to share their sporting prowess via a public profile. However, they work within a veritable "security fortress", reports Le Monde, considered to be the most secret base in the French Navy. It houses four nuclear-powered ballistic missile submarines, each capable of launching 16 nuclear missiles.
A confidential operation exposed
Despite the security measures taken by the Navy, these soldiers have taken to sharing their running sessions along the docks with free access on Strava. The application shows that users are located on the island of Longue. This data makes it possible to understand the operation of the patrols carried out by the submarines, which are obviously confidential.
For example, a submarine that has gone on patrol will deprive its crew of an Internet connection. The soldiers will not be affected by Strava's daily updates. Once they return, they will be visible again on the application, which makes it possible to understand that they have been on patrol for several weeks within a submarine. If several submariners regularly train near the docks where the submarines are stationed and suddenly stop their sessions, this could indicate that they are leaving on a mission. Little by little, it is possible to guess the frequency and movements of the patrols.
Moreover, some of the military personnel who are keen on Strava are identifiable on the platform. It is indeed easy to trace the identity of a submariner by consulting the public profiles on the application. Most of the individuals caught use their real name, and not a pseudonym.
The problem with smartwatches
To avoid this type of leak, the Navy has however banned smartphones in a large part of the base. These "must be stored in specific lockers at multiple checkpoints", the investigation explains. Unfortunately, some soldiers use a connected watch to record their sessions and share them on Strava. These accessories escape the regulations in force on the base.
They record the data, even without a smartphone or the slightest Internet connection, and then synchronize the Strava profile of the soldiers. This is why they compromise potentially sensitive information. According to the investigators, more than 450 soldiers made the mistake of sharing location data on Strava in the space of ten years. They contravene the recommendations made by the guide on the use of social networks for military personnel, published by the Defense Information and Communication Delegation in 2018. This guide asks military personnel to deactivate the location function of all their devices.
"Negligence" in the Navy
Contacted by Le Monde, the French Navy acknowledges "Negligence" within its ranks. Despite everything, the activities carried out from the Île-Longue base are not compromised, the Navy believes.
This is already the second time that the running application has compromised sensitive information related to France's national security. Last fall, an investigation by Le Monde had already revealed that it was possible to track Emmanuel Macron's movements via Strava. The president's bodyguards had indeed taken up the unfortunate habit of sharing their running sessions on the platform, which presents itself as the "social network for athletes".
Source: Le Monde
0 Comments