Smartphones issued by the Pentagon are routinely loaded up with dating apps, games, and possibly TikTok, posing a potential national security risk, according to a US government report.
The findings come from the Department of Defense Office of Inspector General, which was spotted by Gizmodo(Opens in a new window). On Thursday, the agency released(Opens in a new window) a report that found segments of the US military have been allowing personnel to install unauthorized software from public app stores.
That’s a problem because many apps can collect personal data from smartphones without the user’s full knowledge. In some cases, apps can also be secretly malicious and hijack a device to control the camera and microphone or pull data from the GPS.
“Many unmanaged applications routinely require access to a user’s contact list, location data, and photo library that could reveal sensitive DoD locations and information,” the inspector general adds.
The report(Opens in a new window) refrains from naming the apps that were installed on the government devices. But it notes that Pentagon personnel were found using apps for video streaming services, fantasy football, dating, and for “short-form video creation,” a possible reference to TikTok. In December, President Biden signed an order banning TikTok from government devices over concerns the Chinese government could pressure the app to spy on Americans.
In other cases, Pentagon personnel have been using “unmanaged electronic messaging applications” to conduct official business, which represents a violation of federal record retention policies. The investigation also found personnel using apps from a Chinese-drone maker, an act that the Defense Department banned in 2018 over cybersecurity concerns.
The inspector general’s report blames the Defense Department’s lack of “a comprehensive mobile device and application policy” for the unauthorized app use. In addition, at least some US military departments have provided no training to personnel on acceptable app use.
Recommended by Our Editors
“Contributing to the issue, DoD mobile device users cannot easily identify which of the mobile applications on their DoD mobile devices have been approved for official DoD business,” the report added.
The Defense Department did not immediately respond to a request for comment. However, the inspector general’s report notes the Pentagon is trying to crack down on the problem. This includes pulling app store access for staffers “without a justifiable need,” and removing apps deemed a security risk from government mobile devices.
The report from the inspector general also offers several recommendations on how the problem could be fixed. Still, it notes “management officials did not fully address or did not respond” to 14 of the recommendations.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Hits: 0
