How Iran spied on US troops via mobile networks to track exact location during war
The Iran war may have unfolded on more than one battlefield. Alongside missile strikes and military operations, a covert cyber campaign by Iran tracked US
The Iran war may have unfolded on more than one battlefield. Alongside missile strikes and military operations, a covert cyber campaign by Iran tracked US troops and contractors through Middle Eastern mobile networks and smartphone data, according to a Financial Times report that cited telecom data, cybersecurity experts and officials familiar with the matter. The report said the suspected surveillance campaign took place in the weeks leading up to the US-Israeli military operation against Iran in late February and continued after Tehran retaliated with missile and drone attacks on American bases across the region. Read Full Story US lawmakers have repeatedly warned that weaknesses in global mobile phone systems and commercial location-tracking technology may have exposed American troops to surveillance during an active conflict. CYBER CAMPAIGN TARGETED US PERSONNEL According to the Financial Times, telecommunications data obtained from the Mobile Surveillance Monitor research project showed a surge in suspicious requests known as SS7 pings. SS7 is an old signalling protocol used by telecom companies to help mobile phones connect while roaming outside their home networks. If manipulated, it can reveal the approximate location of a phone without the user's knowledge.
Two cybersecurity experts who reviewed the data told the newspaper that the volume and pattern of the requests pointed to a coordinated campaign aimed at identifying specific devices rather than random activity. Officials in Gulf countries suspected that Iran or groups aligned with Tehran exploited roaming agreements with regional telecom providers to locate US military personnel and contractors. The report said Iranian mobile operators have roaming arrangements with networks across the Gulf, giving them the technical ability to send these requests beyond Iran's borders. COMMERCIAL DATA ALSO UNDER SCRUTINY The alleged surveillance campaign was not limited to telecom networks. According to the report, US officials also believe actors linked to Iran misused commercially available smartphone databases to identify the locations of phones in Iraq's semi-autonomous Kurdistan region. technology routinely collects location information from smartphones to deliver targeted. security experts have long warned that the same data can be purchased or accessed to monitor individuals without directly hacking their devices. Cybersecurity researcher Gary Miller of Citizen Lab said Iran has the capability to collect real-time location data. "Iran absolutely has capabilities to get real-time, immediate, and continuous location information," Miller told the Financial Times.
