Trackers Dominate Military Browsing Data (Image Credits: Images.fastcompany.com)
U.S. Army networks in the continental United States exposed personnel’s online activities to extensive corporate data collection during routine browsing.
Trackers Dominate Military Browsing Data
Researchers at the Army Cyber Institute at West Point uncovered a significant presence of surveillance tools within unclassified Army IT systems. Their analysis examined the 1,000 most frequently accessed internet resources over two months. Tracker domains, designed purely to gather user data, comprised 21.2% of those resources.
A deeper look revealed trackers represented about 19% of the top domains yet drove nearly 42% of all web requests. Standard websites with embedded tracking code made up another 10.4% of the sample. The institute’s team highlighted these patterns as a persistent vulnerability in military internet use. They declined interview requests due to Department of Defense restrictions on external engagements.
Key Companies Behind the Data Harvest
Well-known firms powered much of this tracking infrastructure. Domains from Adobe, Microsoft, and Akamai appeared prominently among the most requested resources. These entities specialize in analytics and content delivery but also collect extensive user information.
More concerning entries included TikTok, despite its ban on federal devices over ties to China, along with Google China and a now-defunct gambling site. The study flagged these three for priority review. Such presences raised questions about enforcement gaps and unintended data flows.
Potential Threats from Exposed Information
The trackers captured details like geolocation, email addresses, and browsing histories. Data brokers then aggregated and sold this material as commercially available information. Adversaries could acquire it to profile military personnel’s online behaviors and routines.
Alan Woodward, a cybersecurity professor at the University of Surrey in the U.K., noted the broader context. “For several years there have been concerns about the use of the open internet from military locations and by military and government personnel,” he stated. “This paper makes the alarming point that many domains commonly visited from those using military or government networks are tracking domains.”The full study is available on arXiv.
Echoes of Past Security Lapses
Woodward drew parallels to earlier incidents, such as the 2018 Strava fitness app revelation. Public heat maps from the app inadvertently disclosed base locations and patrol routes worldwide. “It sounds like simple operational security,” Woodward observed, “but still many systems administrators haven’t learned that old lesson that on the internet, if you’re not a paying customer you are the product.”
Military leaders have long warned against open internet access from secure networks. Yet the West Point findings indicated these risks persisted. Strengthening filters and awareness emerged as critical next steps.
- Implement stricter domain whitelisting to block trackers.
- Enhance training on operational security for all personnel.
- Conduct regular audits of network traffic patterns.
- Monitor for banned apps and foreign-linked services.
- Collaborate with tech firms to limit military data collection.
Key Takeaways
- Trackers accounted for 42% of Army web requests despite comprising just 19% of top domains.
- Banned services like TikTok still appeared in traffic data.
- Sold data could aid adversaries in targeting personnel.
This study underscored a fundamental tension: modern operations demand internet access, yet it invites surveillance. Military networks must evolve to protect users without stifling essential tools. What steps should the Army take next? Share your thoughts in the comments.
