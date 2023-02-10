Business Maverick

Dating apps, yacht research found on Pentagon phones despite ban

Dating apps, yacht research found on Pentagon phones despite ban
An aerial view of the Pentagon building in Washington, taken on 15 June 2005. pentagon
By Bloomberg
10 Feb 2023
Defence Department employees are downloading mobile applications to their work telephones that pose “operational and cybersecurity risks”, the department’s inspector general said in a report that stemmed from concern about the Chinese-owned video service TikTok and other messaging apps.

Employees are conducting official business on their work devices “using mobile applications in violation of Federal and DoD electronic messaging and records retention policies”, the inspector general’s management advisory said. The activities ranged from online dating to games, cryptocurrency reviews and scouting for luxury yachts, according to the “management advisory” released on Thursday.

Pentagon agencies “lacked controls over personal use of DoD mobile devices to ensure that personal use was limited, complied with DoD policies and regulations, and did not pose operational and cybersecurity threats to the DoD”, the watchdog agency said. The report said the Defence Department provides off-the-shelf mobile phones and cell service to “select” department personnel to conduct official business but doesn’t say how many employees qualify.

The unauthorised applications “included photo and video editing, telehealth, weather, maps, and fitness applications”, the inspector general said. “In addition, some of the unauthorised unmanaged applications that users downloaded to DoD devices had known cybersecurity risks, operational security risks, potentially inappropriate content, or represent unacceptable use of DoD mobile devices.”

The report was the result of an investigation that stemmed from questions by Senate Judiciary Chairman Dick Durbin last year about texts that may have been deleted by departing Trump administration defence officials concerning the attack on the US Capitol.

“Today’s report raises more questions than it answers,” Durbin, an Illinois Democrat, said in a statement on Thursday. “Was the disappearance of critical information related to the [6 January 2021] insurrection a result of bad faith, stunning incompetence, or outdated records management policies?  We still do not know. But this report illustrates the key vulnerabilities and failures that the Defence Department needs to immediately address.”

TikTok concerns

The management advisory didn’t mention any apps by name. But the Pentagon and military services have expressed worries about TikTok, banning the Chinese-owned short video app from installation on government-issued smartphones in late 2019. 

Still, two of the applications the inspector general discovered “were from a Chinese commercial off-the-shelf drone manufacturer that allows users to fly drones and capture, edit, and share images.” These were after the Pentagon disclosed in 2021 that the Defence Department had issued a ban in 2018 on the purchase and use of all commercial off-the-shelf drones, regardless of manufacturer, due to cybersecurity concerns.

Even seemingly harmless commercial applications pose a threat to Defense Department “information and information systems when they require unnecessarily invasive permissions on DoD mobile devices,” the inspector general’s office found. Video games, shopping and weather applications “routinely require access to a device’s contact list, messaging platforms, location data, or other personal information, and often lack sufficient security or encryption standards”.

The report contained a number of instances in which  key details were blacked out after the Pentagon declared the information “Controlled Unclassified Information.” These included the number of devices examined and number of times various unauthorised, unmanaged applications were installed. BM/DM

