Are pictures taken on military training field and posted by soldiers on social media dangerous to the army? It appears that even quite insignificant data we publish online can pose threat.
2018, Latvia. During international military maneuvers, close to the border with Russia, thousands of soldiers from different NATO states participated in the exercise. Meantime, between trainings, they would browse websites on their smartphones. One of the websites was particularly popular. It was said to have been created by soldiers as an online platform for exchanging opinion and discussions on important and light subjects. The users could also use links of different kind to do shopping or log into a popular dating site. Several people ordered T-shirts, and shared their home address for delivery purpose. Others were flirting with women, sending them their pictures in uniforms. Not only would they tell the women their true names, but also reveal their military ranks. Encouraged by women, they would also send pictures from military maneuvers. Once or twice, they even left their posts of duty.
Soldiers got caught in a trap set by the employees of the Riga-based NATO Strategic Communications Center of Excellence, who have created the website, fictional online store, and pretended to be women on a dating site. All the effort to detain mistakes made by soldiers. The idea was to prove that access to sensible data is not at all hard to get, as it may have seemed to the army. Information collected this way can be used by an adversary, enemy intelligence or hackers.
“We have tested how online environment can be used, and how the data you can find there can affect soldiers. It’s worth to keep in mind that every time we’re online, we leave a digital trace there. If someone has at his disposal the right knowledge and technology, he can collect these traces and ultimately end up with very precise, complex data base about a specific person, or even about the things this person would rather best keep secret. Based on these data, he can in a certain way influence, imperceptibly for the receivers, their behavior,” says Janis Sarts, Director at NATO Strategic Communications Center of Excellence, about the experiment. “This shows, how easily our adversary can find precious information and attack NATO forces using accessible online data. For that reason, we should pay attention not only to the content of information we publish online, but also to the fact with whom we share them, whom we invite to our contacts, what apps we have in our smartphone, or even what type of such device we use. Each of these elements is essential. Some of the NATO states work on intensifying their regulations in this area as regards soldiers, and define what they can do online,” adds Sarts.
Problem Is Now, Solutions Will Come
There is no single unified and obligatory in all NATO states list of recommendations for what a soldier can or cannot do online. Obviously, the Alliance outlines the guidelines on strategic communications, but any detailed regulations belong to specific member states. Generally speaking, it all comes down to the fact that no so-called sensible data should be posted online. What does it mean? “Everyone, not only a soldier, should realize that everything they publish online will be accessible to everyone, as long as the Internet exists. For that reason, every time we publish something online, it’s worth to think and decide whether it’s something we will proudly show to our children when they grow up. We shouldn’t expect any privacy, if we’re online. If, for example, a soldier is active on a dating site, he or she shouldn’t assume that it’s his or her private space. Smartphone owners who want to have all those fancy and popular applications, should first check, to what data they have access. Usually they have full access to our data, which means they accumulate information about localization, visited places, online shopping, collect pictures, videos, recordings. We should also think whether we want to share that data with everyone who want to pay for them. These are main rules not only for soldiers, but also for common citizens. Except that if soldiers don’t keep the rules, they can cause trouble for themselves, their unit or their family,” warns Janis Sarts.
Examples of careless behavior online and using all kinds of applications are multiple. We can start with Strava, one of the most popular sports application used for example by the Americans. Strava app uses GPS information in smartphones and smartwatches. These data are then plotted on the maps of the routes most often used by the app users. In 2017, Strava shared such routes, and Twitter users put them on the maps of Syria or Iraq. Some of the routes were located far away from villages and towns, in the middle of nowhere. This opened the way to suggestion that there are secret military bases there, and that their soldiers train in the neighborhood. The running routes around military base or airport exposed soldiers in Somalia. What is more, some of them would never even turn the application off after they had finished training, and would use them during daily routine activity, which paved the way to revealing, for example, their patrol routes. Polish soldiers, too, are not very careful and make little mistakes, just as their fellow soldiers from other countries. These mistakes are not analyzed publicly, but that does not mean they remain unnoticed. For example, one of the most popular are running apps during military maneuvers, such as Dragon or Anakonda. Sometimes, there is no need to search for the soldier’s running routes – they post them themselves on social media.
No Smartphones on Training Field?
Is soldiers’ online activity monitored? The trainees are rarely requested not to use their private mobiles on training fields. Several months ago, during the maneuvers summarizing a three-year phase of a certain battalion, the command staff of the units boasted about the fact that their soldiers for five days had refrained from using their mobiles and computers, working instead with paper maps and only using their radio stations. All just in case of a cyberattack. However, it’s not about what soldiers can or cannot do. Director of NATO StratCom CoE admits that the most important is their awareness. “It’s worth being aware of the fact that nothing’s for free in this world. Even if it seems to us that we’re getting something for free, the truth is we pay for it by giving our consent to allow someone buy the information about us collected by our device,” he says.
Other issue is posting your pictures on the Internet. Is selfie taken on the training field and posted on Instagram a good idea? In Sarts’ opinion, it’s not. “You must be really careful here. There are situations where it’s better not to have a smartphone with you at all, or at least use it very restrictively. In some countries, during an operation soldiers use old mobiles. They are able to call their friends and family, but at the same time they don’t leave any electronic traces like smartphones do,” says Sarts. Still, a nice picture of laughing soldiers can be a great promotion for the army. What do Polish press officers think about it? Opinions differ, and are mostly anonymous. Some admit that military equipment shouldn’t be photographed, pictures taken during exercises on the training fields or various celebrations cannot be published. Others recommend caution, but don’t see anything wrong in that. “There’s no official ban for soldiers on running social media accounts,” says one of the female press officers. Other press officer thinks that such situation shouldn’t be happening. Who’s right? “An official account in social media can be used to communicate with a society by a person, who, on behalf of the institution, has received a consent to do this from his or her superior, which in addition has been approved by the MoND Operational Center. As to fanpages of the military units, it’s less complicated, but as to official soldiers’ accounts? I think they would have to have knowledge on how to communicate in accordance with the MoND’s informational policy and be fully aware of online threats,” says LtCol Rafał Zgryziewicz, Deputy Press Officer at the General Staff of the Polish Armed Forces. He emphasizes that no connections to the military should be exposed on private accounts. “There’s no our consent to that. You can’t use your position or the name of the unit where you serve, nor publish pictures taken during exercises or trainings on the military training field,” LtCol Zgryziewicz is quite firm about that.
What are the threats? It’s quite easy to collect information using the method of “follow the breadcrumbs.” A badge on the uniform tells us about the military unit of its wearer, then we search through his contacts, we see his family on the pictures. We go deeper and deeper, until we know enough to outline an entire informational map about this man. What’s next? It depends on who’s collecting information. Most of the time, such data is used for marketing, but it can get more serious, says Sarts: “If our adversary collects information about the person who is part of the armed forces, if they know that person’s location and location of that person’s mobile, than during exercise, mission or operation, our adversary also knows current location of entire formation. This may reveal the engagement of this unit in certain military operations or open the way to attack it. Also, having the information about a soldier’s family and friends at the disposal, his enemy can influence soldier’s behavior or choices, or can threaten him. At this point, his entire military formation is in danger. By behaving responsibly, we protect not only ourselves, but also our fellow soldiers.”
It has happened that posts published on private accounts of soldiers caused crisis situations. In Ukraine, Russian units used GPS transmitters in the mobiles of Ukrainian soldiers to localize their positions. During this operation, there were cases of terrorizing the families of Ukrainian soldiers. Such cases also took place during the campaign in Afghanistan.
Who Does It Well?
Is there a way to prepare soldiers to a conscious use of the Internet? “I think all exercises of NATO forces should include an element regarding online security. The key here is to understand how the data posted online can be used against us, and how we should behave in online environment in order not to give away too much information about ourselves and not to provoke dangerous situations,” says Sarts.
The social communication officers draw our attention to one more question. A presence of soldiers in social media directly affects the image of an entire army. “Every soldier appearing in electronic media has its share in how the armed forces are perceived. A decent, well thought-over and well-prepared communication positively affects the image of the Polish Armed Forces. However, in the case of using social media and all applications and accessories of “smart” type in an inappropriate way, without being aware of the 21st-century threats, communication can do more harm than good for the image and security of the Polish Armed Forces,” says the deputy press officer of the General Staff of the Armed Forces. However, things go both ways.
A well-known secret in the defense ministry is the Facebook public debate on whether Crimea in Google Maps should be marked as the Russian territory. The problem is that on the FB account of one of Polish divisions, there were opinions supporting the Russian ownership of Crimea. This discussion, led by the administrator of this military website, quickly disappeared. “Every citizen has the right to express their opinion, but if on the social media account, on which the discussion is carried, there is a mention that the account’s owner is a professional soldier, than this type of communication is prohibited,” says Zgryziewicz. Racist, chauvinist, homophobic, and nationalistic content also does not do any good to the army’s image. “All extremist opinions are bad, and they will always be a problem for an institution which is represented by a person expressing them. The army and soldiers are not an exception here,” adds Zgryziewicz.
An example of a system activity can be the Territorial Defense Forces (TDF). The youngest of the branches of the armed forces introduced regulations regarding the presence of soldiers in social media. “On one hand, we care about security, we want to protect our soldiers and eliminate possibilities of recognizing the military formation they belong to. On the other hand, it’s a question of image. Our soldiers already during training are given rules on using social media,” says LtCol Marek Pietrzak, the TDF press officer. These forces issued leaflets with basic rules to be applied by every TDF soldier. “These rules apply to everyone who – by means of a picture or a comment – suggest on Facebook that they are part of the Territorial Defense Forces. At this point, they are obliged to abide by defined by the TDF rules. Soldiers learn about, among other things, the fact that the right to communicate on behalf of their military formation has only and exclusively this formation’s commander and press officer. Regular soldiers cannot comment on any political announcements, or any words of their commanders or superiors. They are to stand aloof from any violent contents as well as secure access to their accounts.
“We are not against running an individual social media account, but we all must abide by the rules. We don’t want pictures from military trainings, but, for instance, family pictures from a military oath celebrations are a positive message,” says LtCol Pietrzak, and adds: “Not abiding by the rules means disciplinary consequences from a rebuke to a reprimand.” The press officer admits that there was a situation where a soldier had shared someone’s post critical about the Grot modular assault rifle, although he himself had never even held this weapon in his hands. “We also had a case with soldiers, who were photographed wearing negligently their uniforms. These are perhaps details, but we have to react to keep the right overall image of our military unit,” emphasizes the press officer.
How about other branches of the armed forces? Who is to teach, train, make soldiers aware? The General Staff has no doubt. “We organize workshops for people responsible for communication, also in social media. Full responsibility for how it is all carried out among soldiers is taken by the commanders of military units and institutions. They should identify threats, inform about them and make sure their soldiers have a full knowledge and awareness about the subject,” explains LtCol Zgryziewicz.
We did the reality check. We asked soldiers – our Facebook contacts with private FB accounts, the content of which clearly indicate that their owners are people related to the army – whether they had ever discussed with their superiors what they can or cannot do online. Almost all of them were surprised at the thought that their bosses might at all be interested in their “private” activity in social media.
autor zdjęć: Michał Niwicz