Jump to content

Recommended Posts

Posted

A new report from the Navy Inspector General has revealed that two Android apps, used by US military personnel in live combat situations, contained severe vulnerabilities that could have been exploited by hackers to steal information on the troops.

The mobile apps provided real-time messaging capabilities to coordinate with other branches of the military, displayed mission objectives and goals, showed satellite images of mission areas and highlighted both the locations of enemy combatants as well as those of friendly forces.

The report, which was first published back in March and made public by ZDNet today, identified the vulnerable apps as KILSWITCH (Kinetic Integrated Low-Cost Software Integrated Tactical Combat Handheld) and APASS (Android Precision Assault Strike Suite).

Both apps were made available to members of the military through an app store controlled by the National Geospatial-Intelligence Agency.

For training exercises only

Due to the fact that the apps were designed solely for training purposes, the developers cut corners when it came to their security. However, the apps' sleek interface and useful features led them to become popular with US troops who then used them in live combat situations despite the security risks.

In its report, the Office of the Naval Inspector General determined that most branches of the military failed to properly inform troops about the apps' shortcomings. 

To make matters worse, a civilian whistle-blower had been warning the US military about the apps for over a year.

Civilian program analyst for the Naval Air Warfare Center Weapons Division (NAWCWD), Anthony Kim raised his concerns about the apps back in March of 2017. Unfortunately he was ignored by his superiors and punished for repeatedly raising the alarm which led to his pay being reduced, him being placed on leave and eventually his security clearance was revoked.

Via Engadget

9yrp5QNONtg

View the full article

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.