Bad OPSEC (Operations Security) exposed by Air War on ISIS?
“Loose Tweets Destroy Fleets” is the slogan (based on the U.S. Navy’s WWII slogan “Loose Lips Sink Ships”) that the U.S. Air Force Central Command used a couple of weeks ago for an article aimed at raising airmen awareness about the risk of sharing sensitive information on social media.
Indeed, the AFCENT article speaks directly to the threat posed by Islamic State supporters who, according to Stripes, on at least two occasions have acquired and posted online personal data of military personnel, urging sympathizers, “lone wolves,” to attack Americans in the States and overseas in retaliation for the air strikes.
The article highlights the importance of proper OPSEC to keep sensitive information away from the enemy and to prevent leakage of information that could put missions, resources and members at risk, “and be detrimental to national strategic and foreign policies.”
Interestingly, the article only focuses on the smart use of social media. Ok, however, there are other possible OPSEC violations that the U.S. Air Force (as well as many other air arms currently supporting Operation Inherent Resolve, in Iraq and Syria, or Enduring Freedom, in Afghanistan) should be concerned of.
In October 2014 we highlighted the risk of Internet-based flight tracking of aircraft flying war missions after we discovered that a U.S. plane possibly supporting ground troops in Afghanistan acting as an advanced communication relay can be regularly tracked as it circles over the Ghazni Province.
The only presence of the aircraft over a sensitive target could expose an imminent air strike, jeopardizing an entire operations.
Although such risk was already exposed during opening stages of the Libya Air War, when some of the aircraft involved in the air campaign forgot/failed to switch off their mode-S or ADS-B transponder, and were clearly trackable on FR.24 or PF.net and despite pilots all around the world know the above mentioned websites very well, transponders remain turned on during real operations making the aircraft clearly visible to anyone with a browser and an Internet connection.
During the last few months many readers have sent us screenshots they took on FR24.com or PF.net (that only collect ADS-B broadcast by aircraft in the clear) showing military planes belonging to different air forces over Iraq or Afghanistan: mainly tankers and some special operations planes.
We have informed the U.S. Air Force and other air forces that their planes could be tracked online, live, several times, but our Tweets (and those of our Tweeps who retweeted us) or emails have not had any effect as little has changed. Maybe they don’t consider their tankers’ racetrack position or the area of operations of an MC-12 ISR (Intelligence Surveillance Reconnaissance) aircraft a sensitive information…
Image credit: screenshots from Flightradar24.com