Blowin’ up my phone

Location Tracking on the Battlefield
There are several mechanisms by which cellphones can be detected, located and tracked on the battlefield. These methods include detecting and tracking the phone’s signal or hacking into the network it uses.

A new report highlights the challenges of tracking cellphones on the battlefield using the ongoing war in Ukraine as a case study.

Arguably the first ‘smartphone’ war, the ongoing conflict in Ukraine has underscored the important role these devices continue to play in this war, and that they will play in the future. At the military level, smartphones can be a useful tactical communications alternative to military transceivers. Smartphones let people stay in touch or use the internet when conventional telecommunications may be damaged or unavailable. These devices have been invaluable for collecting and sharing evidence of Russian-perpetrated atrocities. Worryingly, smartphones are also effective conduits for the torrents of Russian propaganda, disinformation and outright lies Vladimir Putin’s regime spews into the ether.

A report published in February by ENEA takes a detailed look at the questions surrounding the use of cellphones on, and near, the battlefield. In January 2023 the Russian military blamed cellphone signals from Russian troops for helping the Ukrainian Army locate a target in Makiivka in southeast Ukraine. Reports say scores of Russian troops were killed when a college they were using was hit on 31st December 2022. Russian troops are banned from using their cellphones within range of Ukrainian weapons. As ENEA’s report makes clear, whether these signals were responsible for the geolocation of the Russian troops is debatable.

Are you gonna reach my telephone?

ENEA’s study says that cellphone signals can be located through passive radio frequency sensing and then triangulated to determine their point of origin. This method relies on the cellphone actively transmitting. Active direction finding is a more complex approach involving a tracking station. The station will communicate with the phone making it generate a signal as a response. Once this signal is generated it can be geolocated. This approach also lets Communications Intelligence (COMINT) cadres retrieve details from the targeted phone such as its SIM (Subscriber Mobile Identity) card number. The Russian Army’s Leer-3 COMINT system is thought to use the active direction finding method. Location retrieval over radio networks is a third method flagged in ENEA’s paper. A location tracker will send radio measurement commands to any cellphones being tracked. Usually, this is done innocently by networks to ascertain link quality and improve performance. Through mathematics the local retrieval over radio networks approach can determine a cellphone’s location.

Hacking presents another means to locate a phone. Network enabled tracking extracts location information for phones attached to any specific mobile network. Specifically, the Signalling System-7 (SS7) protocol, which governs traffic routing and billing, is exploited. It is possible to locate and track subscribers on a network by gaining access to SS7 protocols. Likewise, mobile operator telecom hacking can compromise network nodes which are then exploited for subscriber location information. It is also possible to insert malware into cellphones which is then used to track the device as chronicled in this Armada article.

Shoulda left my phone at home!

What does all this mean for cellphone use on the battlefield or more generally in the theatre of operations? “Regarding mobile phones … the surprise has been the increased use of them, and commercial communications in general, by military forces,” says Cathal McDaid, ENEA’s chief technology officer and one of the report authors. “(E)missions control of mobile devices should be as effective as possible, so if mobile devices are used, as seems increasingly common, then they should be used sparingly and with safeguards.”

Cellphone networks are now centres-of-gravity in contemporary and future warfare as targets that can be exploited to determine troop locations, hamper communications and disrupt morale. Alongside geolocation, electronic attacks against cellular networks could deprive militaries of alternative tactical communications. Exploiting cellular networks to spread false, misleading or demoralising traffic can have a powerful psychological impact.

Reflecting this importance cellular networks in Ukraine “have been secured and made more resilient by both parties, this improved connectivity has been present up to the edge and in many cases on the battlefield.” The flipside of this, says Mr. McDaid, “is ample opportunity to identify active and transmitting mobile devices.”

The effect the war in Ukraine is having on cellular networks, and vice versa, has an impact far beyond the theatre of operations. So-called fifth generation (5G) cellular protocols are being embraced by militaries to enhance communications both on and off the battlefield. NATO (North Atlantic Treaty Organisation) members and allied nations would do well to digest the lessons of ENEA’s report. Civilians in these nations should also take note. The cellular networks we all rely on are valuable targets in peace as well as war. Understanding network, and hence our own, vulnerabilities, makes sense.

Ukrainian Emission Control Advice
Wise words: The translation of advice given to Ukrainian troops regarding cellphone use at, or near, the tactical edge. The ongoing conflict in Ukrainian is arguably the world’s first ‘smartphone war’, highlighting the importance of emissions control.

by Dr. Thomas Withington