PENTAGON IGNORED PHONE TRACKING THREAT FOR YEARS

The Pentagon has acknowledged a critical security gap that defense officials say is being weaponized against American soldiers in ongoing conflicts. Despite having knowledge of the vulnerability and access to straightforward countermeasures, the military deployed few of the necessary protections. Location data from military personnel's phones can be extracted through various means, including signals intelligence and data brokerage networks. Adversaries have reportedly used this information to target troops, presenting an immediate operational threat. Defense analysts have long flagged location data as a significant security risk. The necessary fixes—ranging from disabling location services in certain applications to deploying signal-blocking technology—exist and are relatively inexpensive to implement. Yet adoption across the military has remained minimal. The gap between known risks and implemented solutions highlights systemic issues in military cybersecurity protocols. While some units have instituted stricter device policies, comprehensive guidance and enforcement remain inconsistent across commands. Military officials have begun addressing the problem, issuing new guidance to reduce reliance on phones in sensitive operational areas and recommending location-limiting measures. However, these steps come after years of documented warnings from security specialists. The issue underscores a broader challenge: translating security knowledge into institutional practice across a sprawling organization. The military's IT infrastructure spans millions of devices across diverse units with varying technical capabilities and compliance levels. Defense Department representatives confirmed the threat in recent statements but declined to specify which adversaries are exploiting the vulnerability or provide detailed casualty figures. The acknowledgment marks a significant shift from earlier dismissals of the threat's urgency. Military personnel have been advised to review device settings and restrict location-sharing capabilities, particularly on social media and messaging applications. Additional operational security measures are under review.