According to a US government report, Pentagon-issued smartphones are routinely loaded with dating apps, games, and possibly TikTok, posing a potential national security threat.
The findings come from the Department of Defense’s Office of Inspector General, which was spotted by Gizmodo. On Thursday, the agency released a report claiming that segments of the U.S. military allow personnel to install unauthorized software from public app stores.
This is a problem because many apps can collect personal information from smartphones without the user’s full knowledge. In some cases, apps can also be secretly malicious and take control of your device to control the camera and microphone or retrieve GPS data.
“Many unmanaged applications routinely require access to a user’s contact list, location data, and photo library, which can reveal sensitive locations and Department of Defense information,” adds the inspector general.
Report refrains from naming apps that have been installed on government devices. However, it notes that Pentagon personnel used the app for video streaming services, fantasy football, dating, and for “creating short videos”, a possible reference to TikTok. In December, President Biden signed an executive order banning TikTok from using government devices amid concerns that the Chinese government could pressure the app to spy on Americans.
In other cases, Pentagon personnel have used “unmanaged e-messaging applications” to conduct official business, in violation of federal records retention rules. The investigation also found that staff used the Chinese drone maker’s app, which the Department of Defense banned in 2018 due to cybersecurity concerns.
Pentagon agencies “lacked controls over personal use of DoD mobile devices to ensure that personal use was limited, complied with DoD policies and regulations, and did not pose operational and cybersecurity threats to the DoD”, the watchdog agency said. The report said the Defence Department provides off-the-shelf mobile phones and cell service to “select” department personnel to conduct official business but doesn’t say how many employees qualify.
The inspector general’s report blames the Department of Defense’s lack of a “comprehensive mobile and app policy” for unauthorized use of the app. In addition, at least some US military departments have not provided any training to personnel on the acceptable use of the app.
The report also contained a number of instances in which key details were blacked out after the Pentagon declared the information “Controlled Unclassified Information.” The report from the inspector general also offers several recommendations on how the problem could be fixed. Still, it notes “management officials did not fully address or did not respond” to 14 of the recommendations.