Russia has opened a new battlefront with NATO, according to Western military officials, by exploiting a point of vulnerability for almost all allied soldiers: their personal smartphones.
Troops, officers and government officials of North Atlantic Treaty Organization member countries said Russia has carried out a campaign to compromise soldiers’ smartphones. The aim, they say, is to gain operational information, gauge troop strength and intimidate soldiers.
The Russian Defense Ministry didn’t respond to a request for comment. Russian officials deny that Moscow stages such attacks.
The campaign has targeted the contingent of 4,000 NATO troops deployed this year to Poland and the Baltic states to protect the alliance’s European border with Russia, as tensions with Moscow are on the rise, Western military officials said.
Targets are soldiers like U.S. Army Lt. Col. Christopher L’Heureux, who took over as commander of a NATO base in Poland in July. Soon after, he said he returned to his truck from shooting drills to find a hacker had triggered the lost mode on his personal iPhone. The hacker was attempting to breach a second layer of password protection through a Russian IP address, he said.
“It had a little Apple map, and in the center of the map was Moscow,” said Col. L’Heureux, stationed not far from a major Russian military base. “It said, ‘Somebody is trying to access your iPhone’.”
Col. L’Heureux, who prepares tactical troop positions to repel a potential Russian invasion, also found he was being physically tracked through his iPhone.
“They were geolocating me, whoever it was,” he said. “I was like, ‘What the heck is this?’
Col. L’Heureux said at least six soldiers he commands have had phones or Facebook accounts hacked. He said he suspects the incidents were meant as a message that Russian intelligence forces were tracking him, could crack his passwords and wanted to intimidate his soldiers.
Western officials declined to describe technical security precautions in detail, but note that allied soldiers are trained on a variety of risks including cyberattacks.
Military cyberespionage experts said the drone flights and cellphone data collection suggest Russia is trying to monitor troop levels at NATO’s new bases to see if there are more forces present there than the alliance has publicly disclosed.
Some Western defense officials played down the military significance of the campaign, saying it has caused little if any damage and often involves public information.
Still, other Western officials said that in a crisis, compromised cellphones could be used to slow NATO’s response to Russian military action if, for example, the personal cellphone of a commander was used to send out fake instructions. While such communications via private device ought to be disregarded, it could sow confusion, they said.
And if a compromised phone were brought into a secure area such as a military command post, it could be used to collect sensitive information.
Near Estonia’s border with Russia, numerous soldiers in January complained of “strange things” happening to their phones on the Tapa military base shortly before French and British NATO soldiers were due to arrive, according to an officer on the base with knowledge of the incident.
A probe indicated Russia had used a portable telephone antenna to gain access to phones in the area, said the officer. The device apparently grabbed data sent from mobile phones and erased information on them.
“They were stripping everyone’s contacts,” the officer said.
In March, an Estonian conscript’s phone started playing hip-hop music he hadn’t downloaded while he was stationed on the Russian border, the soldier said. Contacts started disappearing from his phone around the same time, he said.
Since the Tapa incident in January, soldiers on the Estonian base remove SIM cards from their phones and are allowed to use the internet only at designated secure hot spots. Use of geolocation is forbidden.
Estonian conscripts said they are forced to jump into a lake during operations to ensure they are following a strict “no smartphones” policy. Some get around the practice by wrapping their phones in condoms.
The British contingent at the base said it has taken necessary measures to protect troops.
Information gleaned from personal communication, contact lists and social-networking sites has been used in encounters that indicate a goal of harassment or intimidation, according to Western officials.
In Latvia, a U.S. soldier standing in line for a sports event was approached by a person who casually dropped details of the soldier’s life, including information about family members, said a person close to NATO. A similar incident happened to a U.S. soldier on a train in Poland, that person said. Both encounters were believed to have been with Russian agents.
“Russia has always sought to target NATO servicemen for intelligence exploitation,” said Keir Giles, an associate fellow at Chatham House’s Russia and Eurasia Program. “But such a campaign of harassment and intimidation is unprecedented in recent times.”
Mr. Giles has given briefings on information warfare to some NATO countries’ troops ahead of their deployment to the Baltics and Poland, where they are within reach of Russian antennae and drones that can suck up data from mobile devices lacking advanced military encryption.
The Baltics—Estonia, Latvia and Lithuania—have previously faced cyber assaults on their national internet networks and other connected systems, which they blamed on Russia.
“We are already in an unconventional cyberwar,” said Lithuanian President Dalia Grybauskaitė. “We know what neighborhood we live in.”
Former Estonian President Toomas Hendrik Ilves said a number of suspicious drones were spotted during his decade in office that ended last year.
U.S. military officials say the campaign remains more harassment than a security risk.
Col. L’Heureux, who served three tours in Iraq and one in Afghanistan, says the hacking of his smartphone was a wake-up call.
“I thought this would be easy…nobody’s shooting at me,” he said of his Poland posting. “But this is different.”