US military personnel and contractors deployed across the Middle East were targeted in a coordinated phone-tracking campaign before and during the Iran war, the Financial Times reported on Tuesday, citing telecom data, cybersecurity experts and officials familiar with the matter.
The report said repeated requests known as SS7 pings, which can reveal the approximate location of phones roaming outside their home networks, were detected and blocked by telecom operators across the region.
"Iran absolutely has capabilities to get real-time, immediate, and continuous location information," Gary Miller, senior research fellow at cybersecurity watchdog Citizen Lab, told the Financial Times.
"It would surprise me very much if Iran were not using SS7, or mobile network access in the region, to track US users," he added.
ALSO READ: Trump Says Will Replace 20% Hormuz Cargo Fee With 'Trade Deals'
According to the report, cybersecurity experts who reviewed the telecom data said the activity appeared to be part of a coordinated effort to identify and track specific mobile devices.
The tracking attempts reportedly began in the run-up to the US-Israeli strikes on Iran in late February and continued during the opening phase of the conflict, when Iran launched missile and drone attacks on US military bases and personnel across the region.
According to the report, the officials in the Persian Gulf suspected Iran or allied groups had exploited roaming agreements with regional telecom operators to track US personnel.
Separately, a US official, speaking on condition of anonymity, said Iranian-linked actors were also believed to have accessed commercial advertising databases to locate phones used by US personnel in Iraq's Kurdistan region.
US Central Command told Congress in April that it had received multiple intelligence reports warning that adversaries were exploiting commercial location data to monitor or target American forces deployed overseas.
While Centcom said it had taken force-protection measures to safeguard personnel, a US official told the newspaper there was no evidence that location tracking had played a decisive role in any attacks.
ALSO READ: Mossad's Misfire: Israel's Alleged Plan To Prop Ahmadinejad As Next Iran Leader Failed
The Financial Times also reported that at least some of the blocked tracking attempts were linked to an Iranian mobile operator through a shared technical fingerprint.
"This appears to be very specific user targeting," Miller told the newspaper. "They are targeting specific devices."
The report further said Iran was suspected of using commercially available advertising technology to identify hotels accommodating US government employees and contractors. Advertising identifiers assigned to smartphones can allow devices to be tracked without directly compromising the phones.
The findings have renewed concerns in Washington over the national security risks posed by commercial location data. Democratic Senator Ron Wyden said he had repeatedly warned successive US administrations about the issue, while Republican Representative Pat Harrigan called for legislation to prevent technology companies from selling location data linked to government employees.
Essential Business Intelligence, Sharp Market Insights, Practical Personal Finance Advice, Daily Fuel, Gold and Silver Prices and Latest Stories — On NDTV Profit.