{"id":37033,"date":"2018-02-01T14:30:44","date_gmt":"2018-02-01T03:30:44","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=37033"},"modified":"2018-02-01T14:16:23","modified_gmt":"2018-02-01T03:16:23","slug":"foreign-intelligence-stravas-global-heatmap","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/","title":{"rendered":"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019"},"content":{"rendered":"<figure><img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"480\" class=\"alignnone size-full wp-image-37035 aligncenter\" src=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg 640w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z-205x154.jpg 205w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/figure>\n<p>Data thefts are nothing new. In the United States, several incidents attributed to China have involved vast amounts of personal information.<\/p>\n<p>In 2014, the US health insurance company Anthem had data on almost <a href=\"https:\/\/www.wsj.com\/articles\/anthem-hacked-database-included-78-8-million-people-1424807364\" target=\"_blank\" rel=\"noopener\">80 million customers<\/a> stolen, <a href=\"https:\/\/krebsonsecurity.com\/2015\/02\/data-breach-at-health-insurer-anthem-could-impact-millions\/\" target=\"_blank\" rel=\"noopener\">including<\/a> dates of birth, addresses, emails and employment information. The following year, United Airlines\u2014the world\u2019s second largest airline\u2014had flight manifests and other <a href=\"https:\/\/web.archive.org\/web\/20170112223302\/https:\/www.bloomberg.com\/news\/articles\/2015-07-29\/china-tied-hackers-that-hit-u-s-said-to-breach-united-airlines\" target=\"_blank\" rel=\"noopener\">data stolen<\/a>, including passenger names, travel origins and destinations.<\/p>\n<p>Most strikingly, over the course of 2014 and 2015, the US <a href=\"https:\/\/www.opm.gov\/\" target=\"_blank\" rel=\"noopener\">Office of Personnel Management (OPM)<\/a>, the government agency that manages security clearances, had data from <a href=\"https:\/\/www.reuters.com\/article\/us-cybersecurity-usa\/millions-more-americans-hit-by-government-personnel-data-hack-idUSKCN0PJ2M420150709\" target=\"_blank\" rel=\"noopener\">21.5 million personnel records<\/a> stolen, including social security numbers, residency, education, employment, health, and criminal and financial history. The <a href=\"https:\/\/www.nytimes.com\/2015\/09\/24\/world\/asia\/hackers-took-fingerprints-of-5-6-million-us-workers-government-says.html\" target=\"_blank\" rel=\"noopener\">fingerprint<\/a> records of 5.6 million federal employees were also stolen.<\/p>\n<p>All <a href=\"https:\/\/www.wsj.com\/articles\/u-s-suspects-hackers-in-china-behind-government-data-breach-sources-say-1433451888\" target=\"_blank\" rel=\"noopener\">three<\/a> <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2015-02-05\/signs-of-china-sponsored-hackers-seen-in-anthem-attack\" target=\"_blank\" rel=\"noopener\">cases<\/a> are suspected to be the work of state-sponsored Chinese hackers. The Chinese government denied that it was involved in the OPM hack and later <a href=\"https:\/\/www.washingtonpost.com\/world\/national-security\/chinese-government-has-arrested-hackers-suspected-of-breaching-opm-database\/2015\/12\/02\/0295b918-990c-11e5-8917-653b65c809eb_story.html\" target=\"_blank\" rel=\"noopener\">arrested hackers<\/a> connected to the breach. Curiously for a criminal action, the stolen <a href=\"https:\/\/www.wired.com\/2016\/10\/inside-cyberattack-shocked-us-government\/\" target=\"_blank\" rel=\"noopener\">OPM data<\/a> hasn\u2019t been used elsewhere for financial gain. Nor has the stolen Anthem data <a href=\"https:\/\/risky.biz\/RB481\" target=\"_blank\" rel=\"noopener\">been used<\/a> to make money.<\/p>\n<p>The OPM breach involved a mass of information that would be of enormous value to a foreign intelligence organisation; it was described as a \u2018treasure trove\u2019 by former FBI director James Comey. US intelligence officials I\u2019ve met were viscerally affected by the OPM breach, alarmed by both the personal nature of the information stolen and the sheer volume of the data taken. One prominent theory is that the hackers are intending to use the information to create a massive database on US intelligence personnel that will be mined to advance China\u2019s intelligence interests.<\/p>\n<p>When combined with the other large volumes of information taken, the OPM data can be cross-referred to reveal even more valuable information that doesn\u2019t exist in any single dataset. Employment history combined with travel, financial and health data, for example, would allow Chinese intelligence agencies not only to identify people of intelligence interest, but also to immediately develop targeted profiles and identify patterns linking otherwise separate people or locations. An individual\u2019s employment history combined with their travels might reveal the relationships between otherwise covert facilities. And cross-referencing employment data with financial and medical records might reveal possible avenues for recruitment or blackmail.<\/p>\n<p>China\u2019s push to become a <a href=\"https:\/\/www.reuters.com\/article\/us-china-ai\/china-aims-to-become-world-leader-in-ai-challenges-u-s-dominance-idUSKBN1A5103\" target=\"_blank\" rel=\"noopener\">world leader in artificial intelligence<\/a> (AI) will make the incentives to collect this kind of comprehensive data greater than ever. Chinese intelligence agencies will be motivated to use new techniques and algorithms to mine their data. Part of the strength of AI is in its processing power and algorithms, but many AI algorithms rely on large amounts of data. Gathering more complementary large-scale datasets will mean better results.<\/p>\n<p>It\u2019s worth noting that in September 2015, China\u2019s president Xi Jinping and US president Barack Obama reached an agreement that neither country would \u2018conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors\u2019. That agreement, however, will make no difference whatsoever in this large-scale data theft. Cyber espionage is still very much on the table as a tool of statecraft.<\/p>\n<p>Any organisation that holds large amounts of information is a target, but one source that would be of high interest is Strava\u2019s activity-tracking data. Strava, a fitness activity tracking service, recently made headlines because its <a href=\"https:\/\/labs.strava.com\/heatmap\/#7.00\/-120.90000\/38.36000\/hot\/all\" target=\"_blank\" rel=\"noopener\">\u2018global heatmap\u2019<\/a> could be used to <a href=\"https:\/\/www.wired.com\/story\/strava-heat-map-military-bases-fitness-trackers-privacy\/\" target=\"_blank\" rel=\"noopener\">identify and profile<\/a> military and intelligence bases. But Strava also holds private data that would be invaluable when combined with the other stolen datasets I\u2019ve mentioned. Even sensible users with strict privacy settings would have their activity available to hackers. If that data is combined with previously stolen employment, financial, medical and travel data, it could be used to not only identify people of intelligence interest, but also provide information about their patterns of life, movements and exercise interests over potentially many years.<\/p>\n<p>Recent large-scale hacks point to China\u2019s voracious appetite for data to enhance its intelligence-gathering efforts. That information will be entered into big-data programs that will be part of China\u2019s investment in becoming an AI powerhouse. Given that China has no compunction about collecting personal data of its own citizens, it is certain that it will aggressively seek out and use data about foreigners to advance its interests.<\/p>\n<p>Individually, we all need to make sensible decisions about what data we share and how much of it we allow to be collected. And organisations that collect and store large amounts of personal information need to be aware that they are legitimate foreign intelligence targets and they will be pursued.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Data thefts are nothing new. In the United States, several incidents attributed to China have involved vast amounts of personal information. In 2014, the US health insurance company Anthem had data on almost 80 million &#8230;<\/p>\n","protected":false},"author":618,"featured_media":37035,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[95],"class_list":["post-37033","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-cyber-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019 | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019 | The Strategist\" \/>\n<meta property=\"og:description\" content=\"Data thefts are nothing new. In the United States, several incidents attributed to China have involved vast amounts of personal information. In 2014, the US health insurance company Anthem had data on almost 80 million ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-01T03:30:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-02-01T03:16:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"480\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tom Uren\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tom Uren\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg\",\"width\":640,\"height\":480},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/\",\"name\":\"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019 | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#primaryimage\"},\"datePublished\":\"2018-02-01T03:30:44+00:00\",\"dateModified\":\"2018-02-01T03:16:23+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a\",\"name\":\"Tom Uren\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g\",\"caption\":\"Tom Uren\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/thomas-uren\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019 | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/","og_locale":"en_US","og_type":"article","og_title":"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019 | The Strategist","og_description":"Data thefts are nothing new. In the United States, several incidents attributed to China have involved vast amounts of personal information. In 2014, the US health insurance company Anthem had data on almost 80 million ...","og_url":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2018-02-01T03:30:44+00:00","article_modified_time":"2018-02-01T03:16:23+00:00","og_image":[{"width":640,"height":480,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg","type":"image\/jpeg"}],"author":"Tom Uren","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Tom Uren","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2018\/02\/9675384786_12ddfb564a_z.jpg","width":640,"height":480},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/","url":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/","name":"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019 | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#primaryimage"},"datePublished":"2018-02-01T03:30:44+00:00","dateModified":"2018-02-01T03:16:23+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/foreign-intelligence-stravas-global-heatmap\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Foreign intelligence and Strava\u2019s \u2018global heatmap\u2019"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a","name":"Tom Uren","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g","caption":"Tom Uren"},"url":"https:\/\/www.aspistrategist.ru\/author\/thomas-uren\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/37033"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/618"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=37033"}],"version-history":[{"count":2,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/37033\/revisions"}],"predecessor-version":[{"id":37036,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/37033\/revisions\/37036"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/37035"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=37033"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=37033"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=37033"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}