Close
newsletters Newsletters
X Instagram Youtube

Iran used roaming systems, ad tech to track US troops in Gulf: Report

U.S. Marines observe the live feed from a V-BAT unmanned aerial system on a cell phone aboard San Antonio-class amphibious transport dock ship USS Portland (LPD 27) in the Pacific Ocean, Jan. 31, 2026. (Photo via U.S. Marine Corps)
Photo
BigPhoto
U.S. Marines observe the live feed from a V-BAT unmanned aerial system on a cell phone aboard San Antonio-class amphibious transport dock ship USS Portland (LPD 27) in the Pacific Ocean, Jan. 31, 2026. (Photo via U.S. Marine Corps)
July 15, 2026 01:19 AM GMT+03:00

Mobile networks across the Middle East were repeatedly hit with cyberattacks aimed at tracking the locations of U.S. military personnel and contractors during the Iran war, the Financial Times (FT) reported, citing telecom data and people familiar with the matter.

According to the FT, the malicious tracking attempts began in the buildup to the U.S.-Israeli assault on Iran in late February and continued into the early days of the war, as Tehran retaliated with missile and drone strikes against U.S. forces and installations across the region.

Data shared with the FT by the Mobile Surveillance Monitor research project showed regional telecom networks fending off a wave of so-called SS7 pings—requests seeking to pin down the locations of specific phones roaming outside their home networks.

Two cybersecurity experts who reviewed the data told the FT that it suggested a coordinated campaign.

One person familiar with the matter told the FT that Gulf officials suspected Iran or its allies of exploiting roaming agreements with local phone providers to try to locate U.S. personnel.

A separate U.S. official, speaking to the FT on condition of anonymity, said they believed actors linked to Iran had abused commercially available advertising databases to track phones in the Iraqi Kurdish Regional Government (KRG).

"Iran absolutely has capabilities to get real-time, immediate, and continuous location information," Gary Miller, a senior research fellow at Citizen Lab who reviewed the data, told the FT. "It would surprise me very much if Iran were not using SS7, or mobile network access in the region, to track U.S. users," he said.

U.S. Army member uses a phone to record an interview with members of the 112th Military Police Battalion, Mississippi National Guard, in McLean, Va., Jan. 7, 2025. (Photo via U.S. Army National Guard)
U.S. Army member uses a phone to record an interview with members of the 112th Military Police Battalion, Mississippi National Guard, in McLean, Va., Jan. 7, 2025. (Photo via U.S. Army National Guard)

Attacks on hotels housing US personnel

The FT reported that Tehran and Iran-backed militias struck several hotels in Iraq, Bahrain, home to the U.S. Navy's Fifth Fleet, and elsewhere in the Gulf during the war, in some cases injuring U.S. contractors and personnel.

Experts said that further investigation would be needed to attribute specific attacks to digital surveillance, noting that such tracking would represent just one of several possible intelligence streams used to locate targets, alongside human spotters and personnel's own hotel reviews or social media posts.

U.S. Central Command (CENTCOM) told Congress in April it had "received multiple threat reports concerning adversary exploitation of commercial location data to target or surveil U.S. personnel in theater," according to the FT.

In Bahrain, a missile struck the Manama Crowne Plaza hotel, which had received multiple contracts to provide lodging, laundry and other services to the U.S. Defense Department, according to a government expenditure database reviewed by the FT.

U.S. Marines disembark during a High Mobility Artillery Rocket System Rapid Insertion training exercise in the U.S. Central Command area of responsibility, July 3, 2026. (Photo via U.S. Marine Corps)
U.S. Marines disembark during a High Mobility Artillery Rocket System Rapid Insertion training exercise in the U.S. Central Command area of responsibility, July 3, 2026. (Photo via U.S. Marine Corps)

Senator Wyden: First for US adversaries

Sen. Ron Wyden, D-Ore., who has long warned about these vulnerabilities, told the FT this would mark the first time U.S. adversaries used commercial location data to target American personnel in wartime.

"For years I've warned both Democratic and Republican administrations about the national security threat posed by foreign adversaries tracking the phones of U.S. personnel," Wyden said.

According to the FT, Wyden has previously cited a Department of Homeland Security presentation identifying Iran as among the "primary countries" using SS7 to target "U.S. subscribers."

Miller told the FT that at least some of the blocked tracking attempts in the data could be linked to an Iranian mobile phone operator, forming a fingerprint matching several other attempts.

"This appears to be very specific user targeting," Miller said, noting, "They are targeting specific devices."

CENTCOM told the FT it "took unprecedented force-protection measures that we are unable to discuss in order to ensure that our forces remain safe."

A separate U.S. official told the FT that "any claim suggesting data tracking played a significant role in attacks... is a departure from the facts."

A Bahraini government spokesperson told the FT the country's telecoms infrastructure "remains resilient," saying "all operators... are required to take measures to implement the necessary controls, including firewalls and other protections," and that "there are always attempts to breach network security globally."

U.S. Air Force network operations supervisor works within a core network node during a Threat Enhanced Emergency Readiness Exercise at Spangdahlem Air Base, Germany, June 1, 2026. (Photo via U.S. Air Force)
U.S. Air Force network operations supervisor works within a core network node during a Threat Enhanced Emergency Readiness Exercise at Spangdahlem Air Base, Germany, June 1, 2026. (Photo via U.S. Air Force)

Lawmaker proposes legislation on data exposure

Rep. Pat Harrigan, R-N.C., a member of the House Armed Services Committee, told the FT he had not been briefed on specific instances of Iran using data tracking against U.S. troops but remained concerned, and said he is proposing legislation to stop tech companies from selling the "digitalized footprint" of U.S. government employees.

"The capability and the threat ... exists," Harrigan said, adding, "If it continues to be exploited, and it's exploited properly, it could be catastrophic."

According to the FT, a 2024 review by the Pentagon's Office of the Inspector General found the U.S. had failed to close this vulnerability in phones issued to its own personnel. Michael Stokes, a former CIA official and vice president at Virginia-based Veilant, told the FT the U.S. intelligence community had been grappling with the problem for more than a decade, noting that digital tracking does not require a phone itself to be compromised, since smartphones generate large amounts of personal data, which he called "a digital exhaust" that can reveal location, contacts and other patterns.

Stokes said government employees often carried personal smartphones alongside or instead of secure devices built for sensitive postings, leaving a data trail.

"This is a national security exposure created by unmanaged phones, commercial ad tech, location data and, of course, operational necessity colliding with the realities of the field," he said.

July 15, 2026 01:20 AM GMT+03:00
More From Türkiye Today