The Pentagon in Arlington, Va., is seen from above.
Recently, a Pentagon-wide advisory was issued cautioning against the use of the messaging app Signal, even for unclassified communications. The alert details a vulnerability identified in the Signal messenger application, as stated in a department-wide email dated March 18.
According to the memo, “Russian professional hacking groups are exploiting the ‘linked devices’ features to surveil encrypted conversations.” The document emphasizes that Google has recognized Russian hackers targeting Signal Messenger to spy on individuals of interest.
In response to the memo, a Signal representative stated, “We are unaware of any vulnerabilities or supposed ones that we haven’t publicly addressed.”
A screenshot from a Pentagon memo warns against using the messaging app Signal.
The memo further states, “Please note: third-party messaging apps like Signal are allowed by policy for unclassified accountability/recall exercises but are not sanctioned for handling or storing non-public unclassified information.”
The encrypted Signal app was utilized by Defense Secretary Pete Hegseth and other national security officials to discuss operations in Yemen earlier this month. This incident notably included sensitive discussions where an external party was inadvertently added to the group.
In military parlance, transmitting classified information via unsecure channels is termed “slippage,” which, while seen as minor, can still significantly impact a military officer’s career.
As early as 2023, a Department of Defense memo was identified that prohibited the use of mobile applications for processing “controlled unclassified information,” highlighting a long-standing concern regarding mobile app security.
This unprecedented communication forum involving top officials from Defense, State, Intelligence, and National Security raises critical questions about the sharing of sensitive military intelligence in unsecured environments.
