The U.S. Marine Corps has prohibited the use of cryptocurrency mining applications and other apps on government mobile devices.
The information made available by accounts on certain apps “is a privacy and security concern,” according to a Marine administrative message signed July 28.
“Users are strongly encouraged to delete any apps from their personal devices that the US Government has deemed a risk,” the memo urged.
Lists of authorized and unauthorized apps will be made available to Marines, and prohibited applications will be automatically removed from devices by a management server.
Banning applications is not a new cybersecurity measure in the military.
Earlier in 2020 each branch of the military banned service members from installing the Chinese-made video sharing app TikTok on government-issued phones over fear that the app was being used by the Chinese government to collect data and spy on American citizens.
Cryptocurrency, favored by cybercriminals for its anonymity and ease of use, can be obtained through the resource-intensive process of mining. Because of the high processing power and energy costs associated with such activities, mining popular coins like Bitcoin can be unprofitable without a specialized setup.
Less popular coins with smaller networks, however, can be more easily mined on individual devices, cybersecurity expert Randi Eitzman told Marine Corps Times.
For this reason, criminals often “cryptojack” computers, infecting them with malware that will install mining applications and use a victim’s electricity and processing power for profit, FireEye reported.
Even if a service member were to use cryptocurrency mining applications on a government device without malware, they would still be using government resources for their personal gain.
“While some may try to argue cryptocurrency mining is a sort of ‘victimless crime,’ it is important to realize that it is theft,” Eitzman said.
Other branches of service have their own guidelines and lists of authorized apps, though none specifically outlaw the act of cryptocurrency mining.
The Army and Air Force use the Defense Information Systems Agency’s regulations.
“Users are only authorized to download approved applications, and users who download unapproved or third-party apps may result in the device being flagged,” a DISA spokesperson told Marine Corps Times.
DISA did not comment on what types of apps are or are not approved.
The Navy’s acceptable use policy limits personal use of government technology, prohibiting activities inappropriate for the workplace but allowing some personal use like posting items for sale on a forum, similar to a workplace bulletin board.
The policy prohibits any use of Navy technology that would reflect poorly on the Department of the Navy, said Joe Gradisher, spokesman for the office of the deputy chief of naval operations for information warfare.
“Using the AUP as the guide then, cryptocurrency mining would not be a permissible activity on GFE (government furnished equipment),” said Gradisher.
The Marine Corps was not able to immediately respond to requests for comment or about whether or not there have been cases of Marines mining cryptocurrency on their government mobile devices.