In an outlandish case, a US-based spy is being investigated after he was suspected of uploading top-secret UK military information to a public domain website so he could work from home, reported UK-based newspaper — The Sun.
The information also includes details on RAF’s Typhoon fighters as well as a list of names of US counter-terrorism officers based in the UK.
The Eurofighter Typhoon is the backbone of the Royal Air Force (RAF) of the United Kingdom. It is capable of carrying out air superiority tasks including quick response alerts over the Falkland Islands and air policing responsibilities with NATO allies in the Baltic and the Black Sea regions.
Spilling its secrets online could compromise the UK’s security if hostile countries obtain access to the details of its sensitive technology.
In addition to the specifics about RAF assets, the data also reportedly exposed various US arms agreements, as well as emails containing the names of National Security Agency staff in the US.
Adam Sitzes, a US Air Force intelligence officer, is said to have used the tasking website Trello to upload a series of documents classified under secret information acts in 2020. After then, the spy is believed to have forgotten the documents were public, exposing them as “gift-wrapped” for Chinese and Russian spies to uncover.
The material could have easily been accessed by hostile nations because the platform was in the public domain and not protected behind sophisticated state firewalls and protection.
“He’s likely to face an immediate investigation,” a source told The Sun. Later, Whitehall was notified of the incident, and all files were removed as a response.
Thousands of documents, according to reports, were uploaded on the Trello website. This website enables users to view files from any device using very easy login details, allowing them to work from anywhere when using the software.
Not The First Time
While it may appear that disclosing top military secrets online is an unusual occurrence, it is not the first of its kind.
Last year, It was reported that US soldiers stationed in Europe inadvertently revealed information on the US nuclear weapons arsenal while using flashcard apps to help them remember details about the information.
The information included confidential locations of nuclear weapons on bases, as well as secret code and duress words that are intended to be known only to military personnel. According to Bellingcat, which did a thorough examination, flashcards were used in studying and learning apps such as Chegg, Quizlet, and Cram.
While the existence of US nuclear weapons in Europe has long been documented by different leaked documents, images, and assertions from retired officials, their precise locations remain a well-guarded secret, with governments neither acknowledging nor denying their presence.
On Chegg, a set of 70 flashcards named ‘Study!’ appeared, noting the specific shelters storing the weaponry. Several flashcards seem to have been online and publicly viewable for up to eight years, with some appearing as recently as April 2021.
The flashcards memorized by soldiers tasked with guarding these places further revealed not only the bases but also the exact shelters with “hot” vaults that probably store nuclear weapons.
They also went over intricate security features and protocols including camera placement, the frequency of patrols surrounding the vaults, secret duress words that indicate when a guard is under pressure, and the unique identifiers that a restricted area badge must-have.
“Secrecy about US nuclear weapons deployments in Europe does not exist to protect the weapons from terrorists, but only to protect politicians and military leaders from having to answer tough questions about whether NATO’s nuclear-sharing arrangements still make sense today. This is yet one more warning that these weapons are not secure,” said Jeffrey Lewis, director of the East Asia Nonproliferation Program at the James Martin Center for Nonproliferation Studies to Bellingcat.
Similarly, in 2017, a trove of NSA and Army files was spotted on a cloud storage site with no password protection, making them accessible to anybody with the URL. The files were discovered by Chris Vickery of security firm UpGuard on an unlisted Amazon Web Services S3 cloud storage server belonging to the United States Army Intelligence and Security Command (INSCOM), an intelligence gathering and security command that operates jointly out of the US Army and the NSA.
The latest development, however, raises concerns about the United States’ cyber security, particularly at a time when the threat of cyber attacks from Russia is said to have heightened. If an enemy nation obtains this type of sensitive material, it might result in a severe security breach for the United States.