In a bizarre case, a US-based spy is being investigated after he was suspected of uploading top-secret British military information to a public domain website so he could work from home, reported the British newspaper The Sun.
information as well understand details of RAF Typhoon fighters as well as a list of names of US counter-terrorism officers based in the UK.
The Eurofighter Typhoon is the backbone of the UK’s Royal Air Force (RAF). It is capable of performing air superiority tasks including rapid response alerts over the Falkland Islands and air policing responsibilities with NATO allies in the Baltic and Black Sea regions.
Revealing its secrets online could jeopardize UK security if hostile countries gain access to details of its sensitive technology.
Along with details of RAF assets, the data would also have revealed various US arms deals, as well as emails containing the names of National Security Agency personnel in the US.
Adam Sitzes, a US Air Force intelligence officer, allegedly used the task website Trello to upload a series of documents filed under secret information acts in 2020. After that, the spy allegedly forgot that the documents were public, exposing them as “gift wrap” for Chinese and Russian spies to discover.
The material could have been easily accessed by hostile nations because the platform was in the public domain and not protected by sophisticated state firewalls and protection.
“He is likely to be investigated immediately,” a source told The Sun. Later, Whitehall was informed of the incident and all files were deleted in response.
Thousands of documents, according to reports, have been uploaded to the Trello website. This website allows users to view files from any device using very simple login credentials, allowing them to work from anywhere while using the software.
Not the first time
While it may seem that the leaking of high profile military secrets online is an unusual occurrence, it is not the first of its kind.
Last year, it was reported that US soldiers stationed in Europe had inadvertently revealed information about the US nuclear arsenal by using flashcard apps to help them remember details of that information.
The information included confidential locations of nuclear weapons on bases, as well as secret codes and duress words intended to be known only to military personnel. According to at Bellingcat, which conducted an in-depth review, flashcards were used to study and learn apps such as Chegg, Quizlet and Cram.
While the existence of US nuclear weapons in Europe has long been documented by various documents, images and claims leaked by retired officials, their precise locations remain a closely guarded secret, with governments neither acknowledging nor denying their presence.
On Chegg, a set of 70 flashcards titled “Study!” appeared, noting the specific shelters storing the armament. Several flashcards appear to be online and publicly viewable for up to eight years, with some appearing as recently as April 2021.
The flashcards memorized by the soldiers tasked with guarding these locations further revealed not only the bases but also the exact shelters with “hot” vaults that likely store nuclear weapons.
They also reviewed complex security features and protocols, including camera placement, frequency of patrols around vaults, secret duress words that indicate when a guard is under pressure, and unique identifiers that a security badge restricted area must have.
“The secrecy about US nuclear weapons deployments in Europe does not exist to protect weapons from terrorists, but only to prevent politicians and military leaders from having to answer tough questions about the adequacy of nuclear deals. NATO nuclear sharing. This is yet another warning that these weapons are not safe,” said Jeffrey Lewis, director of the East Asia Nonproliferation Program at the James Martin Center for Nonproliferation Studies at Bellingcat.
Similarly, in 2017, a treasure trove of NSA and Army files were spotted on a cloud storage site with no password protection, making them accessible to anyone with the URL. The files were discovered by Chris Vickery of security firm UpGuard on an unlisted Amazon Web Services S3 cloud storage server owned by the United States Army Security and Intelligence Command (INSCOM), an Intelligence Collection Command and security that operates jointly from the US military and the NSA.
The latest development, however, raises concerns about US cybersecurity, especially at a time when the threat of cyberattacks from Russia has reportedly increased. If an enemy nation obtains this type of sensitive material, it could result in a serious security breach for the United States.