Security News > 2021 > May > US nuclear weapon bunker security secrets spill from online flashcards since 2013
Details of some US nuclear missile bunkers in Europe, which contain live warheads, along with secret codewords used by guards to signal that they're being threatened by enemies, were exposed for nearly a decade through online flashcards used for education, but which were left publicly available.
The astonishing security blunder was revealed by investigative journalism website Bellingcat, which described what it found after "Simply searching online for terms publicly known to be associated with nuclear weapons."
The flashcards "Detail intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have," Bellingcat reported.
Merely googling "PAS", "WS3" and "Vault" together with the names of US Air Force stations in Europe came back with flashcards used in training and hosted on websites Chegg, Quizlet, and Cram.
The flashcards themselves have since been deleted, with the US Air Force telling Bellingcat it was "Investigating the suitability of information shared via study flashcards."
Online OPSEC is important: subscribing to ebooks website Scribd and searching for certain terms can reveal all manner of confidential manuals and handbooks, and slide-deck website Prezi occasionally contains internal slideshows the content of which probably wasn't intended to be published to the wider world.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/05/28/flashcards_military_nuclear/
Related news
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator (source)
- US senators propose law to require bare minimum security standards (source)
- US reportedly mulls TP-Link router ban over national security risk (source)