MoD admits secrets have leaked on social-networking sites
The Ministry of Defence has admitted that confidential information has leaked onto social-networking sites and the internet 16 times in the past 18 months.
The MoD also revealed that ten staff have been disciplined for “misuse of social media” in the past year and a half.
The information came to light after Lewis PR – which counts security firm F-Secure among its clients – sent a Freedom of Information request to the MoD.
It’s worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means
The MoD’s reply doesn’t reveal the nature of the information that has been leaked onto the internet, nor detail the action taken against its staff.
The Ministry also refused to confirm whether any of the data leaks had led to its computer networks being compromised, claiming “it is not in the interest of the security of the MoD, or that of the public, to disclose detailed information pertaining to electronic breaches of security of the MoD’s database or ICT systems”.
It also adds that: “The Ministry Of Defence’s main networks do not permit access to internet-based social networking sites (including Facebook and Twitter), and this block has been in place for some years.”
Nevertheless, it concedes that a “very small” proportion of MoD computers “dedicated for business use, outside of our major networks” do connect directly to the internet and do grant access to sites such as Facebook and Twitter.
Lowering their guard
F-Secure’s chief research officer Miko Hypponen claims recent changes to Facebook’s privacy settings make it even easier for leaks to occur. “It’s amazing how many people drop their guard when they use social networking sites like Facebook and Twitter,” Hypponen says.
“They might think they are confiding in friends or family when they go on Facebook. However, the recent changes in Facebook’s privacy settings might make them disclose information to the world. This is a potential security risk.
“It’s worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means,” he adds. “Loose Tweets can cost lives. In the future, The Ministry of Defence must do more to ensure their guidelines on internet use are adhered to.”