Ministry of Defence reveals 16 information leaks in the last 18 months due to social networking use
A joint investigation has led to revelations that Ministry of Defence staff and military personnel leaked secret information 16 times on social networking websites and internet forums in the last 18 months.
Following a Freedom of Information request tabled by Lewis PR and F-Secure to the MoD, it revealed the amount of incidents but declined to comment on whether any computer networks had been compromised as a result of staff using social media.
Spokesperson Susie Myatt said: “It is not in the interest of the security of the MoD, or that of the public, to disclose detailed information pertaining to electronic breaches of security of MoD's databases or ICT systems.
“Disclosing such information would enable criminals and those who would attempt to cause disruptive threats to the MoD to deduce how to conduct attacks and therefore potentially enhance their capability to carry out such attacks.”
The MoD also confirmed that it does not permit access to internet-based social networking sites, (including Facebook and Twitter), and this block has been in place for some years.
Myatt said: “Within the MoD there are a (proportionally very small) number of computers dedicated for business use, outside our major networks, that connect directly to the internet.
“These may allow access to social networking sites (as they do not go through the same filter), and some of these machines may have occasionally been used to access social networking sites, but no central records are held of the amount of time that each of these machines access particular websites.
“There are, in some military bases, internet cafés or similar facilities which enable personnel to access the internet when off duty, including as part of the welfare package for personnel in remote or deployed locations who cannot access the internet any other way, and some of these will allow access to Facebook, Twitter etc.”
The MoD confirmed that it does not monitor the profiles of employees or prospective employees on social networking websites.
When asked what disciplinary actions have been taken against employees for the misuse of social media in the past 18 months and how many have been disciplined, Myatt said: “Service personnel are dealt with under Warnings and Sanctions or Service Law. The number of service personnel who have been disciplined in the last 18 months is ten (this figure has been rounded).
“Civilian personnel in the MoD could receive informal or formal disciplinary action. The level of detail you requested, disciplinary action for the misuse of social media, is not held centrally. The Freedom of Information Act does not require us to change any system or process used by the Ministry of Defence or the Armed Forces to fully respond to requests for information, therefore we are unable to meet this part of your request.”
Mikko Hypponen, chief research officer at F-Secure, said: “It's amazing how many people drop their guard when they use social networking sites like Facebook and Twitter. They might think they are confiding in friends or family when they go on Facebook. However, the recent changes in Facebook's privacy settings might make them disclose information to the world. This is a potential security risk.
“In the future, the MoD must do more to ensure their guidelines on internet use are adhered to.”