Ministry of Defence leaks weapons in cybersecurity mistake

In an astounding display of I.T. illiteracy, the Ministry of defence has this week accidentally publicly posted research regarding secret weapons. 

As reported by the Daily Mail, documents which were supposed to be classified were leaked to the public as a result of a “copy and paste” error. The plans included details into weaponry which is alleged to be destined for future use by the British special forces. 

Ex-Army officer and Tory MP Tobias Ellwood confirmed that the weapons leak, stating that they were indeed intended for use by UK forces, “It is evident this contract relates to highly technical weapons systems that will be used by our special forces”. Explaining the importance of confidentiality within the defence sector, he continued by saying, “'And when new kit is brought on line, it introduces new tactics and protocols, which again give our elite forces the edge over adversaries. That is why details are redacted.'” 

Commenting on the aftermath of the incident, Ellwood called for the Ministry of Defence “to ascertain how many other documents have been redacted and published in a similar way”. 

This leak of data comes as a stark reminder to all organisations which rely on confidentiality to uphold their integrity that all procedures put in place can be undermined by human error- in this case a lack of cyber-awareness from an employee. 

The Ministry of Defence (MoD) stated “due to a technical issue some redacted material was readable. This has been addressed”. However, the MoD did not comment on the nature of the error, and some people think labelling a seemingly human error on a technicality can be damaging. 

Speaking to Silicon, cybersecurity specialist Jake Moore stated,  

“Blaming such errors on technical issues can aggravate the problem; it is often better for people to own up to the error of their ways.” 

“Automation can help in securing the majority of an organisation but there will always remain a certain amount of human interaction which can often not be predicted, so vigilance and awareness are key […] like with many situations, this particular mistake had not been checked with the mindset of a hacker before it was sent out, which caused the release of highly sensitive data.” 

This incident just goes to show that without the correct cybersecurity training, an organisation’s cybersecurity is only as strong as their weakest employee, and that in an ever evolving cyber landscape, the importance of good online practices has never been higher.