During the Second World War, so-called “atomic spies” in the United States, the United Kingdom and Canada inadvertently shared information about nuclear weapons production and designs to the Soviet Union. However, even today, exactly what was given, or whether everyone even suspected of providing the information actually did so, remains a matter of debate.
Now America’s adversaries may have gained access to some current nuclear secrets not because of espionage efforts or even as the result of leaks from an individual. No, instead human error is to blame – and it happened because of online training tools and the ability to use Google!
According to a report from the independent “citizen journalist” website Bellingcat.com, U.S. Airmen who were tasked with the custody of nuclear weapons at military bases in Europe inadvertently shared classified details online after using publicly visible flashcard learning apps. The Airmen had relied on the apps to help learn the complex security protocols – which can be lengthy, detailed and must be known by heart. The flashcards included classified information to help the Airmen pass their qualification tests.
Now it seems that this mistake has resulted in the leak of sensitive security protocols about U.S. nuclear weapons including where the weapons are based and even in which storage bunker.
Digital flashcards work much like their analog namesakes, and have become popular among students preparing for exams, while many businesses now use them to train employees as well. The training tools may have helped the Airmen, but a very serious problem is that these apps made publicly available those secrets.
It didn’t take a rocket scientist to discover the classified information either.
Simply by searching online for publicly known terms that are associated with nuclear weapons, Bellingcat was able to discover the cards used by military personnel who are serving at all six of the European military bases reported to store nuclear devices. Searches for acronyms related to nuclear operations such as “PAS,” “WS3” and “vault” with the air bases in Europe directed researchers to flashcard platforms including Chegg, Cram and Quizlet.
Some of the flashcards that uncovered during the course of the website’s investigation had reportedly been publicly visible online as far back as 2013, while other sets detailed processes that were being learned by users until at least April 2021. The researchers informed the DoD about the presence of the flashcards, which have now been taken down. However, as many have learned in the most unfortunate way, everything is forever online and some of the cards could still be accessed via website such as the Internet Archive and the Wayback Machine.
“In the old days the saying was ‘Loose lips sink ships,'” quipped technology analyst Roger Entner of Recon Analytics.
“When soldiers get careless the consequences are significant,” Entner told ClearanceJobs. “Using civilian apps is just careless. The reach of the carelessness that used to be just in a pub now reaches around the planet when it is done via the Internet.”
Exactly what can be gained remains debatable. Anyone who actually saw the information really couldn’t have done much with it. While perhaps the flashcards could have theoretically aided in an “Ocean’s 11” style nuclear heist, the fact remains that even if successful – a true unlikelihood – built-in safety features could have prevented anyone from actually using the weapon.
However, this should still be seen as a very real concern given that it contained nuclear secrets including the bases where weapons are believed to be stored.
“The leaks of security protocols are the most concerning,” explained Matthew J. Schmidt, PhD, associate professor of national security and political science at University of New Haven.
“But the military should thank Bellingcat for exposing these breaches of critical procedures because now that we know, many are easily fixable,” Schmidt told ClearanceJobs. “Duress words can be easily changed, and most of the other information is politically sensitive but not likely to pose a long-term threat to the security of nuclear facilities. But make no mistake, this reaffirms that the weakest link in our nuclear weapons system is people. If you can’t figure out that online study aides aren’t secure, it makes one wonder if you should be entrusted with the most powerful weapons ever created. And if senior leadership can’t manage personnel born and raised in the era of social media, it should teach itself how, quickly.”