MoD admits secrets have leaked on social-networking sites
By Barry Collins
Posted on 25 Jan 2010 at 11:23
The Ministry of Defence has admitted that confidential information has leaked onto social-networking sites and the internet 16 times in the past 18 months.
The MoD also revealed that ten staff have been disciplined for "misuse of social media" in the past year and a half.
The information came to light after Lewis PR - which counts security firm F-Secure among its clients - sent a Freedom of Information request to the MoD.
It's worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means
The MoD's reply doesn't reveal the nature of the information that has been leaked onto the internet, nor detail the action taken against its staff.
The Ministry also refused to confirm whether any of the data leaks had led to its computer networks being compromised, claiming "it is not in the interest of the security of the MoD, or that of the public, to disclose detailed information pertaining to electronic breaches of security of the MoD's database or ICT systems".
It also adds that: "The Ministry Of Defence’s main networks do not permit access to internet-based social networking sites (including Facebook and Twitter), and this block has been in place for some years."
Nevertheless, it concedes that a "very small" proportion of MoD computers "dedicated for business use, outside of our major networks" do connect directly to the internet and do grant access to sites such as Facebook and Twitter.
Lowering their guard
F-Secure's chief research officer Miko Hypponen claims recent changes to Facebook's privacy settings make it even easier for leaks to occur. "It's amazing how many people drop their guard when they use social networking sites like Facebook and Twitter," Hypponen says.
"They might think they are confiding in friends or family when they go on Facebook. However, the recent changes in Facebook's privacy settings might make them disclose information to the world. This is a potential security risk.
"It's worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means," he adds. "Loose Tweets can cost lives. In the future, The Ministry of Defence must do more to ensure their guidelines on internet use are adhered to."
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Google Now draining iPhone battery
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software