US soldiers stationed at military bases armed with nuclear weapons were accidentally revealing secret protocols online for years, a report by investigative journalist outlet Bellingcat revealed.
In order to mitigate the threat of any potential attack or emergency situation, soldiers stationed at military bases with nuclear weapons are tasked with memorizing security protocol by heart.
As per Bellingcat's investigation, it turns out that a number of soldiers were using flashcard learning apps to memorize these protocols — the trouble is that any flashcards loaded onto the apps are available for the public to see.
These flashcards contained detailed classified information, such as the specific vaults in which nuclear weapons were held. The Bellingcat report revealed that information such as passwords, security procedures, and even security camera locations were revealed by the publically available flashcards in a shocking security oversight.
'These weapons are not secure'
How did the reporters find the information? They explained that it was as easy as going on Google and typing a few nuclear-related military terms including "PAS," "WS3," and "vault" alongside the names of air bases in Europe. These searches led to free flashcard platforms including Chegg, Quizlet, and Cram.
The reporters then cross-referenced information from the flashcards with other images and reports shared online and were able to verify that the flashcards did, indeed, reveal correct information about the military bases.
"This is yet one more warning that these weapons are not secure," Jeffrey Lewis, director of the East Asia Nonproliferation Program at the James Martin Center for Nonproliferation Studies, said to Bellingcat.
The most recent flashcards found on the apps are dated April 2021, while some go as far back as 2013.
It's not the first time military bases have been compromised by soldiers' poor digital practices. In 2018, the Pentagon banned fitness trackers for military personnel after it was revealed that soldiers were revealing the layout of bases with their publically available running data. Bitcoin mining and gambling apps were also recently banned for the US Marine Corps due to cybersecurity concerns.
Don't be surprised to see a ban on flashcard learning apps added to that list sometime soon — when Bellingcat reached out to the military for comment, all of the flashcards were removed.