Home » Cyber » Cyber Security Center » Top Secret Brit Laptop Stolen

Top Secret Brit Laptop Stolen

by christian on December 18, 2009

cyber-space-command

The theft of laptops with ‘top secret’ government and military data has become a punch-line in the UK.

There were 28 laptops lost or stolen in the last four months and 66 in total since January 1, 2009. Looking back over the last 4 years there were 658 that vanished. A major hunt is now on in London after a laptop crammed with secret data was stolen from inside the Ministry of Defense (MoD) nerve center. FROM THEIR HEADQUARTERS!

How embarrassing taken from right under the noses of the MoD leadership in Whitehall. If the theft of the laptop was not bad enough, the USB type encryption key needed to unlock the highly sensitive files was also taken. The loss was said to have occurred toward the end of November but news of the event did not leak out until late last week and was not confirmed until earlier this week.

The laptop was said to belong to a high-ranking RAF officer. One agency is reporting that a source inside MoD stated, “This has the potential to become one of the most serious security breaches at the Ministry for a very long time.” A spokesman for the MoD said that “an investigation by MoD police is ongoing and it would be inappropriate to comment further.”

I wonder if anyone told the MoD that you can equip your laptops with GPS and have your laptop phone home and even delete sensitive data?

FACT: The current MoD budget is 36,702 million

FACT: MoDs principal objectives are to defend the United Kingdom and its interests and to strengthen international peace and stability

FACT: In 2006 on average one in ten laptops were stolen.

Kevin Coleman

Share |

{ 29 comments… read them below or add one }

Solomon December 18, 2009 at 1:55 pm

Well I guess they can say good bye to getting the source code for the F-35 now.

Reply

Kevin December 18, 2009 at 2:23 pm

I was just in a meeting where this was discussed and a comment was offered that I could not resist posting.

"At this point, I would not give the Brits the code of a kiddie-car much less the F-35"

Reply

DavidB December 18, 2009 at 9:37 am

You guys act like its only the Brits. Yeah, like no computers have ever gone missing from the Pentagon or the dozens of other military installations we have around the world.

Reply

James Patmore December 18, 2009 at 5:15 pm

True, but half the time they dont allow information leaks about its occurrence.

I am still disappoint in my country.

Reply

elizzar December 18, 2009 at 2:57 pm

it would be interesting to see the figures for other western militaries certainly, i suspect (hope?) the british figures are around average, we just have a media that delights in pulicising our government failures (as is quite right) … a better question is why such data are kept on portable, easily stolen laptops and not a) properly securely encrypted if they have to be b) only kept on non-internet secure network mainframe system in the building you need multiple verifications to access from a fixed console etc. where i work we have access to confidential patient medical information. should i lose it, and it be later found it wasn't secured (ie. encrypted), i face i believe up to 7 years in prison. you never seem to hear of people losing military info getting sent down …

Reply

frank December 18, 2009 at 6:47 pm

Who could it be????Chinese, Russians, Israelis……

Reply

Frankly December 18, 2009 at 8:02 pm

It's a problem because there are incriminating photos of Him and his mistress on there.

Reply

DualityOfMan December 18, 2009 at 9:28 pm

The lesson here is an old one: physical security is the *first* rule of cyber security.

Reply

Kevin December 18, 2009 at 10:48 pm

No truer words were ever written! You have to combine physical and digital security.

Reply

Cannon Fodder December 18, 2009 at 11:13 pm

Duality, this sounds odd, but I agree with you 100%!

Reply

stephen russell December 19, 2009 at 3:46 am

I know in the US we had some stolen laptops.
But none like the Brits.
Scary.
Encrypt data Time & set timelocks on codes.
A-Z.
& lock laptops down

Reply

ryan December 19, 2009 at 4:19 am

depends on what was on the computer, then you can draw conclusions to who stole it. along with other security, try phony computers with false but, plausable intel if stolen it can mislead your enemy.

Reply

Cervantes LeRoi December 19, 2009 at 5:52 am

Everyone in Blighty is facepalming right now. What kind of chucklefucks have we got working there? I walk past the MoD sometimes and wonder what's inside. Must be Zippo's Circus.

Reply

zippy December 19, 2009 at 2:35 pm

Maybe someone should of thought of putting tracking devices in the lap tops for just such a thing to happen??. They make them why not use them????.

Reply

Joey December 19, 2009 at 3:18 pm

Zippy that would be great except for when some kid (or worse) hacks the network and finds out where all the secret computers are, hmm where should the bomb go off?

Reply

True Brit December 19, 2009 at 8:00 pm

Gentlemen……..

Please use the correct spelling. It is the Ministry of Defence not Defense.
British Ministry, British spelling please.

Thank you

Reply

James Patmore December 19, 2009 at 8:34 pm

Stop making the British look like obnoxious tits.

Ignore him the rest of you.

Reply

True Brit December 19, 2009 at 9:31 pm

I would refer to the US Department of Defense because that is what it is.
Nothing obnoxious about my approach whatsoever.

Reply

Steiner December 19, 2009 at 9:49 pm

MOD Leadership? that's a misnomer if ever there was one. I'm usually the first to laugh at this kind of incident but is this as bad as the article actually makes out?

Reply

Steiner December 19, 2009 at 9:50 pm

Whilst the loss of these 'tops is humiliating the impact on gaining the F35 is another matter. The RN with an aircraft carrier in support of US operations is better than the lack of one and the RN want that F35B, with the RR engine so they need the Source Code otherwise it's just an exocet target. Eurofighter can't launch from carriers. As distrusftul as I would be in Yankee shoes of giving the MOD any kind of source code, I don' t think this would be the main reason for denying that information. The more likely cause is that the MOD gave the Saudi's everything they needed to make the Eurofighter. Despite the superiority of the F35, the Eurofighter's still not something we'd like to see in the hands of any potential foe and once in Saudi hands, that's where it may well be headed.

You can have all the soft-ware security you need, but one foreign agent is all it takes to bypass the whole lot. Of course protecting the actual hardware is as important as the cyber-solutions. Thats a no -brainer.

Reply

Steiner December 19, 2009 at 9:50 pm

Tracking devices in laptops is obviously a good idea but equally expenisve and the desk-sucking blotter-jotters at the MOD are all about budget targets. Back to a three ministry system for a three service defence, I say.

However, whilst is embarrassing it's not the end of the world, it's just another MOD fuck-up and we've been putting up with that for some time now. There are contingencies for when info gets into the wrong hands, it'll blow over. We just have to sack a few civil sevants. :D

Reply

Nik December 21, 2009 at 9:24 am

The likelihood is that the laptop was stolen along with the crypto token, but the report doesn't state if the passphrase was also compromised. There are no in-service MOD approved laptop crypto solutions that do not require a passphrase. This doesn't make the loss trivial by any means but does reduce the risk of a serious breach (assuming the passphrase wasn't on a Post-It of course!)

As for the headline "facts", where does the 1 in 10 laptops stolen figure come from? Let me guess, a company that sells laptop security products. Since a number of high profile laptop and USB losses MOD have conducted extensive audits of such devices and the losses, while not insignifcant, are orders of magnitude lower — 130 out of 35,000 in 2007 (http://www.mod.uk/nr/rdonlyres/3e756d20-e762-4fc1… I suspect similar figures apply to other defence (and defense ;) organisations.

As for F-35 source code, so be it, I guess you'll have to fix it yourselves then :-)

Reply

Steiner December 24, 2009 at 1:37 pm

No, recent history has taught us that the MOD will just pay 1,000,000% more and the US will fix it.

Reply

hooiyewlim December 22, 2009 at 3:08 am

you know they should separate the secret data.
example .
data for project A.
all the data should separate to atleast 4 part give to 4 person to save in laptop.
incase one is stolen then the other 3 is safe

Reply

Brian B December 23, 2009 at 2:38 pm

Is it prudent security advise to suggest that the MoD equip "classified" lap­tops with GPS and have them phone home? In my experience such systems operate on proprietary networks run by the MOD. As such having them beacon might constitute a breach of policy and having a trusted communications link is may work in private industry, it is not the best security practice for defense and government related organizations, at least with nattional security related information systems.

By the by, your facts are interesting, but it would be helpful if you cited your sources rather than expecting us to take you at your word.

Reply

Rob December 28, 2009 at 5:36 am

On Wednesday before Christmas all servers at my job were disrupted for a short time. Never have seen them all go down at same time.

I come home and read Blackberry was also down for a period.

Today I now read

http://www.cnn.com/2009/TECH/12/24/cnet.ddos.atta

Unrelated but noticed in some of the popular mingames on myspace & facebook lately have people trying to get your name.. like to add as friend & neighbor to the game.

Meanwhile in Online gaming, extortion & corruptions continue unabated.

The spam machine rolls on, only hindered by some filters but continuously flooding the internet

I can google or wiki most any information anyone would need to know about our strategies, troop placements, & tactics.

Yet there is so little information available in areas our enemies exist.

I would think with our community of techno geeks much of this would been resolved long ago…

Reply

Rich April 18, 2010 at 12:21 pm

"Well I guess they can say good bye to getting the source code for the F-35 now."

I would damn well hope that we don't get it, and that's coming from a UK citizen!
We cannot be trusted with anything anymore and our MOD is a f**kin joke.

I wouldn't mind betting we're selling off data in a shady manner either to get funds for nu labour, after all our NHS has been seliing off our medicine that was meant to go to our people to foreign nations to make a fast buck!
And don't even mention the gold selling fiasco…

We are a completely broken nation.

Reply

Rich April 18, 2010 at 12:24 pm

"I know their must be a lot more cases like this one in the U.S but it gose unreported."

It would help if you had a one single shredd of evidence to back up your accusations instead of just a hunch.

Reply

AggyTater December 21, 2009 at 5:16 pm

Right on!
Hit 'em again, Osher!

Reply

Leave a Comment

Previous post:

Next post: