Sensitive documents from the Royal Malaysian Navy (RMN) and a host of stolen military-related information from other countries ended up on a Dark Web portal last month.
Other leaked documents supposedly belonged to the Nigerian Navy, United States Army and Air Force, as well as various defence contractors.
In April, the Armed Forces of the Philippines also confirmed the existence of a leaked internal memo on troop deployment to help enforce a lockdown amid the Covid-19 outbreak.
While such data breaches may seem shocking, leaked military documents are not uncommon, security and intelligence experts told The Straits Times.
Mr Mikko Niemela, chief executive of Cyber Intelligence House, said military and intelligence documents are like any other confidential document from a value perspective.
“The reason why they are often seen in ‘specialised’ markets or forums (on the Dark Web) is because it makes it easier for the potential clientele to access that information,” Mr Niemela said.
Unlike the “surface Web” of websites and information that can be found via search engines like Google, a Dark Web portal can be accessed only via a special browser and specific URL address.
Payment for the documents is usually made in bitcoin as such transactions offer anonymity to both seller and buyer.
In the RMN’s case, about 70 documents were uploaded onto the website. It is not known if whoever was responsible for this intended to sell or share the information. But ST understands that the information gathered was from a few sources who had hacked into e-mail accounts of military personnel.
Among them were documents pertaining to troop strength at several Malaysian navy and army bases during a holiday last year; senior and junior navy officers charged with corruption, drug consumption and being absent without leave; and naval exam requirements.
There was also a US diplomatic letter dated July last year requesting that a US Navy ship be berthed at a Sabah port last August. It provided details on the ship’s radar equipment and frequencies used.
The same website also provided links to confidential files from hacked e-mail accounts of Nigerian navy personnel and European and Indian defence contractors.
Maintenance manuals for the MQ-9 Reaper drone and US M1 Abrams tank were available too.
In the last five years, Mr Niemela’s research has led him to military documents such as blueprints for a fighter jet, radios and drones; logistics and supply chain information about defence vendors; pricing information and peacekeeping operation information.
While classified data usually comes with a price tag, some hackers offer the information free, said Mr Muhammad Faizal Abdul Rahman, a research fellow at the S. Rajaratnam School of International Studies.
“To understand a ‘hack and leak’ cyber attack, it is essential to assess the intention of the possible attackers, who may be either state-sponsored or patriotic hackers,” Mr Faizal said.
“In South-east Asia, cyber espionage against military agencies is not unusual, in part due to tensions arising from overlapping claims in the South China Sea.”
Stolen information may also be leaked if the victim refuses to pay a ransom.
Exposed military secrets floating in cyberspace can be detrimental to a nation’s security. This is because the information resides where criminal and terror networks are known to coexist with other illicit activities involving drug trafficking, pornography, fake currency, weapons trafficking and terrorist communication.
Added Mr Faizal: “The way the data is weaponised could undercut national defence by revealing military strengths and weaknesses, serve as compromising information that an adversary could use to recruit military officers as spies, and undermine the people’s confidence in their political leadership.”
But retrieving the stolen data – usually presented as samples – could contribute to the cycle of cybertheft.
Straits Times