Cryptic US Strategic Command tweet reveals dangers of working from home with kids in the way

Was it a coded message? The password for accessing nukes? Nope

A cryptic message sent from the Twitter account of the US Strategic Command, then deleted, could have been many things.

It read: ;l;;gmlxzssaw

Was it a coded message sent in plain sight? Was it a password to the systems used to control and fire America’s nukes that was copy-pasted in the wrong place?

It was posted on a Sunday, and was up for 30 minutes before a second tweet appeared: “Apologizes [sic] for any confusion. Please disregard this post.” Even more suspicious. Had the account been hijacked, possibly by a non-English speaker who misspelled “apologies”?


A mystery. Source: Twitter. Click to enlarge

Then both tweets disappeared. A cyber-tussle between one of America’s most terrifying and awesome departments and some unidentified third party? Had the silent cybersecurity war moved to Twitter?

No, as it turns out, it was a kid.

Eagle-eyed freelance journalist Mikael Thalen noted the strange message and decided to investigate further. He sent a freedom of information (FOIA) request to USSTRATCOM asking for any and all documentation surrounding the cryptic tweet.

Rather than wait the typical 20 days (or sometimes years) to receive a response, however, Thalen was surprised to receive a response in less than five hours: an unheard-of degree of responsiveness and possibly a world record. The response was even more surprising.

No written records

“This is in response to your 29 March 2021 FOIA request for records pertaining “Any electronic correspondence (emails. Messages), internal memos, or reports on the now-deleted tweet made by the official US Strategic Command Twitter account (@US_Stratcom) on March 28, 2021 with the text ‘;l;;gmlxzssaw’,” the response notes, before continuing: “I engaged with the Deputy Public Affairs Officer and there are no written records related to your request.”

But then some real actionable intelligence is revealed.

“The explanation of this tweet is as follows: The Command’s Twitter manager, while in a telework status, momentarily left the Command’s Twitter account open and unattended. His very young child took advantage of the situation and started playing with the keys and unfortunately, and unknowingly, posted the tweet.”

A pile of 5.25inch floppy disks

Good news – America's nuke arsenal to swap eight-inch floppy disks for solid-state drives


Ah, yes, the open laptop lesson, learned at some point by all parents and pet owners. Except very few of us have the public-facing social media account for American nuclear weapons readily accessible at the time.

But back to the Strategic Command response. In case any thought the military had gone soft, the response closes: “Absolutely nothing nefarious occurred, i.e., no hacking of our Twitter account. The post was discovered and notice to delete it occurred telephonically.”

Which to our minds means that the person in question left the laptop briefly, returned and saw the tweet, uttered an expletive, sent a panicked response. There may be regulatory reasons why the tweet wasn't deleted immediately but the use of the word "telephonically" suggests a quick (and possibly very loud) call from the boss.

The lesson? Kids can’t be trusted. ®

Similar topics

Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022