Discord in the ranks: Lone Airman behind top-secret info leak on chat platform
Poor cybersecurity hygiene in the military? Surely not!
There was only one US Air National Guardsman behind the leak of top-secret US military documents on Discord, but his chain of command bears some responsibility for letting it happen on their watch.
The US Air Force reached that conclusion in an August report [PDF] made public yesterday into the actions of Airman 1st Class Jack Teixeira, who was arrested in April on suspicion that he had stolen and shared classified military documents on a private Discord server that later found their way to the wider internet – and, presumably, into the hands of foreign governments.
According to the USAF's investigation, Teixeira was the only person directly involved in the leaks, which he began sharing with his fellow Discorders as early as February 2022.
Teixeira was a member of the 102nd Intelligence Wing (102 IW), working as a computer/IT specialist until his arrest. His work performing systems maintenance on the Joint Worldwide Intelligence Communication System (JWICS), classified as a Top Secret-Sensitive Compartmented Information (TS-SCI) platform, gave him the ability to "view intelligence content and analysis ... on those systems," the USAF said.
While Teixeira appears to have acted alone, there were as many as four occasions in which he displayed warning signs that members of his unit recognized yet failed to act upon.
Per the USAF report, Teixeira "was observed viewing intelligence content on TS-SCI websites" in August 2022, and while his supervisor was informed, the incident wasn't otherwise documented.
A month later he was again spotted viewing intelligence documents while writing information on a Post-It note. While Teixeira was confronted, told to shred the note, and the incident was documented in writing, "it was never verified what was written on the note or whether it was shredded." Neither the Post-It incident nor the August incident were reported to security officials, the USAF found.
- US military battling cyber threats from within and without
- US Navy sailor admits selling secret military blueprints to China for $15K
- US, NATO military plans leak: Actual war strategy or pro-Kremlin shenanigans?
- US govt IT help desk techie 'leaked top secrets' to foreign nation
In October 2022, "Teixeira asked very detailed questions and even attempted to answer questions using suspected TS-SCI information he did not have a need to know," the USAF said. His supervisor was informed of "suspected intelligence-seeking behavior" and Teixeira was told to cease and desist his intelligence deep dives. Again, the incident was documented but no security official was informed.
It wasn't until January 2023 that higher-level unit leadership was made aware of Teixeira's behavior when he was caught viewing intelligence content yet again and his supervisor decided to inform squadron leadership.
A "substantially minimized" version of leadership concerns were passed to security officials, but no copies of the memorandums for record "or an accurate description of the security concerns" were included.
"As a result, additional available security actions were not taken and no further inquiry or investigation occurred," the report found. Had Teixeira's leadership, particularly three people in his direct chain of command, come forward "the length and depth of the unauthorized disclosures may have been reduced by several months."
In addition to the direct leadership failure to stop Teixeira's actions, the USAF report found several systemic failures in his unit's structure that contributed, including a lack of supervision of the night shift on which Teixeira served. Additional failures included no permissions controls to monitor print jobs (Teixeira allegedly printed documents), inconsistent "need to know" guidelines, and a failure to properly consider information on background checks.
Air Force takes action
Along with Teixeira's imprisonment and pending trial, 15 Air National Guard leaders have been disciplined for their failure to act, ranging from non-commissioned officers all the way up to high-ranking leadership.
Colonel Sean Riley, 102 IW commander, was relieved of his command, while Colonel Enrique Dovalo, 102nd Intelligence, Surveillance and Reconnaissance (ISR) Group commander, received "administrative action for concerns with unit culture and compliance with policies and standards."
Commanders previously suspended during the Teixeira investigation were permanently removed, and the entire 102nd ISR Group has been taken off mission and its duties reassigned.
The USAF has also undertaken reforms to its need-to-known and classified data access standards, the branch reported.
"Every Airman and Guardian is entrusted with the solemn duty to safeguard our nation's classified defense information. When there is a breach of that sacred trust, for any reason, we will act in accordance with our laws and policies to hold responsible individuals accountable," said Secretary of the Air Force Frank Kendall. ®