US Defense Contractors Stole Images From UK Secret Surveillance Station

Croughton is home to the USAF 501st Combat Support Wing (pictured).

In 2013, RAF Croughton was implicated in routing back to Washington the NSA phone tap on German chancellor Angela Merkel. 

In March 2016, a major upgrade to RAF Croughton's Satellite Communications (SATCOM) was revealed when the UK Defence Infrastructure Organisation (DIO) and prime contractors Mott MacDonald and HLM Architects submitted a very detailed planning application to South Northamptonshire Council.

The plans show a new windowless mission building "PL1" (Priority Level 1) and an antenna field comprising six new "golf ball" radomes, to provide the next generation of US DoD command and control data and voice lines to military operations.
This is known collectively as the Joint Intelligence Analysis Complex (JIAC).

In a major embarrassment to US and UK military authorities, Mott MacDonald and HLM Architects decided it would be a good idea to lift from this website an exclusive copyright protected aerial image of the existing antenna radomes at RAF Croughton, without prior permission, payment or even any accreditation (pictured).

It is used in Section 2.3, "Site Analysis" of the application's Design and Access Statement document, complete with protective watermarking. 

Alan Turnbull, a security researcher who operates the website Secret-Bases.co.uk, approached senior management at each company for comment in early December 2017. They refused to respond to emails and calls for almost a week, until finally being prompted by an approach by technology news outlet The Register, eager to run a story. It made it to infamous rogue US secrecy-busting website Cryptome, with the headline "RAF Croughton spies caught"!

Imagine the newspaper headlines dropping on someone's desk in Whitehall: "US Department of Defense contractors steal from UK Secret Bases website". So much for the "special relationship".  

More seriously, it is concerning that major defence contractors with such lucrative projects have such a poor grasp of corporate governance and due diligence procedures. 

Summary and Conclusions. Serial offenders, it seems, and US DoD / UK MoD seem quite happy to deal with contractors who don't bother with time consuming concepts like "due diligence".

Secret Bases:

You Might Also Read: 

Pentagon ‘Misleads’ Over Location of UK Intelligence Centre:

"Torus" Reveals an Expansion in 5 Eyes Surveillance:

Israeli Drone Hacked By Five Eyes Intelligence:
 

« Ethiopian Cyber Spies Left Clues Behind
Very Few Women Are CISOs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alarum Technologies

Alarum Technologies

Alarum Technologies (formerly Safe-T) is a global provider of cyber security and privacy solutions to consumers and enterprises.

Logically Secure

Logically Secure

Logically Secure provide penetration testing and security assessment services.

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

Resilia

Resilia

RESILIA is a comprehensive portfolio of tools and training to help your organization achieve global best practice in cyber security.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

Aura

Aura

Aura is a mission driven technology company dedicated to creating a safer internet for everyone. We’re making comprehensive digital security that's simple to understand and easy to use.

Extreme Networks

Extreme Networks

Since 1996, Extreme has been pushing the boundaries of networking technology, driven by a vision of making it simpler and faster as well as more agile and secure.

MyKRIS Asia

MyKRIS Asia

MyKRIS specialise in providing and managing Internet network services and cyber security services to enterprises.

TachTech

TachTech

TachTech is passionate about trust, security and privacy in the digital world. We create tailored security and compliance solutions to improve your business.

Cypago

Cypago

Cypago provides a powerful yet easy-to-use Compliance Orchestration Platform to automate the compliance process end-to-end.

Tracer

Tracer

Tracer (formerly Appdetex) is a next-generation brand protection solution. It constantly finds, analyzes, and stops brand abuse across Web2 and Web3 digital channels.

Grypho5

Grypho5

Grypho5 offers managed packages to protect where threat actors strike most. We defend your infrastructure dynamically, leaving you to focus on other priorities.