As the UK and the US look to walk away from 20 years of conflict in Afghanistan, cyber security experts say abandoned embassies pose a small cyber risk.
“Realistically, any cybersecurity impacts from the rapid evacuation are minimal to non-existent,” says Jake Williams, a former member of the U.S. National Security Agency’s elite hacking team. He said: “However, this is only because of lots of planning and practice with equipment and document destruction. Even if the situation on the ground moved faster than anticipated, these facilities would have prioritised lists of what to destroy first.”
The Taliban is not likely to be a cybersecurity threat to the U.S. because the group is focused primarily on establishing control of the Afghanistan government, security experts say. Frank Downs, a former NSA offensive analyst, notes: “Based upon the operating procedures of the Taliban in the past, it would be hasty to assume they are an advanced cyberthreat.
“Several physical mechanisms are in place to ensure the thorough destruction of all systems holding classified information within U.S. buildings.
“They are maintained and ready for immediate implementation at any time. These destructive mechanisms, which involve incendiary mechanisms, thoroughly ensure that all information on the systems is destroyed. In almost all cases, those systems are destroyed along with the data resident on them.”
The US and the UK government’s have a well established evacuation plan – meaning the shredders will be working overtime. Mr Downs added: “In addition to executing the full withdrawal of its forces, the U.S. military must ensure the proper removal of sensitive data from the equipment it plans to either retrograde back to the United States or dispose of in theater,” the notification states.
Dr. Kenneth L. Williams, executive director of the Center for Cyber Defense at American Public University System, notes, however, that because securing or destroying sensitive data is no simple task, there’s always the risk that some was left potentially accessible.
“One of the greatest threats is derived from the equipment left by the U.S. Often, when countries such as the U.S. leave in a hurry, there is little time to sanitize documents and equipment, contributing to a cybersecurity threat.”
But other cybersecurity experts are confident that all sensitive documents and equipment were likely removed or destroyed, leaving little or nothing for the Taliban to recover. He added: “The greater concern for cybersecurity comes from the compromise of the overall telecommunications infrastructure in Afghanistan.”