Go back

How the “STINKY” Wi-Fi Network Tanked a Senior Officer's Career on a US Navy Warship

The CSCPO aboard the USS Manchester tried to secretly install a Starlink system for limited use, bypassing strict operational security protocols. What started as a covert Wi-Fi network named "STINKY" quickly spiraled into an exposed scandal, leading to her demotion and severe consequences for the entire crew.

September 16, 2024

First of all, it is worth noting that ensuring reliable and secure communication where necessary is critically important for military units in modern conditions. Indeed, the use of Wi-Fi networks may initially seem like a convenient and straightforward way to access the internet, but it violates operational security (OPSEC) rules that prohibit transmitting any sensitive data through unsecured communication channels, creating serious security risks.

Government cybersecurity incident response teams provide recommendations that result in the implementation of policies and strict security protocols in public institutions. For government employees and related personnel, such rules can cause dissatisfaction, which sometimes leads to incidents where they take matters into their own hands, occasionally engaging in unauthorized actions to simplify certain tasks (or for entertainment), despite the risks to the confidentiality, integrity, and availability of information.

Command Senior Chief petty officer Grisel Marrero, the senior leader aboard the USS Manchester, fell into this trap after attempting such a stunt, leading to her dismissal in 2023 and a guilty plea during a military trial in the spring of 2024, where she was demoted to E-7 (CPO).

So, what happened, and why did it lead to such consequences?

At the beginning of 2023, while preparing for deployment, Grisel Marrero devised a plan to purchase a Starlink device for $2,800 and covertly install it on the ship's deck. The idea was to use it exclusively for a trusted circle of individuals—specifically, the ship's senior officers, not regular officers or crew members. Later, an investigation revealed that at least 15 senior officers were involved in the scheme.

The Starlink antenna was installed on the ship's O-5 level, an open area of the ship, where strong winds and weather conditions could be quite challenging. This was done during a period known as the "blanket aloft," a time when certain tasks are performed at height or near the edges of the ship, requiring sailors to use special safety harnesses to avoid falling. It should be noted that during such a period, actions are not recorded in ship logs or the deck officer's logs, meaning that any work done at this time was not officially documented, creating an opportunity to conceal the installation of the device.

Due to redacted reports, it is unknown who exactly installed the antenna, but it is known that Marrero activated the system the day before the ship sailed into the waters of the U.S. 7th Fleet’s area of operations. Upon realizing that the signal from the installed device was not strong enough to cover the entire ship, those involved made the situation even riskier by purchasing signal repeaters during a stop in Pearl Harbor.

According to the investigation, only Marrero could add others to the network and directly input the password on their devices.

Unauthorized deployment of a Wi-Fi network like the one Marrero initiated is strictly forbidden on a deployed U.S. Navy ship, especially in the western Pacific, where security issues are heightened due to ongoing cyberattacks from Chinese hackers.

The red arrow indicates where the unauthorized Starlink device is installed (official NAVI investigation)


So, what went wrong with what seemed like a well-thought-out plan?

The problem stemmed from a lack of attention to detail.

It wasn’t just a poor decision from an OPSEC standpoint, but it was also entirely thoughtless, as the Wi-Fi network was named “STINKY”, which most likely sparked rumors and raised questions among the crew.

According to witnesses, after officers and crew members started noticing and questioning Marrero about the network, she began making up stories, fabricating reports claiming that “STINKY” was used only while the ship was docked, where security risks were lower, and eventually instructed the network name to be changed to something resembling a wireless printer (which, as it turned out, the ship didn’t have—quite odd, isn't it?). In a further attempt to avoid responsibility, Marrero deleted questions about the network from the ship’s suggestion box.

Despite Marrero's efforts, rumors about “STINKY” continued to spread among officers and crew members, who began searching the ship. Several inspections organized by Cmdr. Colleen Moore and Cmdr. Samuel Moffett yielded no results until August 18, 2023, when a civilian contractor from the Naval Information Warfare Center, installing a sanctioned SpaceX “Starshield” system, discovered the unauthorized Starlink terminal “STINKY.”

Unsurprisingly, the story did not end well. Following a full Navy investigation, it was revealed that Marrero's attempt to cover her tracks with fake data had failed miserably. According to the investigation, the provided documents were poorly forged, and it was clear the system had been used for much longer than claimed.

Marrero asserted that she was motivated purely by moral principles, but the investigation emphasized that this claim “is undermined by the selective availability of Wi-Fi and its strict access control only to the CPO Mess”.

All senior officers involved in the scheme, who were aware and helped conceal it, faced administrative punishment at the Commodore’s mast.

It is important to note that, according to the investigation, Grisel Marrero's actions were driven purely by her personal interests rather than an intention to improve conditions for officers or fulfill  “official duties”. This highlights how dangerous it can be to neglect operational security (OPSEC) rules, even with seemingly minor intentions. The incident showed that such behavior primarily undermines trust within the team, but on a broader scale, it jeopardizes overall security, which is especially critical during military operations.

P.S. By default, the network name (SSID) of Starlink devices could be not only "STARLINK" but also "STINKY". Initially, this seemed improbable, but confirmation was found in several sources. Notably, Elon Musk confirmed this in a 2022 tweet, and Reddit users had seen such an SSID in real conditions. The archived version of the official Starlink FAQ from 2022 also included information that the Wi-Fi network could appear under the names "STARLINK" or "STINKY." However, in the current version of the FAQ, this name has been changed to just "STARLINK".

Author: Nessa, Cyber Journalist

Source: https://www.navytimes.com/news/

Photo: U.S. DepartmentofDefense/Navy Chief Petty Officer Shannon Renfroe

Subscribe to our bi-weekly Linkedin newsletter

Subscribe

You can support TheSIGN by becoming our SATELLITE. Click to learn more about sponsorship.