A series of previously unreported break-ins at Tennessee National Guard armories last fall highlights escalating security vulnerabilities across U.S. military facilities, igniting serious concerns over the susceptibility of these sites to theft and unauthorized access.
Confidential information obtained from the Tennessee Fusion Center reveals that four break-ins occurred at various National Guard armories within a seven-week timeframe. Thieves succeeded in stealing items such as night vision equipment, laser-targeting devices, and thermal weapon sights, among other sensitive gear. Reports indicate intruders managed to breach security measures, including fencing and alarms, and entered supply rooms that were left unlocked.
Some break-ins suggest possible insider assistance. For example, in Covington, there are indications that intruders had prior knowledge of the location of a secure key control box. At other locations, individuals attempted to bypass security alarms and entry protocols, suggesting a coordinated effort.
While the memo underscores that no weapons were reported stolen, a government anti-terrorism coordinator emphasized the severity of these incidents. The coordinator stated, “These events are concerning not just because of the sensitive nature of the stolen items, but also due to indications that insider knowledge facilitated the breaches.”
The memo, first revealed by the nonprofit organization focused on governmental transparency, was provided exclusively to WIRED. Investigations into these break-ins are ongoing, attracting the attention of the Pentagon’s Office of the Provost Marshal General, the primary law enforcement entity for the U.S. Army. A senior police source has indicated that the FBI is leading the investigation, though the agency has not confirmed this publicly.
FBI policy generally restricts confirmation or denial of investigations unless exceptional circumstances arise, such as cases involving missing persons or bank robberies. A public affairs officer at the FBI remarked that the current inquiry does not meet this exception, rendering it inappropriate for commentary.
Initially characterized as isolated violations, the memo draws upon extensive reporting from the FBI and Department of Defense concerning “domestic violent extremists” (DVEs) who have targeted armories for theft of weapons and military gear—further indicating a potential organized effort. Domestic intelligence has identified violent militia groups and racially motivated extremists looking at armories as accessible targets.
The memo cites a worrying trend where, from 2020 to 2024, at least four subjects with FBI connections discussed plans to raid military sites for heavy weaponry, including machine guns. Three individuals had verified military backgrounds, with one—a former Guard member—specifically naming armories where he served and providing insight on exploiting their security. It is unknown if any legal actions resulted from these discussions.
Extremist communications referenced in the document illustrate ambitions to exploit these vulnerabilities. For instance, a Telegram user linked to a militia sought assistance from sympathetic firefighters to assess armory weak points. Additionally, an active-duty tank commander boasted he could persuade an armorer to hand over weapons, while another individual discussed seizing mortars from a Guard facility.
From a cybersecurity standpoint, the tactics and techniques hint at potential MITRE ATT&CK classifications such as initial access and privilege escalation, indicating a premeditated strategy to infiltrate secured environments. As threats evolve, protecting sensitive military sites necessitates enhanced vigilance and coordination between security agencies to address and mitigate these vulnerabilities.
