Supposedly, one of the biggest distributors of CSAM is US military networks. If you have access to them, you're not supposed to go trawling around just looking being curious because there's officially "need to know" stuff out there (and you don't need to know). Which makes it a great place to hide that sort of stuff.
I can’t speak to that generally, but in my anecdotal experience in 22 years in the US Military (in IT for most of that):
I dealt with one case that was completely horrific, and two minor. The horrific case involves the PRODUCTION of CP using other service members children via the spouses daycare, then distribution from our network. The other two were relatively simple storage/redistribution via workstations.
It happens, but from my viewpoint if it’s that rare it must be extremely rare elsewhere if your statement is true.
