On Monday, the Pentagon confirmed that a common typo in the United States military has resulted in the misdirection of several sensitive emails and messages to Mali, a country in Africa. Check out more details about this.
Typo leads to disaster
The shared information includes official travel schedules and reservations, medical data such as X-rays, identity document information, lists of personnel for military vessels and bases, financial and tax records, pictures of military bases, inspection reports, installation maps, allegations of personnel misconduct, and internal investigations into bullying.
A serious problem has arisen due to the U.S. military’s use of the “.MIL” domain name for emails, which is often mistakenly typed as “.ML,” the domain reserved for Mali. This mistake has resulted in a significant leak of sensitive but unclassified information, including diplomatic documents, tax returns, passwords, and travel details of high-ranking officers. The Financial Times has reported on this issue.
Pentagon tries to address the issue
To address this problem, the Pentagon has released a statement acknowledging the severity of the situation. The statement explains that emails sent outside of the “.MIL” domain are typically blocked. However, it is difficult to prevent the use of personal email accounts for government business through technical controls. Despite this, the Department of Defense is actively providing guidance and training to DoD personnel. The DoD Chief Information Officer’s office is overseeing the matter.
Back in 2013, there were reports of leaks, which were first brought to light by Johannes Zuurbier, a Dutch entrepreneur who was managing Mali’s domain. Zuurbier shared with the Financial Times that he had collected an alarming number of emails, totaling at least 117,000, that originated from within the Pentagon just from January of that year alone, and even more from previous years. He expressed concerns over the potential risk posed by this situation, warning that adversaries of the U.S. could potentially exploit the leaked information.
There is an additional complication in the matter. Zuurbier has a ten-year contract to manage Mali’s domain, which is about to expire. Control of the domain will soon return to the Mali government, which is closely allied with Russia. This raises concerns about how the domain will be managed and secured in the future, given the potential involvement of a country allied with Russia. Zuurbier has spoken with a range of government representatives, including a defense attaché in Mali, a senior adviser for the U.S. National Cyber Security Service, and several White House staffers.
