Geo News

Mali-tary: Typo routes millions of US military emails to Mali — a Russian ally

Emails included maps of US military facilities, financial records, documents pertaining to official trips with diplomatic messages

By
Web Desk
|

July 18, 2023

The Pentagon in Washington, DC, can be seen in an aerial view. — AFP/File
The Pentagon in Washington, DC, can be seen in an aerial view. — AFP/File

Millions of emails containing sensitive information such as passwords and medical records have been mistakenly sent to the West African country Mali because of a minor typo, according to media reports.

The emails which were to be sent for the US military domain ".mil" were sent to a domain named ".ml" suffix.

The US defence institution Pentagon said it had taken steps to address the issue.

The issue was identified by a Dutch internet entrepreneur Johannes Zuurbier more than 10 years ago, according to Financial Times.

Since 2013, the entrepreneur has had a contract to manage Mali's country domain and, has reportedly tens of thousands of emails in recent months.

Although none of the emails mentioned were classified, they included maps of US military facilities, financial records, and documents pertaining to official trips with diplomatic messages.

This month a letter was written by Zuurbier to US officials in which he said that his contract with the Mali government was due to finish soon, meaning "the risk is real and could be exploited by adversaries of the US".

Mali's government is to take control of the domain Monday.

US former and incumbent officials noted that military communications that are marked "classified" or "top secret" are conveyed through separate IT systems so that they could not be compromised.

Steven Stransky, a lawyer who previously served as senior counsel to the Department of Homeland Security's Intelligence Law Division, said that even seemingly harmless information could prove useful to US adversaries, particularly if it included details of individual personnel.

"Those sorts of communications would mean that a foreign actor can start building dossiers on our own military personnel, for espionage purposes, or could try to get them to disclose information in exchange for financial benefit," Stransky said, adding that "it's certainly information that a foreign government can use."

Lee McKnight, a professor of information studies at Syracuse University, said he believed the US military was fortunate that the issue was brought to its attention and the emails were going to a domain used by Mali's government, rather than to cybercriminals.

He added that "typo-squatting" — a type of cybercrime that targets users who incorrectly misspell an internet domain — is common.

"They're hoping that a person will make a mistake and that they can lure you in and do stupid things," he said.

Trump calls India 'very big abuser' on trade
Trump calls India 'very big abuser' on trade
Which Hezbollah and Hamas leaders have been assassinated since October Gaza war?
Which Hezbollah and Hamas leaders have been assassinated since October Gaza war?
FBI probes suspicious packages sent to election officials across US
FBI probes suspicious packages sent to election officials across US
IIOJK holds first provincial polls in a decade
IIOJK holds first provincial polls in a decade
Presidential polls: US judge warns of election-year risks of foreign hacking
Presidential polls: US judge warns of election-year risks of foreign hacking
Modi govt sued for assassination attempt on Khalistan lawyer with 'murder for hire' plot in New York
Modi govt sued for assassination attempt on Khalistan lawyer with 'murder for hire' plot in New York
WATCH: Boeing 777 aircraft's epic road trip from Jeddah to Riyadh video
WATCH: Boeing 777 aircraft's epic road trip from Jeddah to Riyadh
10 killed, several injured in Iran bus crash: report
10 killed, several injured in Iran bus crash: report