In the directory of the wide web represented by the Internet, every country in the world has its own Top level domain, a domain extension in French, such as “.bf” for Burkina Faso or “.fr” for France. Unfortunately for the U.S. military — the only one in the world with its own extension — its top-level domain, “.mil,” is close to Mali’s “.ml.”
As an essay Financial Times This Monday, July 17th, it didn’t take much more than this simple weird letter to accidentally leak hundreds of thousands of emails from the US military to Mali. For the past ten years, a constant stream of emails have been sent to the “.ml” domain following a typo in “.mil”.
Conclusion of Agreement
Fortunately for the US military, Mali’s domain has so far been managed by a Dutch entrepreneur, Johannes Zurbier, who took charge of Mali’s country code in 2013 for a ten-year term, as the British newspaper notes.
When his contract expires on Monday, July 17, Malian authorities will regain control of the “.ml” domain so they can collect malicious emails. This represents a “real danger of being exploited by America’s adversaries,” notes Johannes Zurbier in a letter to US officials in early July. For six months, the latter has been collecting hacked emails to persuade the Pentagon to take the issue seriously.
However, according to the information Financial Times, Johannes Zuurbier has nearly 117,000 hijacked messages, nearly 1,000 of which came on Wednesday alone. While most of the messages are spam and none are classified as “secret-safe,” some contain highly sensitive data about U.S. service personnel, contractors, and their families.
Medical data, identification documents, ship crew lists, base crew lists, facility maps, base photos, fleet inspection reports, contracts, criminal complaints against employees, internal bullying investigations, cruise itineraries, tax and financial records… some emails are nothing short of interesting. to potential enemies.
“If you have that kind of sustained access, you can generate intelligence even from unclassified information,” he said. at Financial Times Mike Rogers, former head of the US National Security Agency (NSA).
For the US admiral, “it’s not uncommon for people to make mistakes, but the question is one of scale, duration and sensitivity of information. Especially when these fall into the hands of Mali, whose middlemen have made Vladimir Putin’s Russia their new privileged partner.”
Benefit to Mali
“Dealing with a failed domain name administrator is one thing, however. It’s another thing when a foreign government sees it as an advantage they can use,” warns Mike Rogers.
The data flow reveals that apart from regular mistakes by travel agents working in the military, employees who send emails to each other are also problematic. An FBI agent with a naval role tried to send six messages to his military email address — and accidentally sent them to a Malian extension. There was an urgent Turkish diplomatic letter to the US State Department regarding possible actions by the Kurdistan Workers’ Party (PKK) against Turkish interests in the US.
Asked about the issue, Pentagon spokesman Lt. Col. Tim Gorman said the Defense Department “takes seriously all unauthorized disclosures of controlled national security information or unclassified controlled information.” The Malian government did not respond to requests for comment. of Financial Times.
“Certified food fanatic. Extreme internet guru. Gamer. Evil beeraholic. Zombie ninja. Problem solver. Unapologetic alcohol lover.”