Millions of Sensitive American Records Emailed to Mali, Not the Military
Millions of American military emails containing sensitive information have landed in inboxes in the North African nation of Mali. These emails have included sensitive passwords, crew and staff lists, maps of installations, information on internal and criminal investigations, and much more.
The Financial Times reports that “Despite repeated warnings over a decade, a steady flow of email traffic continues to the .ML domain, the country identifier for Mali, as a result of people mistyping .MIL, the suffix to all US military email addresses.”
Internet users continue to prove themselves unable to avoid cyberthreats – even in high-stakes environments. Indeed, most data breaches involve some human error. While mistyping a domain name seems like an avoidable and careless mistake, avoiding all cybersecurity threats requires an inhuman meld of high-level technical expertise, attention to detail, and unwavering focus. Additionally, policymakers and cybersecurity professionals must contend with the fact that few human beings are never careless, and all are imperfect.
Most consumers understand their own weaknesses, and many tech companies have marketed their brands on robust security. Unfortunately, some security features – e.g., limitations on sideloading and sensitive data sharing – irk would-be micromanagers in Washington. And besides inflating prices and limiting consumer choice, bills like the reemergent the American Innovation and Choice Online (AICO) Act would force the tech industry to raze many of the cybersecurity features that protect consumers.
This coalition of lawmakers, regulators, and advocates seek to hamstring the largest online platforms in the name of ensuring “fair” competition. (Though their efforts resemble breaking a player’s fingers and dubbing the game “fair.”) Giant online platforms possess the excess resources to navigate unfriendly regulatory waters, but the burdens of such proposals would fall squarely on consumers through weakened security by default.
Published on July 24, 2023