How a Simple Typo Puts US National Security at Risk
Domain extensions matter, and the recent discovery at the Pentagon is alarming for US national security.
But first, let’s discuss domains in general. I’m sure you have come across various domain extensions such as .org, .net, .mobi, .tv, and more. In fact, the chances are that you are currently on the .com domain extension. Globally, there are over 280 different domain extensions in use.
Domains were introduced as a solution to the previously complex method of accessing websites, which involved typing a series of numbers that were difficult to remember. With domains, we now have a streamlined way to recall our favorite websites by simply entering the domain name into the browser’s address bar.
There are several categories of domain extensions. The .com extension is the most popular and widely recognized in the generic category. It is suitable for any type of business (commerce). The .net extension is commonly used by tech or web-based companies since it is derived from the term “network.” On the other hand, the .org extension is a popular choice for non-governmental organizations.
Governments also have their own category of domain extensions. For instance, Nigeria’s extension is .ng, while the United Kingdom uses .uk. These extensions are typically limited to use by citizens or businesses of the respective countries.
Another category includes restricted domain extensions that have specific requirements for usage. These extensions are not available for sale on platforms like Namecheap and GoDaddy. Examples of restricted extensions include .gov for government entities and .aero for the air-transport industry.
Within the restricted category, we find the .MIL extension, which is owned by the US military. Unfortunately, a Dutch technologist discovered that for over a decade, millions of emails intended for the US military have been mistakenly sent to the domain name owned by the country of Mali (.ML). A simple typo has resulted in a potential security breach. Instead of sending emails to tosin.adeoti@army.mil, they send it to tosin.adeoti@army.ml. Can you see the difference? That’s it!
In some instances, sensitive information such as hotel reservations for senior US military officials has been exposed. One of the misdirected emails even contained detailed hotel room numbers and itineraries for the US Army chief of staff and his entourage during their trip to Indonesia in May. Another email, intended for a US Navy official, was from an FBI agent requesting personal information to process a Navy visitor to an FBI facility. Even worse, an urgent Turkish diplomatic letter to the US State Department regarding possible operations by the militant Kurdistan Workers’ Party (PKK) against Turkish interests in the US was also included. The implications of such information falling into the wrong hands are significant, ranging from targeted cyberattacks to tracking the movements of Pentagon personnel.
The Dutch internet entrepreneur received these emails because his company was contracted to manage the .ML domain. He has accumulated nearly 117,000 misdirected messages, with almost 1,000 arriving last Wednesday alone. In an early July letter addressed to the US, he expressed concern, stating, “This risk is real and could be exploited by adversaries of the US.”
Currently, the Pentagon has taken precautions by blocking its email accounts from sending emails to .ML email addresses. However, if emails are sent from other clients such as Gmail or Yahoo accounts to the .ML domain, they will still reach Mali. Notably, Mali has close ties with Russia.
This raises the question: “How much of this misdirected information has been accessed and utilized by Putin and his allies?”
