Information Warfare: Please Don't Publish That

Archives

September 15, 2011: Many military and commercial intelligence gatherers (spies) are unhappy with the recent publication of the discovery, by two Internet security researchers, that if you set up a server using the slightly misspelled name of a large corporation or government organization, you can collect thousands of misaddressed emails and attached documents. Normally, when you use the wrong (slightly misspelled) email address, you will later get an error message email, telling you that the bad address could not be reached. But with these sites using the various misspellings, your email gets delivered to someone seeking useful information they would otherwise not have access to. The fact that the sender did not receive an error message does not bother most people. The Internet is a mysterious beast, prone to odd behavior. Odd, yes, but always for a good technical reason.

This sort of deception (which, technically, is not illegal in most places) has been going on for years. Lots of people in the Internet security and intelligence communities knew about it, but not much was ever done. Now this angle is getting wide publicity, and senior managers and officials will, at least in some cases, demand solutions. This will reduce the effectiveness of this intelligence gathering technique, but not completely eliminate it. There are many similar techniques, which exploit human error and the way the Internet works. These tricks, government and corporate spies hope, will stay obscure.

 

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close