A British factory worker has shut down a tourism site he owned at the request of the U.S. air force after he received thousands of e-mails sent to his domain that were meant for military personnel -- among them e-mails with flight plans for Air Force One, the U.S. presidential plane, as well as passwords and military procedures and tactics, according to the BBC.
The news reports about this, if true, leave a lot of questions unanswered -- such as why this information was even being sent over the internet, and unencrypted at that? And how is it possible that this continued for more than seven years before anyone took action?
Gary Sinnott launched a tourism web site in the late 90s to promote his tiny town of Mildenhall (www.mildenhall.com) in Suffolk. Unfortunately, the domain name was a bit too similar to the domain belonging to the Royal Air Force base at Mildenhall (www.mildenhall.af.mil), which is controlled by the U.S. Air Force and houses a number of U.S. squadrons and wings -- among them the refueling wing for U.S. and NATO aircraft traveling in and through Europe.
Almost immediately after launching his tourism site, Sinnott says he began receiving e-mails sent by military personnel that were clearly intended for the .af.mil domain name but were mistakenly sent to his .com domain instead.
Sinnott says at first he received mostly jokes and videos that servicemen and women were sending to each other. At one point he was receiving thousands of messages a week. He contacted the Air Force base but he says that officials there told him not to worry about it.
Then he started receiving sensitive e-mails with information that he thinks should be classified. One e-mail discussing military tactics came with a notice that said "Destroy by any means to prevent capture."
The Air Force warned its personnel to be careful when filling out addresses and asked Sinnott to block some addresses from sending e-mail to his web site. But the e-mails continued to come, he says.
The Telegraph reports this week that agents from the USAF Office of Special Investigations visited Sinnott and asked him to delete any classified e-mails he received and began to block e-mail sent from addresses in the military's domain to his .com domain. They've also persuaded him to close down his web site. But as the Telegraph notes, some people are worried now that hackers or state enemies may launch other sites with names similar to military domains to intentionally attract military e-mail that is mis-addressed.