"An Email Mistake Could Cost 13 Trillion Won"...UK Ministry of Defence Causes Unprecedented Security Breach [AK Radio]

A blunder by the UK Ministry of Defence led to the leak of personal information belonging to over 20,000 Afghan collaborators, prompting the government to allocate 13 trillion won for a resettlement project to ensure their safety. This incident has drawn ridicule as "the world's most expensive email." Although the breach occurred in 2022, the full details have only now come to light, as the Ministry of Defence requested the courts to keep the matter confidential for three years in order to protect the identities of the collaborators.

The incident began when a British special forces soldier, while sending an Excel file containing personal information of 18,700 Afghan collaborators and their 6,000 family members to other intelligence agencies and senior officials, mistyped a single email address in a group email. The situation was exacerbated by the fact that the soldier sent the email from outside the secure environment of an authorized agency with a firewall. As a result, the confidential information was sent to the wrong recipient, who then posted it on their Facebook page, causing the issue to spiral out of control.

The Afghan collaborators and their families whose details were leaked are now branded as "traitors" by the Taliban regime and face threats to their lives. These individuals include interpreters, informants, and local support staff who previously worked with the British military. In response, the UK government has secretly launched a resettlement project, relocating approximately 4,500 people to the UK so far, at a cost of 400 million pounds (about 740 billion won).

However, the issue does not end there. Considering the costs of relocating the remaining individuals, their settlement expenses in the UK, and providing jobs, the total is estimated to reach 7 billion pounds (about 13 trillion won). In addition, as the affected individuals are now preparing to file a class-action lawsuit against the Ministry of Defence, further costs are likely to arise.

This is not the first time the British military has made an email-related mistake. In July 2023, a similar incident occurred when the British military sent an email to the US military but mistakenly used the domain ".ml" instead of ".mil," resulting in confidential information being sent to Mali in Africa. Mali is known as a pro-Russian country in Africa, and there were concerns that a significant amount of sensitive information may have ended up in Russian hands. In fact, similar errors have frequently occurred in the United States, making Mali a target for hackers worldwide.

Reuters Yonhap News

Recently, there has been a surge in not only simple mistakes but also deliberate email hacking attempts. Due to the nature of email, once a single account within an organization is compromised, hackers can potentially access the entire organization's information, making email a prime target. Hackers typically start by infiltrating a personal email account, gather personal details, and then use this information to hack into shared accounts of supervisors or business partners, employing a step-by-step approach.

In response, some companies and organizations have taken measures to completely isolate shared email accounts from external networks. The rapid advancement of generative AI technology has also led to the widespread use of AI-powered email summarization features, which has, in turn, given rise to new forms of hacking that exploit these tools, necessitating increased vigilance.

South Korea, which borders North Korea?the world's leading country in email hacking?also faces escalating threats in this area. North Korea's hacking organizations are estimated to be larger than those of China or Russia, with more than 50,000 personnel involved. It is also believed that over 70% of North Korea's hacking activities are conducted through email attacks. North Korean hackers typically impersonate security alert emails from portal sites, or official documents from post offices and government agencies, to steal personal information. Security experts strongly advise deleting any email that appears even remotely suspicious without opening it.

Recently, there has also been an increase in counter-hacking activities targeting North Korea. As email-based hacking from within North Korea has intensified, dozens of North Korean overseas missions in high-risk regions have reportedly stopped using official government email accounts and instead operate private email accounts separately.

Governments and militaries around the world are implementing a variety of safeguards to prevent the accidental leakage of classified information via email. These measures include systems that require users to double-check email addresses before sending, as well as significantly enhanced training. In addition, massive budgets are being allocated to build robust security systems and to employ white-hat hackers to defend against cyberattacks. Nevertheless, incidents of information leaks caused by human error or intentional hacking attempts continue to occur, highlighting the need for even more stringent precautions.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.