The Washington Post reports that members of the White House's National Security Council have used personal Gmail accounts to conduct government business. National security advisor Michael Waltz and a senior aide of his both used their own accounts to discuss sensitive information with colleagues, according to the Post's review and interviews with government officials who spoke to the newspaper anonymously.
Email is not the best approach for sharing information meant to be kept private. That covers sensitive data for individuals such as social security numbers or passwords, much less confidential or classified government documents. It simply has too many potential paths for a bad actor to access information they shouldn't. Government departments typically use business-grade email services, rather than relying on consumer email services. The federal government also has its own internal communications systems with additional layers of security, making it all the more baffling that current officials are being so cavalier with how they handle important information.
“Unless you are using GPG, email is not end-to-end encrypted, and the contents of a message can be intercepted and read at many points, including on Google’s email servers," Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation told the Post.
Additionally, there are regulations requiring that certain official government communications be preserved and archived. Using a personal account could allow some messages to slip through the cracks, accidentally or intentionally.
This latest instance of dubious software use from the executive branch follows the discovery that several high-ranking national security leaders used Signal to discuss planned military actions in Yemen, then added a journalist from The Atlantic to the group chat. And while Signal is a more secure option than a public email client, even the encrypted messaging platform can be exploited, as the Pentagon warned its own team last week.
As with last week's Signal debacle, there have been no repercussions thus far for any federal employees taking risky data privacy actions. NSC spokesman Brian Hughes told the Post he hasn't seen evidence of Waltz using a personal account for government correspondence.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/national-security-council-adds-gmail-to-its-list-of-bad-decisions-222648613.html?src=rss https://www.engadget.com/cybersecurity/national-security-council-adds-gmail-to-its-list-of-bad-decisions-222648613.html?src=rssJelentkezéshez jelentkezzen be
EGYÉB POSTS Ebben a csoportban
As first reported by Bloomberg
Q: I'm hearing that Microsoft is pulling the plug on Windows 10 later this year. What does that mean for my current Windows 10 PC, and what are my options?
<p
For a lot of people, the iPad Air is Apple’s goldilocks tablet. It’s more powerful and available in a larger size than the entry-level iPad, but a lot less expensive than the iPad Pro, which can be
Nintendo just announced a forthcoming app called Hello Mario! that's headed to iOS
No product launch excites me more than the release of a new Tamagotchi. So when it comes time to review one, I like to first give myself a little while to just live with the device — to feel that i
We’re into the back half of summer already (which may be good or bad news depending on how hot it is where you reside), and it won’t be too long before the weather outside becomes decidedly more fr
