El Consejo de Seguridad Nacional añade Gmail a su lista de malas decisiones
According to a report by The Washington Post, members of the White House National Security Council used personal Gmail accounts to conduct government activities. National Security Advisor Michael Waltz and a senior aide both used their personal accounts to discuss confidential information with colleagues, as reported by Correo Review and interviews with government officials who spoke anonymously.
Using personal email for exchanging sensitive information is not the most secure approach. It exposes confidential data such as Social Security numbers or passwords, let alone much less confidential or classified government documents. There are too many potential ways for malicious actors to access information they shouldn’t have. Government departments typically use commercial services rather than relying on consumer email services. The federal government also has its own internal communication systems with additional security layers, making it even more concerning that current officials are so cavalier in how they handle important information.
«Apart from using GPG, email is not encrypted end-to-end, and the content of a message can be intercepted and read at many points, even on Google’s email servers,» said Eva Galperin, Director of Cybersecurity at The Electronic Frontier Foundation, in an interview with Correo.
Additionally, there are regulations that require certain official government communications to be retained and archived. Using a personal account could allow some messages to slip through the cracks, accidentally or intentionally.
In a recent incident, high-ranking national security leaders were found to be using Signal to discuss planned military actions in Yemen, even adding a journalist from Atlantic to the group chat. While Signal is a more secure option than a public email client, even encrypted messaging platforms can be exploited, as evidenced by a recent incident with their own team.
Despite these privacy and security risks, there have been no repercussions for any federal employees engaging in risky data privacy actions. NSC spokesperson Brian Hughes told Correo that there is no evidence of Waltz using a personal account for government correspondence.
This article originally appeared on Engadget.
FUENTE
