“I wouldn’t raise an eyebrow if I was told that this information had leaked out to foreign intelligence agencies,“ said Ann-Marie Eklund-Löwinder, head of security at the Swedish Internet Infrastructure Foundation (Stiftelsen för internetinfrastruktur, IIS) to DN.
The four A4-page long email, which details a secret conversation with Saudi general Nasser, was sent in 2008 from assistant under-secretary Cecilia Looström at the Ministry of Defence, according to the paper.
The recipients were a ministry colleague, a high ranking official at the foreign ministry, the director general of the Swedish Agency for Non-proliferation and Export Controls (Inspektionen för strategiska produkter, ISP) and a senior official at the Swedish Defence Research Agency (Totalförsvarets forskningsinstitut, FOI).
Looström used her private email address, ending in @live.se, which despite having a Swedish top domain, ends up in a Microsoft email server in the Western United States, according to DN.
It also means that the email had been wide open while it has bounced between servers in North America and Europe before reaching its Swedish destination.
“I apologize for laughing, but it is deeply unsettling that people who are privy to matters of national security are so very gullible. This must be one of the most stupid things I have ever heard,” said IT expert Olle Bälter of Stockholm’s Royal Institute of Technology (Kungliga Tekniska Högskolan, KTH) to DN.
According to Bälter, it is the IT equivalent of sending the confidential information on a postcard.
“They could just as well have slapped up a poster around town with a web camera sending a message to Saudi Arabia,” said Bälter to the paper.