Nearly 1,000 New Taipei City (新北市) Government employees recently failed an information security test due to their curiosity about an e-mail claiming to contain the latest sex video of Justin Lee (李宗瑞).
Two weeks ago, all 6,179 New Taipei City Government employees received an e-mail titled “Justin Lee’s sex videos, download it, quick.” However, the 996 city government workers who opened the e-mail on their office computers found no video attachments, but rather received a notice from their superior asking them to attend a two-hour information security class.
“This is a test, it’s designed to attract you to open the e-mail,” he director of the New Taipei City Government’s Research, Development and Evaluation Commission, Wu Chao-ming (吳肇銘), said yesterday. “As a city government employee, you should know not to open an e-mail unrelated to business or from an unknown sender on an office computer during office hours — no one should have failed the test.”
Wu said the e-mail test is part of the city government’s project to protect against hacking attacks on office computers through e-mail.
“Most hackers take advantage of people’s curiosity to hack into computers or databases, and when someone hacks into a government database, it could be a serious problem because they could steal classified information, including private data on millions of people,” Wu said. “We consider random tests to be important reminders to our employees about information security.”
The 996 people who opened the e-mail will be required to take a two-hour class about data security, he added.
The employees reacted differently to the test.
“It will be quite embarrassing to attend the class, but I have no one to blame except myself. I should not have opened the e-mail and now I’ve learned my lesson,” a city government employee surnamed Huang (黃) said.
Another employee surnamed Chang (張), who did not open the e-mail, said he believes these types of tests are a good idea.
“I think it’s a good idea, because, though we’ve always heard about the importance of information security, we feel it’s not something that has anything to do with us ordinary government employees,” Chang said. “The test makes us realize that it’s actually something closely related to us, and something we should be cautious about all the time.”
However, a female employee who opened the e-mail said she does not agree with the method of testing.
“There should be some other way to do it [reminding employees about information security],” she said. “It doesn’t feel good to be set up by my employer.”