The Trump Administration's Cyber Hubris Trump uses an insecure Android phone and his press secretary tweets passwords. What could possibly go wrong?

By Sascha Segan

This story originally appeared on PCMag

via PC Mag

Cyber security helped elect Donald Trump. During the presidential campaign, hackers cracked open all of the Democrats' secrets and splayed them out for everyone to see, while Hillary Clinton was raked over the coals for using an insecure server for her own personal email. Republicans' communications, meanwhile, stayed out of the public eye.

But success can breed hubris, and there are some worrying trends in the first few days of the Trump administration. Nobody hacked Trump, but he's acting like nobody can.

Why nobody should use a Galaxy S3

According to The New York Times, President Trump is still using his old Android phone to tweet. According to Android Central, that may be a Samsung Galaxy S3.

The S3 is susceptible to the worst Android bug ever discovered, Stagefright. Cured in Android 5.1.1, Stagefright lets hackers gain full access to your phone with some specially crafted MMS messages. There haven't been a ton of confirmed Stagefright-related hackings in the U.S., but most of us aren't as high value a target as the President of the United States. The Galaxy S3 never got an upgrade beyond Android 4.3. It's horrendously insecure.

Of course, just because he's using a Galaxy S3 for tweeting doesn't mean he's accessing classified data on it. But arbitrary code vulnerabilities like Stagefright can, for example, turn on a phone's microphone to use it as a spy device, even if the phone has no access to anything more sensitive than a public Twitter account.

About those email accounts

According to Wired and Newsweek, influential White House staffers including Sean Spicer and Jared Kushner maintain email accounts on RNC servers; and, for a while, the official POTUS Twitter account pointed back to a Gmail account. Also, Spicer appears to have randomly tweeted things that looked like passwords.

Keeping email on non-government servers can be a good way to keep it out of the public eye, as long as your servers are secure. (Remember all of those deleted Hillary Clinton emails?) Of course, those servers often aren't secure. (Remember all of those Wikileaked DNC emails?)

In any case, it's not a good idea for government officials to outsource their information security to consumer email providers. While Trump famously doesn't use email -- rendering him as secure as possible -- staffers could still be sending around messages with information they'd prefer not make it into the hands of foreign governments.

The good news is that the staff seem to be adapting. Just today, the password reset address for the POTUS Twitter account shifted from Gmail to a White House address. Hopefully, that's a sign of how things are getting cleaned up behind the scenes.

But the tweeted passwords show another vulnerability: it doesn't look like a lot of the White House's communications are being edited or double checked before they go out.

Does Trump need to worry?

Trump's operation has been blessed in the information security realm. Even when the RNC was hacked, the information wasn't released in a way that could damage the organization. So it would make sense that the President feels his operation is impregnable.

The question is when, and if, competent opposing forces will attack the White House in a cyber-spying assault. Those could be a foreign government, such as China, trying to secretly collect data to predict and anticipate Trump's moves, or vigilante hackers trying to embarrass the administration by releasing play-by-plays of how the policy sausage is made.

We haven't seen that happen yet but, come on, it's only been a week. Trump personally may not care much for the nuts and bolts of cyber security, but his staff needs to put their feet down, and keep locking down their electronic hygeine. The fate of the world is actually at stake.

Wavy Line
Sascha Segan

Lead Mobile Analyst

Editor's Pick

She's Been Coding Since Age 7 and Presented Her Life-Saving App to Tim Cook Last Year. Now 17, She's on Track to Solve Even Bigger Problems.
Lock
I Helped Grow 4 Unicorns Over 10 Years That Generated $18 Billion in Online Revenues. Here's What I've Learned.
Lock
Want to Break Bad Habits and Supercharge Your Business? Use This Technique.
Lock
Don't Have Any Clients But Need Customer Testimonials? Follow These 3 Tricks To Boost Your Rep.
Why Are Some Wines More Expensive Than Others? A Top Winemaker Gives a Full-Bodied Explanation.

Related Topics

Business News

'I'm Not a Very Good Businessman': Kevin Costner Is Risking a Ton of His Own Money on New Project

The "Yellowstone" star discussed how he bankrolled his new epic movies — and his accountant isn't happy.

Marketing

The Rise of Nano-Influencers: How the Smallest Voices are Making the Biggest Impact

The bigger an influencer is, the more beneficial it is for a brand to collaborate with them, right? Not necessarily.

Science & Technology

How AI Is Transforming the Accounting Industry — and What the Future Will Look Like

It's time to harness the power of AI and transform bookkeeping.

Business News

California Woman Arrested For $60 Million Postal Service Scam

Lijuan "Angela" Chen faces two charges that each carry a maximum sentence of five years in prison.

Business News

Woman Goes Viral For Brow-Raising Email Signature About Working Moms: 'Everyone Is Feeling This'

The email signature was created in response to pressure to answer emails within 24 hours.