Get All Access for $5/mo

The Trump Administration's Cyber Hubris Trump uses an insecure Android phone and his press secretary tweets passwords. What could possibly go wrong?

By Sascha Segan

This story originally appeared on PCMag

via PC Mag

Cyber security helped elect Donald Trump. During the presidential campaign, hackers cracked open all of the Democrats' secrets and splayed them out for everyone to see, while Hillary Clinton was raked over the coals for using an insecure server for her own personal email. Republicans' communications, meanwhile, stayed out of the public eye.

But success can breed hubris, and there are some worrying trends in the first few days of the Trump administration. Nobody hacked Trump, but he's acting like nobody can.

Why nobody should use a Galaxy S3

According to The New York Times, President Trump is still using his old Android phone to tweet. According to Android Central, that may be a Samsung Galaxy S3.

The S3 is susceptible to the worst Android bug ever discovered, Stagefright. Cured in Android 5.1.1, Stagefright lets hackers gain full access to your phone with some specially crafted MMS messages. There haven't been a ton of confirmed Stagefright-related hackings in the U.S., but most of us aren't as high value a target as the President of the United States. The Galaxy S3 never got an upgrade beyond Android 4.3. It's horrendously insecure.

Of course, just because he's using a Galaxy S3 for tweeting doesn't mean he's accessing classified data on it. But arbitrary code vulnerabilities like Stagefright can, for example, turn on a phone's microphone to use it as a spy device, even if the phone has no access to anything more sensitive than a public Twitter account.

About those email accounts

According to Wired and Newsweek, influential White House staffers including Sean Spicer and Jared Kushner maintain email accounts on RNC servers; and, for a while, the official POTUS Twitter account pointed back to a Gmail account. Also, Spicer appears to have randomly tweeted things that looked like passwords.

Keeping email on non-government servers can be a good way to keep it out of the public eye, as long as your servers are secure. (Remember all of those deleted Hillary Clinton emails?) Of course, those servers often aren't secure. (Remember all of those Wikileaked DNC emails?)

In any case, it's not a good idea for government officials to outsource their information security to consumer email providers. While Trump famously doesn't use email -- rendering him as secure as possible -- staffers could still be sending around messages with information they'd prefer not make it into the hands of foreign governments.

The good news is that the staff seem to be adapting. Just today, the password reset address for the POTUS Twitter account shifted from Gmail to a White House address. Hopefully, that's a sign of how things are getting cleaned up behind the scenes.

But the tweeted passwords show another vulnerability: it doesn't look like a lot of the White House's communications are being edited or double checked before they go out.

Does Trump need to worry?

Trump's operation has been blessed in the information security realm. Even when the RNC was hacked, the information wasn't released in a way that could damage the organization. So it would make sense that the President feels his operation is impregnable.

The question is when, and if, competent opposing forces will attack the White House in a cyber-spying assault. Those could be a foreign government, such as China, trying to secretly collect data to predict and anticipate Trump's moves, or vigilante hackers trying to embarrass the administration by releasing play-by-plays of how the policy sausage is made.

We haven't seen that happen yet but, come on, it's only been a week. Trump personally may not care much for the nuts and bolts of cyber security, but his staff needs to put their feet down, and keep locking down their electronic hygeine. The fate of the world is actually at stake.

Sascha Segan

Lead Mobile Analyst

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

Melinda French Gates Announces Open Call for $250 Million Fund. Here's Who Can Apply.

The fund is part of French Gates's $1 billion philanthropic plan.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Real Estate

Why You Should Consider Commercial Real Estate as Your Next Investment

This article highlights the benefits of investing in commercial real estate while also addressing the associated risks you should consider.

Business News

Daniel Lubetzky Took Kind Snacks From Idea to $5 Billion. Here's His Best Advice For Anyone Who Wants to Start a Business.

In an interview with Entrepreneur, Kind Snacks founder Daniel Lubetzky tells aspiring business owners not to follow someone else's path to success — even his.

Business Plans

How to Master Your Strategic Planning As You Prepare Your Business for 2025

Here's how to best think about strategic planning, communication rhythms and maintaining alignment for consistent growth as you plan for next year.

Business News

JPMorgan Chase CEO Jamie Dimon Isn't Worried About AI Taking Over Jobs — Here's Why

Dimon said AI was part of the next wave of tech innovation.