With President Trump incensed about leaks, "West Wing aides are instructed to drop their personal phones into small storage lockers when they come to work, periodically checked up on by a scanning device that detects nongovernment phones," The New York Times reports. But Trump himself uses no less than two iPhones, one for Twitter and the other for making calls, and at least one of them "isn't equipped with sophisticated security features designed to shield his communications," two senior administration officials tell Politico, adding that Trump "has rebuffed staff efforts to strengthen security around his phone use."
Since Trump won't give up his cellphones, aides have urged him to swap them out on a monthly basis, burner phone–style, but Trump has refused, saying it's "too inconvenient," a senior administration officials said. Trump has reportedly gone as long as five months without having his phone examined by security experts. Former President Barack Obama had his secure and feature-disabled phone checked every 30 days, Politico says, adding:
Trump's call-capable cellphone has a camera and microphone, unlike the White House-issued cellphones used by Obama. Keeping those components creates a risk that hackers could use them to access the phone and monitor the president's movements. The GPS location tracker, however — which can be used to track the president's whereabouts — is disabled on Trump's devices. [Politico]
Security experts were baffled and alarmed at Trump's seemingly cavalier attitude about cybersecurity, given that he is trying to negotiate a trade feud with China, peace with North Korea, and, presumably, a strategy for handling Russia and other high-tech adversaries. A West Wing official told Politico that Trump's Twitter phone is secure and that "due to inherent capabilities and advancement in technologies, these devices are more secure than any Obama-era devices." Below, you can watch white-hat hacker Jayson Street explain at last October's DEFCON Conference how he would compromise Trump's phone. Peter Weber
On Tuesday, the National Security Council officially scrapped the top White House cybersecurity policy position, part of new National Security Adviser John Bolton's push to centralize control of the NSC. "The role of cyber coordinator will end," Christine Samuelian, an aide to Bolton, told NSC staffers in an email obtained by Politico. The cybersecurity expert President Trump had appointed to the position, Rob Joyce, left the White House on Friday to return to the National Security Agency.
Samuelian explained that Bolton axed the government's point person on cybersecurity and cyber warfare because "eliminating another layer of bureaucracy delivers greater 'decision, activity, secrecy, and despatch,'" a reference to Alexander Hamilton's Federalist No. 70. Cybersecurity experts and some lawmakers criticized the decision, especially given the increase in foreign cyber-malfeasance in politics and business.
Also on Tuesday, Reps. Jim Langevin (D-R.I.) and Ted Lieu (D-Calif.) introduced legislation to create a new White House National Office for Cyberspace, to be led by a Senate-confirmed presidential appointee who would fill the role that Bolton just cut and also advise federal agencies on cybersecurity tactics and resources and protect federal information technology in the event of an attack. Peter Weber
As part of National Security Adviser John Bolton's full overhaul of the National Security Council, he's "leading the push to abolish the role of special assistant to the president and cybersecurity coordinator," the top White House cybersecurity job, Politico reports, citing one current and two former U.S. officials. One of the former officials said there's a "60-40" chance the White House eliminates the job, potentially leaving the U.S. government rudderless heading into elections in which Russia is widely expected to meddle.
When it comes to cybersecurity, a second former official told Politico, Bolton's "not interested in it. He doesn't see the point in it. ... There's a serious concern on the [NSC] right now, particularly the [cyber team], of what the fate of their directorate is moving forward," and morale "is definitely low." The current cybersecurity coordinator, Rob Joyce, is returning to the National Security Agency, "in part because of frustration with how Bolton's team approaches cyber policy," Politico reports. "When Bolton arrived, he forced out homeland security adviser Tom Bossert, a cyber expert who supervised Joyce's team."
NSC spokesman Robert Palladino told Politico that "cyber is a key priority for the Trump administration." And if the coordinator position is eliminated, responsibility could shift to Bolton's deputy, Mira Ricardel, who reportedly supports eliminating the position, or Josh Steinman, a Michael Flynn protégé who reportedly has scant cybersecurity experience and is disliked by career staffers. Scrapping the job would also send a message to other countries "that the U.S. is taking the gas pedal off of cybersecurity as a key national security issue," warned former NSC cyber policy director Megan Stifel.
"The Obama administration was slow and ineffective in its response to Russian election interference in 2016," The Washington Post says in an editorial "But it is now on President Trump and his team to prepare for a new round of Kremlin cyberattacks — and this White House, too, is falling short." Peter Weber
U.S. and Britain jointly accuse Kremlin of massive cyberattack on millions of routers, internet providers
On Monday, the U.S. and British governments accused the Kremlin of conducting a huge cyberattack on routers and other internet hardware around the world, with the presumed aim being economic and political espionage and possibly sabotage. In a first-ever joint U.S.-British cybersecurity alert, the FBI, U.S. Department of Homeland Security, and Britain's National Cyber Security Centre (NCSC) said the years-long campaign targeted millions of devices, primarily used by "government and private-sector organizations, critical infrastructure providers, and the internet service providers (ISPs) supporting these sectors."
"We have high confidence that Russia has carried out a coordinated campaign to compromise ... routers, residential and business — the things you and I have in our home," said Rob Joyce, the White House cybersecurity coordinator. Jeanette Manfra, the Homeland Security Department's chief cybersecurity official, added that the U.S. and Britain "condemn the actions and hold the Kremlin responsible for the malicious activities." The aim of the attack, which dates back at least to 2015, seems to be to "seize control" of internet infrastructure to intercept traffic moving through the routers of people and organizations, NCSC chief Ciaran Martin said. Australia also blamed the Kremlin on Monday for a cyberattack on hundreds of Australian companies in 2017.
The U.S. has become more aggressive in calling out Russia and other countries publicly for cyber-malfeasance, including a March 15 warning from the U.S. Computer Emergency Response Team (US-CERT) that Russian government "cyber actors" have tried to infiltrate U.S. agencies and companies that deal with power, water, aviation, and other critical sectors. But it isn't clear why the U.S. and Britain are issuing this new alert now, U.S. cybersecurity researcher Jake Williams tells The Associated Press. "Calling the Russians out on this hardly makes much sense unless there's some other agenda (most likely political)." Peter Weber
President Trump promised he'd have a report on Russia's interference in the election within 90 days. His time is up.
Exactly 90 days ago, Donald Trump was inaugurated as president of the United States. That means Thursday marks his administration's whiff on a major self-imposed deadline — one to assemble a team that would, within 90 days, assess claims of Russian interference in the presidential election and examine American cybersecurity. Trump made the promise repeatedly: "My people will have a full report on hacking within 90 days!" he tweeted Jan. 13.
The Intercept tried to check in last week to see how that was coming along:
Reached by phone, Senior Assistant White House Press Secretary Michael Short said, "I'm in the parking lot, I don't have an update" on the promised report. Asked when he might be able to provide an update, Short repeated, "I'm in the parking lot." Then he said "I've got to run" and hung up. [The Intercept]
Politico also had no luck:
The National Security Council would normally be involved in creating such a report. But on Wednesday, a NSC spokesperson told Politico that he was unaware if the NSC was in charge of compiling it, or if that responsibility fell to [Rudy Giuliani, who was tasked by Trump to build partnerships on cybersecurity with the private sector] — or if the report exists.
Giuliani is continuing his work talking to the private sector, but a spokesperson for the former New York City mayor confirmed that he is not involved in any 90-day report.
The White House spokesperson wouldn't directly address why the deadline was missed. [Politico]
Missing the cybersecurity deadline is of particular concern to critics, including Ned Price, who was a spokesman for the National Security Council under former President Barack Obama. Missing the deadline shows "a lackadaisical approach to what intelligence officials have routinely said is our biggest national security threat," Price told Politico. "It speaks to the level of priority that this administration apparently has attached to cybersecurity, which apparently isn't much." Jeva Lange
The Senate Armed Services Committee convenes Thursday morning to hear testimony from U.S. intelligence officials concerning "foreign cyberthreats to the United States," The New York Times reports.
Sen. John McCain (R-Ariz.) is the committee's chairman and has been vocally at odds with President-elect Donald Trump, blaming Russia for Democratic hacks during the election. Trump, citing WikiLeaks founder Julian Assange, has denied such claims.
The committee will hear from National Intelligence Director James Clapper Jr., Undersecretary of Defense for Intelligence Marcel Lettre, and Adm. Michael Rogers, of the National Security Agency and United States Cyber Command. "The point of this hearing is to have the intelligence community reinforce from their point of view that the Russians did this," said Sen. Lindsey Graham (R-S.C.), who is also on the committee. McCain has warned, "You try to subvert a nation's ability to determine its leaders and its democratic process, that's an act of war."
Democrats on the committee include Sen. Jack Reed (R.I.) and Sen. Elizabeth Warren (Mass.). Jeva Lange
A massive cyberattack in late October took down major websites across the United States. Now, some security experts are warning that another attack could be coming — and this time it might be aimed at keeping voters from the polls on Nov. 8.
Adam D'Angelo, the CEO of Quora and formerly the chief technology officer at Facebook, said that if there is a "rush attack" Tuesday morning, voters may not be able to find their precinct. "Everybody should do screenshots on your phone, or just memorize [the address]," D'Angelo told The Daily Beast. "People who are campaigning, knocking on doors, those people should be prepared."
A distributed denial of service (DDoS) attack like the one in October could also disable services like Google or Apple Maps, making it hard to navigate to your polling area if you don't know where you're going.
As for who might try to execute such an attack, D'Angelo said many have the motivation. "I definitely believe it's possible to affect the number of people who turn out to vote. There's a lot of data saying that when you make things a little bit harder, fewer people turn out," he said. And that makes it appealing to everyone from domestic hackers and pranksters to international agents to disrupt the vote.