- The Washington Times - Wednesday, May 17, 2017

President Trump’s privately owned properties, including his Mar-a-Lago Club in Florida and Trump International Hotel in D.C., are rife with digital insecurities making them prime targets for hackers, according to a new report.

A recent investigation into four of Mr. Trump’s high-profile properties uncovered a number of poor security practices that may have already been exploited by spies, hackers and other advantageous adversaries, ProPublic and Gizmodo reported Wednesday.

Weakly encrypted Wi-Fi networks, publicly accessible computer servers and the use of outdated software are just a few examples of the gaping security holes identified by investigative journalists in this week’s report following an unsolicited audit of four Trump properties: Mar-a-Lago, Trump International Hotel in D.C. and Trump National golf courses in New Jersey and Virginia.

At Mar-a-Lago, where Mr. Trump has frequently hosted foreign diplomats in addition to his own staffers, the reporters said they found three weakly encrypted Wi-Fi networks capable of being cracked in a matter of minutes, as well as a publicly accessible combination printer and scanner and a misconfigured, unencrypted internet router.

Mar-a-Lago’s website, meanwhile, hosts an insecure login page that could easily be breached by hackers, potentially providing intruders with access to privileged information concerning the private club’s well-placed, high-paying members, according to the report.

Jeremiah Grossman, a former security expert for Yahoo now with cybersecurity firm SentinelOne, described the conditions at Mar-a-Lago as “bad, very bad,” the journalists wrote.

“I’d assume the data is already stolen and systems compromised,” Mr. Grossman said.

Inspections of Mr. Trump’s golf courses similarly identified unsecured Wi-Fi networks at facilities in Bedminster, New Jersey, and Sterling, Virginia, while a probe of the president’s Pennsylvania Avenue hotel found servers running outdated, vulnerable software, as well as a potential gateway to back-end databases containing sensitive information, according to the report.

“Those networks all have to be crawling with foreign intruders, not just ProPublica,” said Dave Aitel, chief executive officer of digital security company Immunity, Inc.

The Pentagon spent $64 million in 2016 maintaining computer networks at White House and Camp David, the presidential retreat in Maryland, according to the report. Mar-a-Lago, by comparison, budged $442,931 for all its security needs last year, digital and otherwise.

While the hospitality industry is hardly known for its positive cybersecurity practices, gaps identified at the president’s properties pose significant risks given Mr. Trump’s tendency to entertain foreign leaders and U.S. officials alike at his various establishments.

The Trump Organization follows “cybersecurity best practices,” spokeswoman Amanda Miller told the report’s authors in response to their findings.

“Like virtually every other company these days, we are routinely targeted by cyberterrorists whose only focus is to inflict harm on great American businesses,” she said. “While we will not comment on specific security measures, we are confident in the steps we have taken to protect our business and safeguard our information. Our teams work diligently to deploy best-in-class firewall and anti-vulnerability platforms with constant 24/7 monitoring.”

The White House did not respond to requests for comment, according to the report.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.


Click to Read More

Click to Hide