icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
18 Oct, 2016 23:36

Trump Organization's 'problematic' cybersecurity risks email hack — report

Trump Organization's 'problematic' cybersecurity risks email hack — report

Donald Trump may want to worry less about the Mexican border wall and more about his firewall. A computer security expert finds that Trump Organization email servers use software that hasn’t had a security update in 13 years.

The Trump Organization could be wide open to email attacks based on the findings of Kevin Beaumont, a cyber security expert and researcher.

I decided to Google ‘trump email address’ to see what their systems looked like,” Beaumont told Fortune. “I did not see what I expected.

By using public records, Beaumont discovered that the Trump Organization is using Microsoft Windows 2003 for their email servers. The last time Microsoft offered support and patches for Windows 2003 was in July 2015, meaning that the decade-old server has been open to attacks and hacks for over a year.

Windows 2003 does not employ many of the security measures that have come to be necessary in 2016, such as two-factor authentication or mobile device management options.

Beaumont also pointed out that almost all aspects of the server are unsupported by Microsoft. 

Running outdated software and operating systems for your publicly facing email infrastructure is problematic, especially when you're a high profile organization,” Beaumont told Motherboard. “During an election where cybersecurity is such a big issue, I was a little amazed at what I saw.

The Trump Organization responded to the discovery by sending a statement to Motherboard, saying: "The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring. Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices."

On Tuesday, Trump’s campaign released his plan for cybersecurity, which includes “[establishing] detailed protocols and mandatory cyber awareness training for all government employees while remaining current on evolving methods of cyber-attack.