Trump campaign turns to secure hardware after hacking incident – Security


Republican presidential candidate Donald Trump’s campaign is now using specialised, encrypted mobile phones and secure laptops in an effort to protect staff following a series of successful Iranian hacks and two attempts to assassinate the former president.



The campaign recently purchased a package of these devices from California-based Green Hills Software, the developer of a proprietary, security-focused operating system already used by multiple US agencies, the company’s CEO told Reuters.

The company sells a customised Android phone that comes pre-installed with its own unique operating system, stripping it of most functions aside from phone calling and text messaging, while implementing additional security controls.

While Green Hills Software put out a press release on October 1 about the deal with the campaign, the development has received virtually no press attention.

Company president and CEO Dan O’Dowd said he approached the campaign through shared contacts and offered his company’s technology.

“Securing the integrity of the democratic process is paramount,” O’Dowd said in the release.

A Trump campaign spokesperson declined to comment.

The top echelon of the campaign recently made significant security improvements to their hardware, said a person familiar with campaign matters who spoke on condition of anonymity, although they were unaware which vendor had been chosen.

When asked about IT security at the Harris campaign, spokesperson Morgan Finkelstein said, “Broadly, we have robust cyber security measures in place, and personnel are trained to be vigilant against potentially malicious content.”

The current plan to retool Trump campaign devices follows months of a targeted Iranian cyber espionage campaign, which stole internal communications and documents.

The decision to upgrade security measures was also driven by physical threats to Trump, fearing that hackers or spies could surveil staff and use that information to personally target individuals, another person familiar with the matter said.

In an interview, O’Dowd explained that a core group of campaign staffers are already using the devices, which are more resistant to remote cyberattacks.

“No vulnerabilities have ever been published about our operating system,” he added.

The phones function in an isolated channel, where only devices on the same plan can communicate with one another.

The devices also use end-to-end encryption and two-factor authentication by default – two measures widely recommended by cybersecurity experts.

The Iranian hacking group responsible for compromising the campaign earlier this summer, dubbed APT42 in the security research community, is known for deploying sophisticated mobile phone malware that can record conversations and activate camera recording remotely.

Notably, APT42 is also known to spy on targets that are then physically threatened by Iranian intelligence-related agents, Reuters previously reported, based on a series of attacks on Iranian dissidents.

O’Dowd declined to discuss how many devices were purchased by the campaign or the overall cost, explaining that pricing often depends on a variety of factors and can differ between clients.

The campaign also bought customised, stripped-down laptops which are inaccessible from the internet to outside attackers, he said.

The laptops mirror the same approach as the mobile phones, with limited functionality, but also offer a way to access a shared set of files and logs so team members can remotely collaborate in a shared but isolated computer environment.

O’Dowd said the technology has been previously used by legal teams working on sensitive court cases, where they wanted to keep certain files for clients separate and secure.

Green Hills Software is a federal contractor, selling its operating system to multiple military branches, where it is integrated with a variety of platforms, including weapons systems, according to publicly accessible government procurement records.

O’Dowd said the company’s laptop product is also used by FBI field offices.



Source link