Trump’s servers show glaring security flaws
Donald TrumpDonald John TrumpSenate advances public lands bill in late-night vote Warren, Democrats urge Trump to back down from veto threat over changing Confederate-named bases Esper orders ‘After Action Review’ of National Guard’s role in protests MORE has repeatedly attacked Hillary ClintonHillary Diane Rodham ClintonWhite House accuses Biden of pushing ‘conspiracy theories’ with Trump election claim Biden courts younger voters — who have been a weakness Trayvon Martin’s mother Sybrina Fulton qualifies to run for county commissioner in Florida MORE’s use of a private email system while serving as secretary of State, but the Republican presidential nominee’s corporate enterprise appears to be equally vulnerable to cyberattacks.
A digital security architect on Monday evening discovered several weaknesses in the Trump Organization’s email servers, which appeared to be outdated and not patched for security flaws.
“There are no security fixes. They don’t have basics down,” Kevin Beaumont said on Twitter, noting several problems with the machines that run email for Trump’s hotels, golf courses and other businesses.
Not sure what to say re Trump’s email server. Other than during a hot topic of election campaign, maybe run an supported, patchable system.
— Kevin Beaumont (@GossiTheDog) October 18, 2016
According to Beaumont, Trump is running Windows Server 2003, which Microsoft has not supported for more than a year.
“If you are still running Windows Server 2003 in your datacenter, you need to take steps now to plan and execute a migration strategy to protect your infrastructure,” the company claims on its website.
Trump’s organization is also running a web server that comes standard with Windows Server 2003, known as IIS 6.0, according to Beaumont. Support for that system also expired last summer.
“IIS is a webserver, and it’s particularly dangerous to run unpatched,” Beaumont told Motherboard, which previously reported on his findings.
The Trump corporation claimed in a statement that its defenses were secure.
“The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring,” a spokesperson for the organization said.
“Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices.”
Cybersecurity has been a potent issue this presidential campaign, due to the controversy surrounding Clinton’s exclusive use of a private email system while serving as the nation’s top diplomat.
There is no firm evidence that hackers ever broke into the Democratic nominee’s system. However, FBI Director James Comey told reporters this summer that it was “possible” they had.
According to Beaumont, the operating system used by Trump’s organization is the same one Clinton used for her personal setup.
The OS, by the way, is the one Clinton’s private email server run and she got in trouble for.
— Kevin Beaumont (@GossiTheDog) October 17, 2016
– Updated at 4:51 p.m.