“Secure” Cloudflare-protected Trump website defaced by hacker claiming to be from Iraq

Mon Feb 20 17:34:17 PST 2017

https://arstechnica.com/security/2017/02/secure-trump-website-defaced-by-hacker-claiming-to-be-from-iraq

Meanwhile, Trump's multiple security faux-pas triggers call for House 
investigation

Representative Ted Lieu, a congressman from Los Angeles County, 
California, led fourteen other House Democrats on Friday in urging the 
House Government Oversight Committee to investigate "troubling reports" 
of President Donald Trump's apparently poor security practices and the 
potential danger to national security posed by them—including his 
continued use of an unsecured Android device to post to Twitter, 
discussion of sensitive information (including nuclear strategy) in the 
restaurant at his Mar-A-Lago resort, and leaving classified material 
unlocked while visitors were in the Oval Office.

In a letter to Oversight Committee chairman Jason Chaffetz and ranking 
Democratic member Elijah Cummings, the fifteen representatives wrote:

 > Referring to the complex problem of cybersecurity, President Trump 
recently said in an interview, "I’m not sure you have the kind of 
security that you need." We fully agree—which is why we are writing to 
request that the House Oversight and Government Reform Committee hold a 
hearing into troubling reports that the President is jeopardizing 
national security by egregiously failing to implement commonsense 
security measures across the board, from using an insecure, 
consumer-grade Android smartphone to discussing nuclear strategy openly 
in a dining room at his Mar-a-Lago Club in Florida. Cybersecurity 
experts universally agree that an ordinary Android smartphone, which the 
President is reportedly using despite repeated warnings from the Secret 
Service, can be easily hacked.

Lieu and the other signatories of the letter expressed concern that 
Trump's Android device, "most likely the Samsung Galaxy S3," is 
particularly vulnerable to attack, and that someone could alter the 
information the President viewed on it—which could "have a huge impact 
on his beliefs and actions."

They also feared that someone could gain control of his Twitter account, 
"causing disastrous consequences for global stability," or use it as a 
listening device to pick up sensitive conversations.

Also cited by the letter were photos from a recent White House visit by 
Intel CEO Brian Krzanich that showed a key still in the lock of a bag 
for classified material on Trump's desk. The photo was called out by 
Senator Martin Heinrich of New Mexico in this Twitter post:

Additionally, Lieu and the other representatives expressed concern over 
the continued use of outside e-mail accounts hosted by the Republican 
National Committee, and compliance with federal records law. "Reports 
indicate that a political e-mail system used by senior White House staff 
was hacked in December by a Russian intelligence agency, yet again 
raising the prospect of the White House being monitored or influenced by 
unfriendly powers," Lieu and the others wrote. Federal law requires that 
all e-mails for official business on an outside e-mail system be 
forwarded or copied into a government e-mail system within 20 days.

The letter calls for the Oversight Committee to look into whether the 
President is using an unsecured device, whether Trump and the White 
House staff have been properly briefed and trained on both information 
security and operational security, and if "the President and the Office 
of the President [can] ensure that there are no missing e-mails, 
communications, and technological exchanges—in other words, can they 
confirm they are not actively being monitored?"

With links: 
https://arstechnica.com/tech-policy/2017/02/trumps-apparent-string-of-security-faux-pas-trigger-call-for-house-investigation/