So following the inauguration of the now President Trump, there was a lot of talk of Cyber Security being a priority for the new US Government. Whether you support Trump or not, putting financial backing into improving Cyber Security can only be a good thing for the global population, not just the US, so fair play to that!
However, several security blunders recently from major US officials, including the POTUS himself, have cast doubt over the awareness of good security practices within the administration, and also how serious they actually are about cyber security (or are they more concerned about posting copious amounts of controversial Twitter posts…?!).
Today I was reading several different articles, all detailing several blunders. Firstly, it turns out that Trump is still not only using his insecure Android device to Tweet from the Whitehouse, but the @POTUS twitter account has actually been linked to a private gmail account!
The Hacker News reported how the hacker @WauchulaGhost, who was responsible for taking down ISIS accounts, identified the vulnerabilities. Rather than exploit them, the hacker has made those responsible aware of the vulnerability in the hopes that security practices may be improved. It has since been suggested that the linked account is now a secured internal administration account, which is a far better idea…well done, guys! <sigh>
We can but hope that they learn something from this…really really hope…
To top that off, it was reported in the Metro and Techcrunch that the US Press Secretary, Sean Spicer (@PressSec), tweeted his account password not once…but twice! Yes, one of the most highly followed, reviewed and monitored twitter accounts in politics (and potentially globally) just tweeted to the world their account passwords for all to see!
…well done Sean, good job, mate! <face palm>
So today’s security lesson to take away, people…don’t publish your passwords…please!