Trump’s servers show glaring security flaws

Trump’s servers show glaring security flaws
© Getty Images

Donald TrumpDonald John TrumpIvanka Trump pens op-ed on kindergartners learning tech Bharara, Yates tamp down expectations Mueller will bring criminal charges Overnight Cybersecurity: Equifax security employee left after breach | Lawmakers float bill to reform warrantless surveillance | Intel leaders keeping collusion probe open MORE has repeatedly attacked Hillary ClintonHillary Diane Rodham ClintonChris Murphy’s profile rises with gun tragedies DNC, RNC step up cyber protections Gun proposal picks up GOP support MORE’s use of a private email system while serving as secretary of State, but the Republican presidential nominee's corporate enterprise appears to be equally vulnerable to cyberattacks.

ADVERTISEMENT
A digital security architect on Monday evening discovered several weaknesses in the Trump Organization's email servers, which appeared to be outdated and not patched for security flaws. 

“There are no security fixes. They don't have basics down,” Kevin Beaumont said on Twitter, noting several problems with the machines that run email for Trump's hotels, golf courses and other businesses.

According to Beaumont, Trump is running Windows Server 2003, which Microsoft has not supported for more than a year.

“If you are still running Windows Server 2003 in your datacenter, you need to take steps now to plan and execute a migration strategy to protect your infrastructure,” the company claims on its website.

Trump’s organization is also running a web server that comes standard with Windows Server 2003, known as IIS 6.0, according to Beaumont. Support for that system also expired last summer. 

“IIS is a webserver, and it’s particularly dangerous to run unpatched,” Beaumont told Motherboard, which previously reported on his findings.

The Trump corporation claimed in a statement that its defenses were secure. 

“The Trump Organization deploys best in class firewall and anti-vulnerability technology with constant 24/7 monitoring," a spokesperson for the organization said. 

"Our infrastructure is vast and leverages multiple platforms which are consistently monitored and upgraded using current cyber security best practices."

Cybersecurity has been a potent issue this presidential campaign, due to the controversy surrounding Clinton’s exclusive use of a private email system while serving as the nation’s top diplomat.

There is no firm evidence that hackers ever broke into the Democratic nominee's system. However, FBI Director James Comey told reporters this summer that it was “possible” they had.

According to Beaumont, the operating system used by Trump’s organization is the same one Clinton used for her personal setup.

- Updated at 4:51 p.m.