- Advertisement -
- Advertisement -
Some passwords that Minister of Defense Pete Hegseeth used to register for websites were exposed in cyber attacks on those sites and are available on the internet, as a result of which new questions are asked about his use of personal devices to communicate military information.
Mr. Hegseeth did not seem to use those passwords for sensitive accounts, such as banking. But at least one password seems to have been used several times for various personal e -mail accounts that are maintained by Mr. Hegseeth. If hackers gain access to E -mail accounts, they can often reset other passwords.
Like many Americans, Mr. Hegseeth reused passwords to remember them easier. At least one of them is, or was a simple, small alphanumeric combination of letters followed by numbers, which may represent initials and a date. The same password was leaked in two separate infringements of personal E -mail accounts, one in 2017 and another in 2018.
It is not clear whether he updated the compromised passwords, or whether he did this before he used his personal phone in March to share sensitive information about planned American strikes at Houthi Militia goals in Yemen.
The digital practices and security of Mr. Hegseeth have been examined since he discussed the precise timing of those air strikes in at least two chats on Signal, a free, coded messages -app. At least one of the chats took place on his personal phone. American pilots could have threatened that information if an opponents had intercepted it.
In addition to those two signal chats, Mr. Hegseeth used the coded app for several other running conversations and group messages, according to people who have been informed about his use of the platform. Some messages were posted by a military assistant, Colonel Ricky Buria, who had access to Mr Hegseeth’s personal phone. The use of the app for multiple running conversations was previously reported by the Wall Street Journal.
Hegseeth was initially added to a signal group founded by Michael Waltz, who at the time was the national security adviser to discuss the Houthi strikes. Hegseeth shared similar details about the strikes with a second signal group with his wife, Jennifer. That group was set up on Mr.’s personal phone. Hegseeth.
Cyber security experts have said that because Mr. Hegseeth’s telephone number is easy to find on the internet, it is a potential target for hackers and foreign intelligence services. Signal messages are sent safely via the internet, but messages that are typed in a telephone can be intercepted if an opponents -Inflooringbureau Malware has installed on the device.
When two-factor authentication is enabled on the sites, hackers need more than passwords to access information.
The main spokesperson for Pentagon, Sean Parnell, did not respond to a request for comment.
Experts say finding exposed passwords is easier than ever.
“If you know where to look, you can find them,” said Kristin del Rosso, who monitors infringement data at DEVSEC, a company of cyber security studies.
Mrs. Del Rosso said that some companies collect and sell stolen data. Because data breaches are now almost routine, there is a large amount of data that opponents or criminals can use to gain a deeper insight into an individual and possibly guessing other passwords or gaining access to more information.
“You can discover more,” she said.
Passwords of Mr. Waltz, who was removed as a national security adviser On Thursday there were also exposed in internet fractures.
Representatives from the National Security Council did not respond to a request for comments. But a person who was informed about the situation said that Mr. Waltz had changed his compromised passwords before he came to the congress in 2019.
In March, der Spiegel, a German news publication, Phone numbers and associated e -mail addresses found With Mr. Waltz, Mr. Hegseeth and Tulsi Gabbard, the director of National Intelligence, all of whom were in the first signal chat.
The telephone numbers online for Mrs. Gabbard are no longer associated with her.
But just like Mr. Hegseeth has reused Mrs. Gabbard passwords. The New York Times found at least one leaked password linked to several personal accounts used by Mrs. Gabbard.
According to a spokeswoman, the passwords of Mrs. Gabbard have changed many times since a violation has exposed a password almost ten years ago. The Times discovered more recent data breaches with a similarly reused password linked to her personal E -mail account.
John Ratcliffe, the CIA director, has a disciplined public profile. A former public prosecutor and member of the House Intelligence Committee, he has no easily identifiable telephone number and e -mail address and seems to have left a small digital footprint.
Mr. Hegseeth repeatedly said that he did nothing wrong when revealing the Yemen -strike details in signal chat groups with people who had no security authorization. But the use of his personal phone, with a number – and password – that is available on the internet, will undoubtedly have left a Senior Trump National Security figure that is vulnerable to hacking efforts by foreign opponents, say intelligence analysts.
“You just have to assume that the bad guys listen,” said Michael C. Casey, the former director of the National Counter Intelligence and Security Center, in an interview. He said that government officials of national security of day 1 should enter their jobs with the assumption that their personal devices were hacked and acting protective.
The use of telephones by government officials has long been a safety problem.
President Barack Obama wanted to continue to use his personal phone and Blackberry when he first came into office, former officials said in his administration.
Intelligence officials said that the use of a personal phone had too many risks. But officials of the National Security Agency eventually provided Mr Obama with a Blackberry that was adapted to improve its safety. (Mr. Obama joked routinely that his phone had so many security restrictions that its use was ‘not fun’.)
Technology has since improved rapidly and national security officers are now more routine issued governmental telephones that come up with security improvements. Most telephones have extra security protocols that prevent non -approved apps from being installed.
But just like Mr Obama, civil servants complain routinely that secure telephones are uncomfortable to use and limited in use, and some continue to communicate with coded apps on their private phones.
- Advertisement -
