President Donald Trump faces security concerns this week after a paying guest at Mar-a-Lago uploaded photos on Facebook of the staffer responsible for carrying the nuclear football, a briefcase containing nuclear codes.
The incident—coupled with reports that Trump's team conducted official meetings in the open at Mar-a-Lago and examined national security documents in the presence of guests' smartphones—could add fuel to growing congressional uneasiness about the White House's cyber practices.
Last week, for instance, a couple of senators warned that Trump may still be using his personal smartphone—an Android device that reports say he still uses to tweet—and could be vulnerable to hackers. Sens. Tom Carper, D-Del, and Claire McCaskill, D-Mo., asked Defense Secretary James Mattis in a letter for more information about Trump’s smartphone use, citing an article in The New York Times that described an “old, unsecured Android phone” that he still uses to access his personal Twitter account, @RealDonaldTrump.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
“While it is important for the President to have the ability to communicate electronically, it is equally important that he does so in a manner that is secure and that ensures the preservation of presidential records,” they wrote. The lawmakers expressed concern that hackers could target his phone using malware, potentially exfiltrating emails and text messages or even activating the camera or audio recording features.
It’s not the first manifestation of Congressional concern about White House cyber practices to emerge during Trump’s first few weeks. The senators' letter, which demanded answers about his phone use by March 9, was published the same day a handful of Democratic representatives pushed for a House investigation into the Trump administration’s cyber conduct, including his Twitter account, personal phone and staff emails.
Carper and McCaskill asked Mattis to explain whether Trump actually does have a secured and encrypted smartphone, approved by the Secret Service—some public reports have suggested this, they wrote—or whether he still uses his personal phone for official communication.
They also asked if the Defense Information Systems Agency is taking steps to protect Trump’s personal smartphone from hackers, and whether that organization coordinated with the Secret Service and the National Security Agency about it. Pentagon policy outlines that "security vulnerabilities currently prevent the adoption of devices that are unapproved and procured outside of official government acquisition," the letter noted.
Last week House Democrats urged the Republican chairs of the Committee on Science, Space and Technology to investigate “Executive Branch cybersecurity issues” during a Research and Technology subcommittee hearing. In a letter to Reps. Lamar Smith, R-Tex., Darin LaHood, R-Ill., and Barbara Comstock, R-Va., Reps. Dan Lipinski, D-Ill., Don Beyer, D-Va., and Eddie Bernice Johnson, D-Texas, said Trump’s administration “has shown a shocking disregard for cybersecurity practices.”
They pointed to reports that Trump’s senior staffers have active accounts on the Republican National Committee’s email servers; that Trump’s Twitter accounts, @RealDonaldTrump and @POTUS, are both linked to unsecured Gmail accounts; and that he’s using a Samsung Galaxy S3 or S4 to tweet.
They also highlighted the committee's investigations into email practices at several agencies and at Democratic presidential nominee Hillary Clinton’s private email servers when she was secretary of State. "We trust you will equally concerned with any and all careless cybersecurity practices of the Trump Administration,” they wrote.