Mar-a-Lago has cyber security weaknesses
Though he spent this weekend in the Middle East, President Trump often weekends at the Mar-a-Lago Golf Club or other properties managed by the Trump Organization. He’s hosted important dignitaries there, such as Chinese President Xi JinPing, British politician Nigel Farage and Japanese Prime Minister Shinzo Abe. So, to test those place’s cyber security, a couple of weeks ago, Jeff Larson and some of his colleagues from ProPropublica and Gizmodo found themselves on a boat in a lagoon just offshore of Mar-a-Lago. He talked with Marketplace host Kai Ryssdal about what he found. The following is an edited transcript of their conversation.
Kai Ryssdal: Tell me what you guys did literally, like how did you go about it?
Jeff Larson: So, we rented a boat in Palm Beach Florida and drove it down the Intracoastal Waterway to Mar-a-Lago and we pointed a Wi-Fi antennae at the shore and picked up their Wi-Fi. And what we found was that this Wi-Fi wasn’t particularly secure-able which could allow foreign intruders to listen in on sensitive conversations.
Ryssdal: You did versions of this at the Trump National Golf Club in Bedminster where the president was a couple of weekends ago, also at the Trump Hotel in D.C. where he has been during his presidency and where some of his cabinet lives. Tell me why, although it seems self-evident, tell me why weak cyber security at these places is a problem.
Larson: It’s not clear that the president ever connects to these networks when he travels. He has his own network. But what could happen is a hacker or foreign adversary could connect to these networks and take over all the devices like cell phones or computers or laptops and turn them into essentially listening devices to overhear sensitive national security conversations happening at these places.
Trump’s trips are expensive. Can Congress step in? |
What can the tech industry expect in a Trump administration? |
How hacktivism intersects with the law |
Ryssdal: In theory, you could have joined these unsecured Wi-Fi networks that you found, right? But you didn’t.
Larson: Not at the clubs. We did not. But at the hotel we did join the Wi-Fi network just by typing in any random room number and we were able to see that the public facing IP address of the hotel was running software that was released 13 years ago.
Ryssdal: Do you have a sense— and again the president travels with the White House Communications Agency and those networks one assumes are secure— do you have a sense of the differing levels of expenditure in security at say Camp David which is the presidential retreat up in the mountains versus, say, Mar-a-Lago or Bedminster.
Larson: So, the government spends $2 million on cyber security alone at Camp David and the White House. By comparison, Mar-a-Lago Club was forced to publish its budget and we got our hands on that. And they spend, I think, on the order of $400,000 on security in total, which it’s unclear how much of it is actually spent on cyber security.
Ryssdal: What has the White House had to say to you or the Trump Organization for the hotels and the clubs, have they said anything to you about this?
Larson: The White House did not say anything to us that the Trump Organization said that, like most great American businesses they’re under cyber-attack by terrorists every single day, but that they do have continuous monitoring and they do claim that they keep tabs on it.
There’s a lot happening in the world. Through it all, Marketplace is here for you.
You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible.
Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.