A major talking point of the recently concluded US Presidential Elections was the widespread online insecurity.
As was seen, Hillary Clinton’s poor online security practices resulted in the leaking of classified conversations from her private email server.
While Hillary Clinton publicly suffered the consequences of her private email server being hacked, Donald Trump’s day was soon to come, according to experts who discovered the flimsy security measures being used to protect the US President’s private email servers.
In fact, the researchers claimed that Trump’s cybersecurity measures are so weak; anyone with a basic understanding of infiltrating servers could make easy work of exposing Trump’s stored information.
According to reports and accompanying screenshots, the day of reckoning came when an Iraqi hacker, made it a point of hacking into and defacing Donald Trump’s official campaign server.
“Pro_Mast3r” Infiltrates Trump Pence Campaign Server
The hacking of the secure2.donaldjtrump.com server has not elicited any reactions from the Trump-Pence administration at the moment at all.
The pseudonymous hackers “Pro_Mast3r” were, however, liberal enough with information to leave plenty of clues as to who was behind the hacking process.
A simple message against the backdrop of a man in a fedora divulged the details of the hacking activities, including the perpetrators, their Iraqi nationality, and a short triumphant message to mark the hacking of an asset belonging to the most powerful man in the world at the moment.
The message left behind was brief and to the point:
“Hacked By Pro_Mast3r ~
Attacker Gov
Nothing Is Impossible
Peace From Iraq”
The hacked server is currently being managed by Cloudfare, a security platform which, in light of this recent hacking, has clearly dropped the ball as well.
Server appears to be Legitimate
Beyond doubt, the hacked server appears to be the official Trump Pence administration campaign server based on its certificates.
Nevertheless, using the Chrome or Firefox browser to access a reference to an image posted on another site results in a security prompt, showing that the page is not completely secure.
It appears as though the purpose of this hacking was simply to deface the Trump campaign server.
According to IT journalist Paolo Attivissimo, the hacking was a mere show of dominance, seeing that Pro_Mast3r’s source code does not have any inherently malicious scripts.
However, the hackers left behind a JavaScript link that redirects to a now defunct Google Code account.
This account has been previously used for hacking at least three sites.
Trump’s Email Servers Previously Termed as “Worryingly Insecure”
Prior to the hacking, security researcher Kevin Beaumont had gone over mail servers from the Trump server which, according to his report, were rife with shoddily configured or outdated software with weak security measures.
He also noted an alarming lack of crucial security practices, which is virtually unheard of from personalities such as Trump, since they are often the targets of hacking activities.
Beaumont also noted that software used on the servers on Trump’s domain, including the operating system Windows Server 2003, was obsolete.
To put this in context, the archaic operating system is no longer receiving security updates as of July 2015, meaning that Trump’s servers would have eventually been the targeted and compromised through hacking.
Also worth mentioning is the fact that Trump’s servers did not employ two-factor authentication for added security.
Rather, they all appeared to be using a single factor authentication.
Beaumont’s dissection of Trump’s servers revealed more than a few cracks which would have needed to be patched if the recent hacking was to be prevented.
But, since no such action was taken, the Iraqi hackers likely had an easy time defacing the US President’s server.
As anticipated, the non-existent security measures used by Trump’s servers would have made them a very enticing hacking target for criminals looking to gain more access to the current President’s campaign server.
No Comments on the Matter as of Yet
The server was taken offline following the discovery of the hacking.
Meanwhile, the Trump Pence administration and the server’s content manager Cloudfare have yet to comment on the matter.