UK Security researcher Kevin Beaumont discovered the Trump organisation has a comedy level of security and uses a hopelessly outdated and insecure internet setup.
TrumpOrg.com servers are using outdated software, Windows Server 2003 and the built-in Internet Information Server 6 web server. Vole cut off support for this technology in July 2015, leaving the systems unpatched for the last 15 months.
Trump Organisation emails don’t support two-factor authentication and its web-based email access page relies on an outdated March 2015 build of Microsoft Exchange 2007.
“Windows Server 2003, IIS 6 and Exchange 2003 went end of life years ago. There are no security fixes. They don’t have basics down,” Beaumont said.
Trump’s supporters have decided to resolve the problem by reporting Beaumont to the Feds, however his research is based on looking at publicly available information rather than actively scanning for vulnerabilities.
The Trump Organisation responded to Beaumont’s criticism by putting out a statement to the media saying that its web setup is shielded behind a firewall.
When he stopped laughing Beaumont tweated: “That’s a bit like saying it’s okay to install WordPress and leave it unpatched forever because there’s a firewall.”
In otherwords, Trump’s reply suggests that IT security is not a glass house he should be biffing boulders in. However, if hacking Trump were that easy then why doesn’t Wikileaks have hackers who have done it? Oh that is right the Russians are only interested in providing Clinton leaks.