Oct 11 (Reuters) – Republican presidential candidate Donald Trump’s campaign is now using specialized, encrypted cellphones and secure laptops in a bid to protect staff after a series of successful Iranian hacks and two attempts to assassinate the former president.
The campaign recently purchased a package of these devices from Santa Barbara, California-based Green Hills Software, the developer of a proprietary security-focused operating system already used by several U.S. agencies, the company’s CEO told Reuters.
The company sells a custom Android phone that comes pre-installed with its own unique operating system, which removes most features aside from calling and texting, while implementing additional security measures.
While Green Hills Software issued a press release on October 1 about the campaign deal, the development has received virtually no press attention.
Company president and CEO Dan O’Dowd said he approached the campaign through shared contacts and offered his company’s technology. “Securing the integrity of the democratic process is of paramount importance,” O’Dowd said in the release.
A Trump campaign spokesman declined to comment. Campaign top brass recently made significant security improvements to their hardware, said a person familiar with campaign matters who spoke on condition of anonymity, although he did not know which vendor was chosen.
When asked about IT security during the Harris campaign, spokesperson Morgan Finkelstein said, “Overall, we have robust cybersecurity measures in place and staff are trained to be vigilant against potentially malicious content.”
In an interview, O’Dowd explained that a core group of campaign staffers are already using the devices, which are more resistant to remote cyber attacks.
“No vulnerabilities have ever been published about our operating system,” he added. The phones function in an isolated channel, where only devices with the same subscription can communicate with each other. The devices also use end-to-end encryption and two-factor authentication as standard – two measures widely recommended by cybersecurity experts.
The Iranian hacking group responsible for compromising the campaign earlier this summer, dubbed APT42 in the security research community, is known for deploying sophisticated mobile phone malware that can record conversations and trigger remote camera recording. Notably, APT42 is also known to spy on targets who are then physically threatened by Iranian intelligence-related operatives, Reuters previously reported, based on a series of attacks on Iranian dissidents.
O’Dowd declined to discuss how many devices were purchased during the campaign or what the total cost was, explaining that prices often depend on several factors and can vary by customer.
The campaign also purchased custom, stripped-down laptops that are inaccessible to outside attackers over the Internet, he said. The laptops reflect the same approach as the mobile phones, with limited functionality, but also provide a way to access a shared set of files and logs, allowing team members to collaborate remotely in a shared but isolated computing environment.
O’Dowd said the technology had previously been used by legal teams working on sensitive legal cases, where they wanted to keep certain files separate and secure for clients.
O’Dowd said the company’s laptop product is also used by FBI field offices.
Register here.
Reporting by Christopher Bing, Gram Slattery and Trevor Hunnicutt; editing by Chris Sanders and Jonathan Oatis
Our Standards: Thomson Reuters Trust Principles.
