Trump Organization Likely Unaware of 2013 Security Breach
The Trump Organization experienced a major breach in 2013 but didn't learn of the compromise until this week.
Hackers compromised the Trump Organization in a major security breach four years ago, and the company just found out, a new report states. The compromise started as early as 2013.
An attacker, or attacker group, accessed the Trump Organization's domain registration account. There, they created at least 250 "shadow" subdomains, each of which points to a Russian IP address. The creation of these subdomains is documented in publicly available domain records.
Most of the subdomains were active until this week, a sign the company had not made any effort to eliminate them. If they had known about the breach, the Trump Organization should have removed the subdomains as soon as possible. Security researcher C. Shawn Eib says this is "sloppy at best" and "potentially criminally negligent at worst," depending on the servers' traffic.
The compromise could have let the attackers launch attacks from the company's domains and potentially let them get into the Trump Organization's network. The subdomains and their IP addresses have been linked to possible malware campaigns, and have been marked by researchers as potentially associated with malware.
About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024