When Hillary Clinton’s private email server was hacked earlier this year, she was criticized for her bad security practices that exposed top secret documents stored in emails on that private server. The FBI called her behavior ‘extremely careless.’
Republican presidential candidate Donald Trump and his supporters are continuously criticizing Clinton’s use of a private email server. And here’s what Trump lectured in a debate about cybersecurity:
"The security aspect of cyber is very, very tough. And maybe it’s hardly doable. But I will say, we are not doing the job we should be doing. But that’s true throughout our whole governmental society. We have so many things that we have to do better, Lester, and certainly, cyber is one of them."
Forget Clinton; Trump has so worryingly insecure internet setup that anyone with little knowledge of computers can expose almost everything about Trump and his campaign.
Security researcher Kevin Beaumont, who had a look at the mail servers operated by the Trump organization, discovered that a number of email servers for Trump’s hotels, golf courses, and other businesses are running badly configured, outdated versions of software that receive no security updates, and are lacking other security practices.
Several mail servers for the Trump Organization’s domain, TrumpOrg.com, are using outdated software, including the operating system Windows Server 2003, with Internet Information Server 6 that comes shipped with it.
Microsoft ended support for Windows Server 2003 in July 2015. Microsoft’s official website reads: "Microsoft will no longer issue security updates for any version of Windows Server 2003. If you are still running Windows Server 2003 in your datacenter, you need to take steps now to plan and execute a migration strategy to protect your infrastructure."
This security disaster makes the Trump organization’s e-mails vulnerable for attackers who might want to gain access to them.
Beaumont posted his finding on Twitter on Monday.
If this wasn’t enough, Beaumont said the Trump Organization’s email service only uses single-factor authentication, which means no Two-factor authentication that makes a user link a device to receive an extra login code, which keeps their account more secure.
Beaumont also discovered the Trump Organization’s Web-based e-mail access page. But it is important to note that Beaumont did not attempt to log into the e-mail system and neither ran any advanced scans on the servers and rather he only looked at public records and information.
The e-mail access page of the Trump Organization (webmail.trumporg.com) displays the header for Microsoft Exchange Outlook Web Access (OWA) and the page’s HTML source code reveals that site is using an outdated application i.e. March 2015 build of Microsoft Exchange 2007 (SP3 RU16), which contains a number of known security vulnerabilities, Sean Gallagher of Ars noted.
So, what do you think: Would WikiLeaks reveal Donald Trump email dump just like Clinton? Let us know in the comments below.