White House officials believe that chief of staff John Kelly may have been using a compromised personal phone for months, some of that time after he joined the West Wing …
Politico reports that Kelly waited months before reporting problems with his phone, including the fact that it wasn’t applying software updates.
White House officials believe that chief of staff John Kelly’s personal cellphone was compromised, potentially as long ago as December, according to three U.S. government officials.
The discovery raises concerns that hackers or foreign governments may have had access to data on Kelly’s phone while he was secretary of Homeland Security and after he joined the West Wing.
Tech support staff discovered the suspected breach after Kelly turned his phone in to White House tech support this summer complaining that it wasn’t working or updating software properly.
Kelly told the staffers the phone hadn’t been working properly for months, according to the officials.
It’s not known which brand and model of phone is involved, but Kelly is seen using an iPhone in a number of photos, including the AP shot by Susan Walsh above.
iPhones tend to be more secure than Android devices as Apple controls both the hardware and the operating system, as well as vetting third-party apps, but are not immune to compromise, especially if it is possible to gain physical access to the device. The report says that officials are reviewing Kelly’s travel schedule as staffers attempt to identify precisely what has happened to it.
Staffers reviewed the cellphone for several days and tried to decipher what had happened to it, the officials said. Many functions on the phone were not working.
The IT department concluded the phone had been compromised and should not be used further, according to the memo.
The White House is concerned about what information might have been exposed, with a research fellow at a Canadian university stressing the potential seriousness.
Bill Marczak, a senior research fellow with the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, said the worst-case scenario would be “full access,” in which an attacker would be able to essentially control a device, including its microphone and camera.
“The [attackers] I would be most worried about are nation-states or other actors who may have access to resale of commercial spyware sold to nation-states,” he said.
A White House spokesperson said that Kelly hadn’t used the phone ‘often’ since joining the administration.