Does Donald Trump really get cyber security?
Apart from his obvious mastery of Twitter, President-elect Donald Trump has yet to prove that he truly understands the important role of information technology in the modern economy and government.
One of the main areas of concern is his apparently limited understanding of cyber security, both in terms of how it works or its importance.
The issue has been very much in the mainstream news as the US Government embarks on an investigation of claims that Russian state-sponsored hackers intentionally influenced the outcome of the election that has brought Trump to power.
In fact, today, President Obama promised in an NPR interview that the US would “take action”. Trump, for his part, has dismissed the CIA reports suggesting that Russia intervened in the election.
So as the issue of cyber security becomes both more contentious and pertinent, what should we expect from a Trump administration?
Perhaps not a lot. On several major issues, Trump has given responses that suggest he does not understand the security points at issue.
Earlier this year, Trump was vocal in denouncing Apple for not cooperating with the FBI in the Syed Rizwan Farook case. Apple was ordered by a court to provide the FBI with a specially developed version of the iOS operating system to unlock the encryption on an Apple iPhone used by the perpetrator of a mass shooting in San Bernardino.
Apple challenged the ruling, refusing to develop the software. Eventually the FBI managed to find a way to hack the smartphone anyway.
Trump called for consumers to boycott Apple products until they gave up an unspecified “security number” that he believed they were withholding.
He then wrote on Twitter: “I use both iPhone & Samsung. If Apple doesn’t give info to authorities on the terrorists I’ll only be using Samsung until they give info.”
Apple had not refused to provide information to the security agency, so evidently Trump had not fully grasped the situation.
Last year, Trump appeared to call for the internet to be partially shut down to fight terrorism in the wake of the Paris shootings, when terrorists killed over 130 people.
“We are losing a lot of people because of the internet and we have to do something,” Trump said, speaking on an issue that has gained renewed attention in the wake of attacks in Paris in November.
“We have to go see Bill Gates and a lot of different people that really understand what’s happening. We have to talk to them, maybe in certain areas, closing that internet up in some way.”
As CEO of security firm Cyber adAPT Kirsten Bay, who has worked on congressional committees developing cyber policies for the US government, says, these statements “do not engender a feeling of confidence when thinking about the complexities of the internet, net neutrality policies, cyber security, and national security cyber defence strategy.”
However, Bay says that it is not just Trump’s security attitudes that we need to consider, but the people he is appointing to positions of power.
“I believe we still don’t entirely know whether we will get the right people, and, thus, the right policy,” she says. Bay says that this will include Trump’s picks for the intelligence community, the Department of Defense and the Federal Communications Commission.
Bay also says that from the evidence, including the discord between Trump and the intelligence community, she does not believe that Trump takes the threat of hacking seriously enough.
However, Bay says that the successful hacks on the Democratic National Committee during the election campaign suggest that the Democrats may also not be taking security seriously enough.
Some critics of Trump have taken a more combative tone. Bruce Schneier, Chief Technology Officer at IBM’s Resilient and respected security expert, wrote in a recent blog that Trump will have “devastating effects” on internet security and privacy.