Personal cell phones on protective missions, no threat detection on government-issued devices among the litany of sins
It seems like nobody wants to carry a work phone and that includes even those charged with protecting the US president. The US Secret Service’s extremely lax mobile phone security practices - including using unsecured personal devices during mission operations - put America’s leaders’ and agents’ lives at risk, according to a government-issued report.Secret Service agents routinely used personal cell phones to communicate with law enforcement and each other, including during protective operations in the US and overseas, because their government-issued devices lacked the capabilities they needed to perform their missions, according to a federal review ordered after the 2024 assassination attempt against President Trump in Butler, Pennsylvania.Even when Secret Service employees did use government-furnished equipment (GFE), these mobile devices didn’t have sufficient security to “ensure real-time, continuous protection from cyberattacks by foreign adversaries or individuals,” according to a report by the Department of Homeland Security inspector general.
The inspector general’s investigation also found vulnerable apps on these GFE mobile devices. In addition to being prohibited - Homeland Security policy only allows Secret Service employees to use GFE devices for official business - using personal cell phones is especially bad from a cybersecurity perspective. As we have seen time and time again, government employees’ personal devices and private communications provide highly attractive targets for foreign spies or even homegrown criminals plotting attacks against elected leaders. Secret Service agents’ phones can also reveal mission-related details, geolocation - and, by proxy, the US president, vice president, and visiting heads of state’s geolocations - as well as photos, contacts, and other personal information such as family members and home addresses. Since these personal devices are not managed or secured by the US government, it's much easier for attackers to plant surveillanceware and other malware on them.“If a personal device is jailbroken, infected with malicious code, or not up to date on security software, an adversary could intercept device communication,” according to the report. “Outdated and vulnerable apps could enable malicious actors to conduct surveillance, track locations, or record employees’ communications. Connecting to unsecured networks may also allow cybercriminals to access data or install malware.”










