Impeachment hearing reveals major White House phone security fail

By Sean Gallagher

US Ambassador to the European Union Gordon Sondland's phone conversation with President Trump in June was overheard by embassy staffers with Sondland at a Kiev restaurant (and probably by other countries' intelligence services).
Enlarge / US Ambassador to the European Union Gordon Sondland's phone conversation with President Trump in June was overheard by embassy staffers with Sondland at a Kiev restaurant (and probably by other countries' intelligence services).

In testimony yesterday before the House Intelligence Committee, diplomat William Taylor said that he had recently learned of a phone call between George Sondland—the US ambassador to the European Union—and President Donald Trump. Taylor, the senior diplomat for the US in Ukraine, said that his staff overheard Trump during a call with Sondland while at dinner with the ambassador at a restaurant in Kiev.

The contents of that discussion—that Trump asked Sondland about "the investigations" Trump wanted Ukraine to conduct as an alleged condition of releasing military aid—may or may not be damaging to the president's case that he was not seeking foreign assistance for his 2020 presidential campaign. But as anyone in national or diplomatic security will attest to, an open phone call between the president and an ambassador regarding topics of diplomatic interest in a public place like a restaurant—a place where any foreign intelligence organization could be monitoring for collection purposes—would be a major breach of operational (and national) security.

This is not the first time that the administration has let issues of national security play out before a public audience. In February of 2017, President Trump consulted with Japanese Prime Minister Shinzo Abe regarding a North Korean ballistic missile test and made phone calls from the restaurant of his Mar-A-Lago resort in Palm Beach, Florida, in plain view and within earshot of other diners—some of whom essentially live-streamed the situation from their cell phones. A few months later, Trump shared intelligence data with Russia's foreign minister and ambassador in an Oval Office meeting concerning an Islamic State plot to bring down passenger planes with laptops turned into bombs.

Most recently, Trump impulsively declassified and tweeted a sensitive surveillance image from a US spy satellite of the launch site of a failed Iranian satellite launch. As president, Trump can choose to declassify any information he sees fit. But the lack of security concern with regard to diplomatic and national security planning has raised concerns from many in the security community. Typically, these sorts of conversations between a president and his envoys occur either in person or over a secured phone line—from a secure compartmented information facility (SCIF) at an embassy or some other secured space.

Senior diplomats like Sondland would naturally be targeted for surveillance by both domestic and foreign intelligence agencies while traveling in another country—especially in a country like Ukraine, with its ongoing war with Russian-backed separatists. Last year, the Department of Homeland Security acknowledged that devices consistent with the behavior of "IMSI catcher" technology—devices that can be used to track and intercept cell phone communications—had been detected near the White House—raising concerns once again about the president's frequent use of an unsecured cell phone.

"There are a ton of risks there, but some of the biggest involve the fact that the call is traversing the foreign country's telco,"said Jake Williams a former National Security Agency operator and founder of Rendition Infosec. "Even if you trust that country not to spy on their own telcos, others probably have. There's a non-zero chance that some country (or multiple countries) are getting call data records (CDR). This definitely would have made for increased targeting on Sondland and his contacts. Honestly, if I saw that in CDR collection, my first thought would be, 'That has to be a troll, right?' That would be immediately followed by, 'Get full voice coverage on his phone (and everyone around him). These guys don't understand OPSEC.'"

Even if the call with Sondland was encrypted, his phone, \ could have been tracked—and old-fashioned audio eavesdropping could have been used to capture communications. If Taylor's staff members could hear the president over Sondland's phone from across the table, there were definitely more people listening.