Wednesday: President-Elect Donald Trump gives a press conference. Inevitably, “the cyber” comes up:
“We had much hacking going on. And one of the things we’re gonna do, we have some of the greatest computer minds anywhere in the world that we’ve assembled. You saw just a sample of it two weeks ago up here where we had the six top people in the world — they were never in the same room together as a group. And we’re gonna put those minds together and we’re going to form a defense.”
Thursday am: It’s announced that Rudy Giuliani is heading-up a cybersecurity team for the President-Elect. Giuliani described the challenge as follows:
“It’s his belief, which I share, that a lot of the solutions are out there, we’re just not sharing them. It’s like cancer. You know, there’s cancer research going on all over the place — you’d almost wish they’d get together in one room and maybe we’d find a cure.”
Thursday pm: Security experts on Twitter visit the website of Rudy Giuliani’s cybersecurity company, giulianisecurity.com, and find it woefully lacking.
You don’t need to bring the world’s greatest computer minds together in the same room to know that it’s a good idea to keep your web server software properly patched.
None of us should feel too smug, of course. Vulnerabilities are found all the time in company websites, and we all need to up our game to make sure that our own systems have not been properly protected or received the latest update.
But these are the kind of issues that any self-respecting IT guy would have found in a short period of time, and certainly should have been addressed before someone is named as leading the United States’s fight against hackers.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
7 comments on “Don’t follow the example of Donald Trump’s choice for cybersecurity czar”
Rob Graham, Errata Security, has a good write up on this non story. There's nothing on the Giuliani site and certainly nothing worth taking. It was little more than a placeholder.
"There's nothing on the Giuliani site and certainly nothing worth taking"
Not anymore now that it's offline
"It was little more than a placeholder."
and a poor placeholder at that. Who'd think it would be logical to run a site in that state?
Either Rudy or he's subordinates knew and didn't care, or the entire firm is incompetent and the provider was slack – In any case, it's absolute madness, especially in the industry their mean't to be in.
Its the same nothing that he has inside his tiny head, except of course the bull that comes out of his mouth, non-stop propaganda. Gotta love the choice for heading up the "team". maybe they can just sit in a room together. Smiles all around, such a good feeling "being together" and all. everything will just fix itself.
You'd think that Donald Trump would be red hot on pen testing.
Q. What is Rudy Giuliani?
d) All of the above!?
Giuliani is what Trump is not, a career politician. He was good as New York mayor. Maybe he will be a good manager for a bunch of techs that know their stuff but are not experts in playing nice together.
Giuliani should give Hilary Clinton a call. She used to run her own mailserver, you know.