Hackers May Have Accessed Trove of Intel on Trump and Vance Phones

Chinese hackers tried to gain access to data on the phones of former President Donald Trump and running mate JD Vance, as well as those belonging to people associated with the campaign of Vice President Kamala Harris, The New York Times and Wall Street Journal reported on Friday.

Cybersecurity experts say if the hackers were successful, the potential repercussions could be massive.

According to the Times, Trump and his associates were told this week that Chinese hackers had targeted their phone numbers after infiltrating Verizon’s telecommunications infrastructure.

“It’s an incredibly big deal,” said Chris Pierson, CEO of BlackCloak and a former cybersecurity adviser to the Department of Homeland Security. “If this is a nation state that has compromised a phone carrier and is trying to ascertain information about the campaigns, about the candidates and their inner circle, that’s of the highest level importance.”

Investigators are still trying to gauge the extent of the hack and how much data may have been compromised, the Times reported.

Hackers can gain access to a trove of valuable information by targeting someone’s phone data. That’s doubly true in the case of high-level government officials and political candidates.

Most phone applications that candidates use tend to be encrypted, but hackers can still access a phone’s metadata through the kind of breach described in the Times‘ reporting.

Intruders Can Build a ‘Pattern of Life’

Metadata “includes who the person is talking to, how long they’ve been talking to someone, what the location of those phones is—so intruders can build a pattern of life,” Carlos Perez, incident response practice lead at TrustedSec, told Newsweek.

“Where do they go, at what hour, and are they following a predictable schedule?” he added.

Developing that “pattern of life,” then, also makes it easier for bad actors to conduct further surveillance by planting listening devices or recording devices at places they know the target frequents, and scoping out specific locations to search for documents or electronic data they’d consider valuable.

“It could give individuals access to location information, which poses a security risk,” Pierson said.

This kind of targeted attack also presents risks to people associated with the main target, like family members and staffers.

If a hacker knows that the target of their intelligence-gathering operation is “always talking with a specific reporter, or knows that you’re using a particular staffer to do it, then more than likely that staffer, or sometimes third-party individual, can be a target,” Perez said.

There’s a “lot more that needs to be discovered here,” Pierson said, “but it appears like this is being attributed to China,” and the information the hackers could glean from the breach would be “enormously useful” to them.