Hegseth's Pentagon office set up system so he could access Signal messages, sources say
The Pentagon set up a system in Defense Secretary Pete Hegseth's office that enabled him to check messages on the encrypted messaging app Signal while at the office, sources familiar with the matter told CBS News. Two of the sources said the system bypasses standard Defense Department security protocols.
A computer monitor in Hegseth's office was installed to give him remote access to the Signal app and text messages from his personal cellphone, the sources said. Hegseth has used the system to check and respond to those messages at his desk, multiple sources said.
The Associated Press earlier reported that Hegseth has made use of an unsecured internet connection, which is known as a "dirty line" among IT and cybersecurity professionals. The connection bypasses security protocols that defend against vulnerabilities that could be exploited by adversaries.
A Defense Department spokesperson denied there's a "dirty line," and denied there is currently any use of Signal inside Hegseth's office. The spokesperson said there's a physical line running between the computer monitor in the defense secretary's office and his cellphone, which is kept immediately outside his office. The monitor alerts him to messages so that he can step out to check his phone. The official said it's currently set up as a one-way line.
The office suite is a sensitive compartmentalized information facility, or SCIF, where cellphones are prohibited.
Two sources with knowledge of the matter told CBS News that the work-around is a security risk – it gives Hegseth access to his personal iPhone text messages and Signal chat groups at his desk even though his cellphone isn't physically in the office. It is not on the Defense Department's Non-Secure Internet Protocol Router Network, known in military parlance as NIPR, they said.
Hegseth, an Army veteran and former Fox News host, has faced criticism this week after it was reported that he shared details about impending U.S. airstrikes in Yemen in a private Signal group that he created, which included his wife as well as his brother and personal attorney, who both have positions at the Pentagon but are not in positions that have a clear need to know that sensitive information. It was the second Signal group chat where Hegseth shared the information.
An aide in Hegseth's office, Marine Col. Ricky Buria, helped organize the effort to fix some internet connectivity issues in Hegseth's office in the first days of the administration, two of the sources said. Buria had some oversight over the work to set up the Signal work-around, the sources said.
The Defense Department didn't respond to a request for comment on Buria's role.
Signal, an end-to-end encrypted messaging application, has a desktop app that connects to a user's mobile device through a unique QR code. Once paired, the desktop version mirrors the mobile phone version, allowing users to send and receive messages, access contacts and manage shared media.
The sources spoke to CBS News under the condition of anonymity because they were not authorized to speak to the press.
contributed to this report.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Axios
41 minutes ago
- Axios
AI is perfecting scam emails, making phishing hard to catch
AI chatbots have made scam emails harder to spot and the tells we've all been trained to look for — clunky grammar, weird phrasing — utterly useless. Why it matters: Scammers are raking in more than ever from basic email and impersonation schemes. Last year, the FBI estimates, they made off with a whopping $16.6 billion. Thwarting AI-written scams will require a new playbook that leans more on users verifying messages and companies detecting scams before they hit inboxes, experts say. The big picture: ChatGPT and other chatbots are helping non-English-speaking scammers write typo-free messages that closely mimic trusted senders. Before, scammers relied on clunky tools like Google Translate, which often were too literal in their translations and couldn't capture grammar and tone. Now, AI can write fluently in most languages, making malicious messages far harder to flag. What they're saying:"The idea that you're going to train people to not open [emails] that look fishy isn't going to work for anything anymore," Chester Wisniewski, global field CISO at Sophos, told Axios. "Real messages have some grammatical errors because people are bad at writing," he added. "ChatGPT never gets it wrong." The big picture: Scammers are now training AI tools on real marketing emails from banks, retailers and service providers, Rachel Tobac, an ethical hacker and CEO of SocialProof Security, told Axios. "They even sound like they are in the voice of who you're used to working with," Tobac said. Tobac said one Icelandic client who had never before worried about employees falling for phishing emails was now concerned. "Previously, they've been so safe because only 350,000 people comfortably speak Icelandic," she said. "Now, it's a totally new paradigm for everybody." Threat level: Beyond grammar, the real danger lies in how these tools scale precision and speed, Mike Britton, CISO at Abnormal Security, told Axios. Within minutes, scammers can use chatbots to create dossiers about the sales teams at every Fortune 500 company and then use those findings to write customized, believable emails, Britton said. Attackers now also embed themselves into existing email threads using lookalike domains, making their messages nearly indistinguishable from legitimate ones, he added. "Our brain plays tricks on us," Britton said. "If the domain has a W in it, and I'm a bad guy, and I set up a domain with two Vs, your brain is going to autocorrect." Yes, but: Spotting scam emails isn't impossible. In Tobac's red team work, she typically gets caught when: Someone practices what she calls polite paranoia, or when they text or call the organization or person being impersonated to confirm if they sent a suspicious message. A target uses a password manager and has complex, long passwords. They have multifactor authentication enabled. What to watch: Britton warned that low-cost generative AI tools for deepfakes and voice clones could soon take phishing to new extremes. "It's going to get to the point where we all have to have safe words, and you and I get on a Zoom and we have to have our secret pre-shared key," Britton said. "It's going to be here before you know it."
Yahoo
an hour ago
- Yahoo
Hermeus notches first flight of Quarterhorse high-speed aircraft
Hermeus, a venture capital-backed firm building high-speed aircraft, flew its Quarterhorse vehicle for the first time last week at Edwards Air Force Base in California, the company said. The aircraft, dubbed Mk 1, is the second iteration of the Quarterhorse high-speed test platform and the first to take flight. Its May 21 flight test brings Hermeus a step closer to its goal of flying the autonomous, reusable vehicle at near-Mach 5 speeds by 2026. 'We've proven the viability of our iterative development approach,' Hermeus CEO AJ Piplica said in a statement Tuesday. 'But this is just the start. We have much more to do as the bar rises for the next iteration.' Hermeus had planned to fly Quarterhorse in 2023 and then pushed that date to last summer before eventually hitting the milestone this month. Still, the company touted its ability to go from a clean-sheet design to a flight-ready system in just over a year. The first flight test focused on validating Quarterhorse's ability to take off and land, which is a particular challenge for high-speed systems. Hermeus is feeding data from the first flight into its second test vehicle, Mk 2, which is currently being built at the firm's headquarters in Atlanta. That aircraft is slated to fly by the end of the year and reach supersonic speeds. It will also enable 'novel operational defense capabilities,' the company said. This early work will push Hermeus toward its larger goal of supplying high-speed platforms to both defense and commercial customers. The company plans to build one aircraft per year — an approach it hopes will position it to address the challenges that come with operationalizing a hypersonic aircraft. 'The company's approach emphasizes 'hardware richness' — building multiple prototypes in quick succession, allowing the team to take well-managed technical risk,' Hermeus said. 'While driving technical progress towards high-speed flight, this approach simultaneously enables Hermeus to rapidly develop its team and talent.' Hypersonic aircraft fly and maneuver at speeds of Mach 5 or higher. The Defense Department has several major programs to develop and field hypersonic weapons and vehicles — including the Air Force's Hypersonic Attack Cruise Missile and the Army's Long-Range Hypersonic Weapon — and is interested in potentially using Quarterhorse to help test hypersonic technology. Along with funding from private investors, Hermeus received early backing from the Air Force Research Laboratory, which awarded the company a $1.5 million contract in 2020, followed by another $60 million deal the following year. The Defense Innovation Unit also chose the firm for its Hypersonic and High-Cadence Airborne Testing Capabilities program, which aims to increase flight test support for Pentagon programs. Piplica previously told Defense News he expects Quarterhorse to start supporting DOD test events in 2026, around when its Mk 3 vehicle rolls off the line.
Yahoo
an hour ago
- Yahoo
The Pentagon Is Getting $150 Billion From the 'Big Beautiful Bill'
Despite describing himself as a "fiscal hawk," President Donald Trump asked for an additional $113 billion for the Department of Defense in his discretionary budget request. The One Big Beautiful Bill Act, which passed the House of Representatives on Thursday, appropriates $37 billion more for defense spending than Trump requested. While some of this money may go to projects integral to national security, much of it is expensive pork for defense contractors. The bill, if passed by the Senate, would add an estimated $2.3 trillion to the federal deficit over the next decade. It would appropriate an additional $150 billion to the Defense Department's already-bloated $848 billion budget, bringing the agency's account to nearly $1 trillion in FY 2026. The additional appropriations in the bill from the Committee on Armed Services, which oversees Pentagon spending, span 37 pages, 16 sections, and 232 items. In the air, over $500 million will go to Air Force exercises in the Pacific, a rather expensive way to saber-rattle with China. Nearly $1 billion will be allocated to "accelerate" production of the FA/XX aircraft and the F-47, which Trump touted as the "Next Generation Air Dominance" platform that will be "the most advanced, capable, and lethal aircraft ever built." But investing this much in another manned aircraft seems anachronistic while appropriating more than $10 billion for unmanned aerial weapons systems such as General Atomics' YFQ-42A and Anduril's YFQ-44A, autonomous one-way attack systems, unmanned surface and underwater weapons systems, and other artificial intelligence and autonomous capabilities. At sea, the federal government will allocate more than $5 billion to the American shipbuilding industrial base, which the Jones Act has hollowed out. This century-old law requires all ships transporting goods between U.S. ports to be American-built, American-owned, and crewed by U.S. citizens. The bill also appropriates a combined $16 billion for a Virginia-class submarine, two guided missile destroyers, a San Antonio–class Amphibious Transport Dock, and another amphibious assault ship. (The Navy already has 23, 75, 13, and 12 of these, respectively.) About $3 billion will be given to the Defense Department to purchase T-AO oilers to help fuel the Navy's fleet of roughly 280 ships. The Pentagon has failed each of the seven audits it has submitted to the department's inspector general since it began doing so in 2017—more than 25 years after Congress passed a law requiring agencies to investigate their own finances, Reason's Joe Lancaster explains. While the bill has not yet been signed into law, the Senate is unlikely to alter military appropriations significantly. Giving the Pentagon even more money while it can't account for its expenditures does not make the country safer; it rewards incompetence and waste. The post The Pentagon Is Getting $150 Billion From the 'Big Beautiful Bill' appeared first on
