2026-06-25T20:15:27.911Z / https://www.cnn.com/2026/06/25/politics/secret-service-cyber-security-put-protectees-risk
据一份新的监察长报告显示,特勤局特工糟糕的网络安全操作使其手机易遭黑客攻击,并给他们负责保护的美国高级官员的生命安全带来风险。
美国国土安全部监察长(IG)周四发布的报告称,外国“对手”——这一术语可涵盖间谍和恐怖分子——“本可以截获并利用特勤局的信息,使我国领导人、其他受保护对象以及雇员面临风险”。
此次调查结果重新引发了人们对特勤局安保操作长期存在的担忧,此事距宾夕法尼亚州巴特勒市特朗普总统险些遇刺事件已过去两年,当时通信系统不安全且存在故障,酿成了该局近年最严重的失误之一。
新的监察长报告发现,问题的一大症结在于,特勤局雇员在执行保护任务时,经常使用安全性较低的个人手机而非公务手机。黑客入侵特工的个人手机后,可能窃取“与任务相关的数据,包括联系人、用户历史记录、地理位置信息和照片”,并利用这些敏感信息“策划针对受保护对象或特勤局雇员的袭击”,监察长总结道。
调查还发现,特勤局未能在雇员完成国际旅行后清除其手机数据,且该机构未制定在员工手机上部署软件前进行测试的政策。
多年来,特勤局特工一直抱怨公务手机不允许他们使用某些应用程序与外国同行沟通,也无法在特工之间发送某些类型的短信。2024年7月13日巴特勒市遇刺事件前不久,一名特勤局雇员“因公务手机存在可靠性问题,使用个人设备接收了当地执法部门发来的疑似刺客的彩信”,新报告称。
在遇刺事件发生时,美国已掌握伊朗策划另一项暗杀特朗普阴谋的情报。伊朗历来利用黑客手段协助其暗杀和绑架行动。
手机问题困扰了巴特勒市集会期间的安保工作,疑似刺客托马斯·克鲁克斯得以在未被察觉的情况下驾驶无人机绘制该区域地图,并携带步枪爬上附近屋顶,尽管当地执法人员在他开火前几分钟就已发现他。
当天,部分特勤局特工和当地警员依靠手机群聊发送信息,而其他人则依赖无线电频道和两个独立指挥所。
根据国土安全部和国会的多份报告,与特勤局手机使用相关的失误是当天安保失败的重要原因。
集会地点位于农村地区,手机信号匮乏,这也延误了反无人机技术的部署——该技术本可以在枪击发生数小时前定位克鲁克斯的无人机以及克鲁克斯本人。
该机构此后已开始在这类活动中为特工部署移动手机信号覆盖服务。
特勤局在回应监察长报告草案时表示,已解决或正在处理监察机构提出的安保建议。
特勤局局长肖恩·柯兰表示,该机构已“对特勤局的通信政策和规程进行了多项全面改进,既能降低对手截获和利用特勤局信息的可能性,也能进一步强化保护环境”。
特勤局拒绝就调查结果置评,而是让美国有线电视新闻网(CNN)查阅柯兰在监察长报告中的信函。
监察长称,特勤局管理着约8000台移动设备,这些设备可接入该局系统和敏感应用程序,比如为特工提供紧急搬迁地点信息的应用。
公务手机遭黑客攻击导致暗杀事件的风险并非假设。
美国司法部监察长在去年的一份报告中称,2018年或更早时候,一个墨西哥贩毒集团雇佣黑客监视墨西哥城一名资深联邦调查局官员的行踪,从该市监控系统收集信息,以便该贩毒集团杀害可能的联邦调查局线人。
新的特勤局报告引用了这一案例。
报告称:“除非特勤局改进海外使用的移动设备的安全控制措施,否则雇员的敏感设备信息以及与受保护对象的沟通将面临类似风险。”
Bad cybersecurity by Secret Service agents put US officials at risk, inspector general says
2026-06-25T20:15:27.911Z / https://www.cnn.com/2026/06/25/politics/secret-service-cyber-security-put-protectees-risk
Bad cybersecurity practices from Secret Service agents have left their phones vulnerable to hacking and risked the lives of senior US officials they are charged with protecting, according to a new inspector general report.
Foreign “adversaries” — a term that can encompass spies and terrorists — “could have intercepted and exploited Secret Service information, placing at risk our Nation’s leaders, other protectees, and employees,” said the report released Thursday by the Department of Homeland Security inspector general (IG).
The findings revive longstanding concerns about security practices at the Secret Service two years after the near-assassination of President Donald Trump in Butler, Pennsylvania, when insecure and faulty communications led to one of the biggest debacles in the agency’s recent history.
A big part of the problem is that Secret Service employes have frequently used their less-secure personal phones rather than their government phones while on protective missions, the new IG report found. Someone who hacks an agent’s personal phone could steal “mission-related data, including contacts, user history, geolocation, and photos” and then use that sensitive information to “plan attacks against protectees or Secret Service employees,” the inspector general concluded.
The probe also found that the Secret Service was failing to wipe employees’ phones after returning from international travel, and that the agency didn’t have a policy for testing software before it was deployed on employees’ phones.
For years, Secret Service agents have complained that their government phones didn’t allow them to use certain apps to communicate with their foreign counterparts or to send certain types of text messages between themselves. Shortly before the July 13, 2024, assassination attempt in Butler, a Secret Service employee “used their personal device to receive a picture message from local law enforcement of the would-be assassin due to reliability concerns” with their government phone, the new report says.
At the time of the assassination attempt, the US had intelligence about a separate plot by Iran to assassinate Trump. Iran has a history of using hacking to aid in its assassination and kidnapping attempts.
Cell phone issues plagued security during the Butler rally, where the would-be assassin Thomas Crooks was able to fly a drone mapping out the area undetected and climb onto a nearby rooftop with a rifle despite being seen by local law enforcement minutes before he opened fire.
While certain Secret Service agents and local officers depended on small group chats on their phone to send out information that day, others relied on radio channels and two separate command posts.
According to multiple reports from the Department of Homeland Security and Congress, failures related to the Service’s use of phones greatly contributed to the failures that day.
The lack of cell service in the rural location of the rally also delayed counter-drone technology that could have located Crooks’ drone, and Crooks himself, hours before the shooting.
The agency has since begun to deploy mobile cell coverage for agents during such events.
The Secret Service said in a response to draft of the IG report that it had addressed, or was in the process of addressing, the watchdog’s security recommendations.
The agency has made “several comprehensive enhancements to Secret Service communications policies and protocols to both mitigate the potential for adversaries to intercept and exploit Seret Service information, as well as further strengthen the protective environment,” Secret Service Director Sean Curran said.
The Secret Service declined to comment on the findings, instead pointing CNN to Curran’s letter in the IG report.
The Secret Service manages about 8,000 mobile devices that grant access to the agency’s systems and to sensitive apps, like one that gives agents information on emergency relocation sties, the inspector general said.
The risk of a hack of a government phone leading to assassinations is not hypothetical.
A Mexican drug cartel hired a hacker to surveil the movements of a senior FBI official in Mexico City in 2018 or earlier, gathering information from the city’s camera system that allowed the cartel to kill potential FBI informants, the Justice Department inspector general said in a report last year.
The new report on the Secret Service cited that example.
“Until the Secret Service improves security controls for mobile devices used overseas, employees’ sensitive device information and communication with protectees face similar risks,” the report said.
发表回复