faux pas of senior administration personnel went from bad to worse to the gutter in the span of 24 hours. If you haven’t read The Atlantic writeup, you should (there are two pieces, the revelation from Goldberg and then the subsequent release of the contents of the Signal chat). There is no getting around it, Signal is a ubiquitous secure chat application that is widely used by industry and, in appropriate circumstances, by government entities. Indeed, during the recent Kyiv International Cybersecurity Resilience Forum 2025 Signal was highlighted as an application which was in use and was actively targeted by the Russian Federation utilizing social engineering to worm their way into group chats of Ukrainian war fighters, access which could sufficiently compromise their operational security and resulting in lethal targeting by Russian forces.In January 2025, the State Department’s Office of Inspector General issued an audit report they conducted on the US Embassy Kyiv and its records retention, specifically for electronic messaging. Within the report, it is highlighted how the Embassy Kyiv uses Signal, yet did not satisfactorily preserve and protect the content of official business conducted via Signal.”According to both Department and Embassy Kyiv personnel, Department procedures for preserving Signal messages are burdensome and do not fully address the technical limitations and information security vulnerabilities that personnel encounter when they attempt to preserve messages,” the report said.Embassy Kyiv uses Signal to rapidly communicate physical security information as the application is sufficiently secure and easily accessible in a high-threat environment. In a nutshell, it is “used for critical embassy security communications, including tracking personnel movements and announcing air raid instructions.” State is now conducting a global review to “assess the extent to which electronic messaging applications, including Signal, are used at posts worldwide to conduct Department of State business.”The Signal group in question was set to automatically destroy content at the seven-day mark. Given the wide dissemination of the content, it may be the only Signal group chat that this group of seniors within the administration has memorialized.Based on my personal review of the content of the Signal chat, which included the secretaries of defense and state, the vice president, the CIA director, and the Director of National Intelligence, the information shared prior to the execution of a military operation was not only classified at the time of sharing but also operationally sensitive information which if revealed would place the warfighter at risk.Now, I’m just an old HUMINT intelligence type, but take it from Amy McGrath, a former Marine F/A-18 pilot who has posted on social networks her perspective: “This info is classified BEFORE and DURING the operation. Everyone knows this. It’s OPSEC (operational security) 101.” She continued, “Old F-18 fighter pilot here with 80+ combat missions, launch times on a strike mission ARE ABSOLUTELY CLASSIFIED.”Signal is used by several government entities to include those whose principals were in the group chat. Whether this specific level of classified information should have been discussed requires further investigation to make this determination by the appropriate entities.The fact that at least one of the participants was sitting in Moscow during this chat does not give me the warm feels, given the sophistication of Russia’s communications intelligence capabilities and their ability to compromise mobile devices.
Transgression #2 Inclusion of an individual with no clearance: Why and how the White House’s National Security Advisor, Mike Waltz added Goldberg to this closed group on Signal is inexplicable. Goldberg explained in his piece he initially thought he was being pranked and rode the wave to see what evolved.As the chat evolved and precision information was provided, he explained how he pulled over to the side of the road and watched for evidence that an attack by the United States had occurred in Yemen, and when it did, he knew what he was witnessing was the leadership of the administration sharing sensitive information with him. From my personal optic, it appears to have been a human error, a mistake.Yet, those who have followed my opinion pieces know that the largest risk presented by insiders to the compromise of information or networks is negligent behavior. The recent 2025 Cost of Insider Risk report, crafted by the Ponemon Institute, shows that over 55% of incidents find their genesis in negligent, non-malicious user behavior.If there is to be a prosecution following the non-malicious, negligent insider behavior and unauthorized revelation of classified information to the media, only time will tell. When Reality Winner shared classified information with The Medium, she ended up in prison. Similarly, when classified information was mishandled and shared with those without a need to know, other prosecutions concluded with the individual also receiving years in prison.Some may view the inclusion of Goldberg as not an error, rather a masterclass-level act, to inform media and, with the ensuing revelation, subtly send a message to European allies by the Trump administration.If such was the case, the message carried the subtlety of a chainsaw and was clearly received as such. Former UK Defense Minister, Grant Shapps, said, “I agree Europe must do more on security, but Sir Keir [Starmer] should remind the USA the UK led from the front. I authorised four RAF strikes on the Houthis & the Royal Navy defended Red Sea shipping. Our forces risked their lives to protect trade. Some in DC need reminding.”
Transgression #3 Trust is non-negotiable, yet the Administration trashed it: This ‘mistake’ was first denied by the principals, the CIA director, the national intelligence director, the secretary of defense, etc., all claimed no classified information was discussed. Their defense was classic: “deny everything and make counteraccusations.” Then they collectively went after the messenger, Goldberg.In a nutshell, the administration’s laissez-faire attitude truly leaves one with the notion that those in control are simply engaging in cosplay. During the chat, the defense secretary emphatically exclaimed that “OPSEC was good.” OPSEC was nonexistent.Trust has been broken. The principals dissembled, which made everything that followed suspicious. I would say that not only has trust been broken, it has been pulverized.
Lessons to be learned from this rookie mistake: Cybersecurity leaders may wish to share the teachable moment of this incident with their teams.Communication is required by every enterprise, and the means to communicate must exist. Technology choices must be made, choices that will provide you with the appropriate level of security for the data being protected. The use of Signal for collaboration between the principals may have been a fully approved choice for the purpose used. When you choose a technology for your entity’s communication ensure that the processes and procedures are clearly enumerated, and then scrupulously followed. As many investigate insider errors of judgment which cause inadvertent compromise, corrective action must follow discovery. Given my somewhat attuned sense, this instance is not a one-off. I believe that an investigation will find that many daily conversations are occurring on the Signal platform between administration personnel that contain similarly sensitive and/or classified information. Whether the information sharing via the Signal application is a violation of security protocols should not be difficult to ascertain.Those rolling up their sleeves and putting on their audit visor should take a page from the State Department and be tasked with determining how widely this non-government instant messaging application is being used, and in those cases where the content is subject to data preservation, ensure that such is the case. Finally, if you stub your toe and inadvertently share information with an individual who doesn’t have a need to know, own it. Owning your errors, no matter how small or egregious, goes a long way toward retaining trust.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3855579/the-trump-administration-made-an-unprecedented-security-mistake-you-can-avoid-doing-the-same.html
