(Updated: May 2, 2025)
Recently, the editor in chief of
The Atlantic found himself in a group chat on Signal, in which president Trump's national security team discussed a
military operation in Yemen. This immediately became
SignalGate.
Here I present the secure government equipment and networks that Trump's team should have used instead of an app on their (personal) smartphones. It will also become clear why the Trump team prefers using Signal.
From left to right: Marco Rubio, Michael Waltz and Pete Hegseth in a White House conference room,
with some screenshots of messages that were exchanged in the Signal group chat.
(White House photo, January 28, 2025 - click to enlarge)
The Houthi PC small group
On March 11, 2025, president Trump's national security adviser Michael Waltz started a group chat on the open-source encrypted messaging app
Signal to discuss airstrikes on Houthi rebels in Yemen, which took place on March 15.
The chatgroup was named "Houthi PC small group", with PC apparently referring to Principals Committee, a term typically used for a gathering of senior national-security officials. This group had a total of 19 participants:
- Michael Waltz, National Security Adviser
- Brian McCormack, Chief of Staff for the National Security Council
- Alex Wong, Principal Deputy National Security Adviser
- Susie Wiles, White House Chief of Staff
- Stephen Miller, White House Deputy Chief of Staff for Policy
- JD Vance, Vice-President of the United States
- Marco Rubio, Secretary of State
- Mike Needham, Special Adviser for the Department of State
- Pete Hegseth, Secretary of Defense
- Scott Bessent, Secretary of the Treasury
- Dan Katz, Chief of Staff for the Secretary of the Treasury
- Tulsi Gabbard, Director of National Intelligence
- Joe Kent, Acting Chief of Staff for the Director of National Intelligence
- John Ratcliffe, Director of the CIA
- Walker Barrett, Staff member of the House Armed Services Committee Republicans
- Steve Witkoff, Special Envoy to the Middle East
- Jacob, function unknown
- Jeffrey Goldberg, Editor in Chief of The Atlantic
This list shows that the members of the "Houthi PC small group" were from many different government departments and agencies and that some lower-ranking officials participated as well.
This is probably one of the reasons why they used Signal: given the variety of positions, they would probably not have access to the same equipment and/or networks to have a properly secured conversation.
The major US government departments and intelligence agencies have their own computer networks, usually one for unclassified and one or two for classified information:
Overview of major Homeland Security computer networks
From a briefing for Congress, July 2004
The networks of the Department of Defense (DoD) are the most widely used and therefore most suitable for interagency communications. There are separate DoD networks for different classification levels:
NIPRNet (Non-secure Internet Protocol Router Network)
- For information that is Sensitive But Unclassified (SBU)
- Circa 4,000,000 users
SIPRNet (Secret Internet Protocol Router Network)
- For information classified Secret (S)
- Circa 500,000 users
JWICS (Joint Worldwide Intelligence Communications System)
- For information classified Top Secret/SCI (TS/SCI)
- Circa 200,000 users
These classified networks are not connected to the internet and additionally secured with
TACLANE network encryptors. These networks offer email (in the Signal group chat mentioned as "high side inboxes"), messaging and other collaboration tools, but they can also be used for VoIP phone calls and secure video teleconferencing.
Operations center in the US Central Command headquarters, with computers and
VoIP phones for Unclassified (green) and Secret (red) communications.
(still from 60 Minutes, January 2021 - click to enlarge)
Secure telephone networks
The DoD also operates a secure telephone network for classified conversations, called the
Defense Red Switch Network (DRSN), also known as the Multilevel Secure Voice service. The DRSN connects the White House, all military command centers, intelligence agencies, government departments and NATO allies.
The DRSN has some special features and uses custom made telephone sets (currently the
IST-2 made by Telecore), which can be used for both secure and non-secure phone calls. These phones also have the distinctive four red buttons for
Multilevel Precedence and Preemption (MLPP).
During the attacks of September 11, 2001, the DRSN didn't function as intended and therefore a new Crisis Management System (CMS) was established. This includes a dedicated Voice over IP network that connects the President, the National Security Council, Cabinet members, the Joint Chiefs of Staff, intelligence agency watch centers, and others.
The CMS uses high-end Cisco IP phones with a bright yellow bezel. This color indicates that it can be used for conversations up to
Top Secret/Sensitive Compartmented Information (TS/SCI), which is the classification category for the most sensitive, intelligence related information.
Former secretary of defense Lloyd Austin in his Pentagon office in 2021,
with a Cisco IP phone with yellow bezel for the CMS and
an IST-2 phone with many red buttons for the DRSN.
(DoD photo - click to enlarge)
Most senior members of the "Houthi PC small group" have a phone for the CMS in their office, but their deputies, advisers and staff members usually have not. So when they have to be involved in a secure phone call, that often means they have to be in the same room as their principal and listen to the conversation via the speakerphone.
It's noteworthy that not included in the Signal chat group were Michael E. Kurilla, commander of the US Central Command, and local commanders who led the military operation in Yemen. They were likely in contact with defense secretary Hegseth via the proper military channels, which would be SIPRnet or the DRSN.
Securing mobile phones
All the equipment for secure communications discussed so far are fixed/landline devices that sit on someone's desk. That's fine when working in office, but nowadays people are used to do almost everything on their smartphone.
Securing mobile communications has long been a challenge. In the first place because outside, conversations can easily be overheard. For a long time, encryption devices were large and heavy, until in 2002 the
Sectéra Secure Wireless Phone was introduced, which enabled encrypted phone calls and SMS/text messages over public networks.
Around 2010, cell phones of the GSM generation were rapidly replaced by smartphones, which became so complex that it's very difficult, if not impossible to prevent the device from being compromised by malware and/or backdoors.
Under its
Commercial Solutions for Classified (CSfC) program, the NSA tried to solve this problem by securing commercially available devices with multiple layers of protection and encryption. This resulted in the
DoD Enterprise Mobility program, which encompasses three different classification levels:
DMUC (Unclassified)
- For Samsung and Apple smartphones and tablets
- Circa 140,000 users
DMCC-S (Secret)
- For Samsung smartphones and tablets
- Circa 8000 users
DMCC-TS (Top Secret)
- For Samsung smartphones
- Circa 500 users
Overview of the DoD Enterprise Mobility program, 2022
(click here for the full document)
The CellCrypt app
The Secret version (DMCC-S) became operational in 2015 and offers secure phone calls via the
CellCrypt app, access to SIPRNet email via the Outlook Web Application (OWA) and some other pre-approved apps on a Samsung smartphone or a Samsung tablet.
The website of the manufacturer provides
additional details about the encryption methods used by CellCrypt app and also says that it can also be used for secure instant messaging, including group messaging and sharing photos, videos, voice notes, and files of any kind.
The DMCC-S solution has further restrictions, because in case the phone not only handles data-in-transit (DIT), but also stores classified information (data-at-rest, or DAR) it may only be used in physically protected environments.
On social media some people claimed that a conversation like in the Signal group chat should only take place in a
Sensitive Compartmented Information Facility (SCIF). However, a SCIF is only mandatory for information classified Top Secret/SCI, while military information is usually classified Secret.
At the White House
The White House provides its employees with Apple iPhones, but without access to the iOS App Store and with all text messaging capabilities
disabled - under president Biden, only a few staffers in the press office had the ability to text on a limited basis.
Especially Signal's option for "disappearing messages" (which was turned on in the "Houthi PC small group") isn't compliant with the
Presidential Records Act (PRA), which requires that all communications by and among White House staff members have to be archived.
The phones issued to White House officials are managed by the Presidential Information Technology Community (PITC), which is an umbrella organization
established in 2015 to provide IT systems to the President, Vice President, the National Security Council, the Secret Service, the White House Communications Agency, and others.
Trump's shift to Signal
As we have seen, there are various highly secure communication channels that Trump's national security team could have used. Those who were working in their office had access to secure computer networks and a secure phone, those who were traveling (like Gabbard and Witkoff) had the option of using a DMCC-S smartphone.
However, it already was the transition team that prepared Trump's take-over of the presidency in January 2025, which deliberately
refused to use government facilities and IT systems. This was in part to avoid the mandatory record-keeping that comes with using official resources (it's not clear why they prefer Signal, because Whatsapp has disappearing messages as well).
Instead, Trump's staffers and incoming government officials
communicated via their personal devices, often using the Signal app, and this continued after Donald J. Trump had been inaugurated as the 47th president of the United States.
Last February, political appointees at the DoD
ordered that Signal had to be installed on government phones for newly installed senior military officials: "they all use Signal and need it to communicate with the White House" - even though in the same month, the NSA had
warned against vulnerabilities in using Signal.
NSA bulletin about Signal vulnerabilities, February 2025
(click here for the full document)
During a House Intelligence Committee hearing a few days ago, Trump's CIA director John Ratcliffe said that Signal is also widely used by officials and staff at his agency's headquarters: "One of the first things that happened when I was confirmed as CIA director was Signal was loaded onto my computer at the CIA as it is for most CIA officers."
National Security Council spokesperson Brian Hughes
said that Signal is allowed on government devices and that some agencies automatically install it on employees’ phones. "It's one of a host of approved methods for unclassified material with the understanding that a user must preserve the record" according to Hughes.
Updates:
On April 1, 2025, The Washington Post
reported that Michael Waltz and other members of the National Security Council (NSC) also used Gmail for work-related communications. One of Waltz's senior aides, for example, used Gmail for "highly technical conversations with colleagues at other government agencies involving sensitive military positions and weapons systems."
On April 2, 2025, Politico
revealed that the team of national security adviser Mike Waltz had set up at least 20 group chats on Signal to coordinate official work on issues including Ukraine, China, Gaza, Middle East policy, Africa and Europe.
On April 6, 2025, The Guardian
reported that an internal investigation by the White House made clear how Jeffrey Goldberg was accidentally added to the Signal group chat: in October 2024, Goldberg had emailed the Trump campaign and his email was forwarded to Trump's former spokesman Brian Hughes. The latter copied and pasted the content of the email, including the signature block with Goldberg's phone number, into a text message that he sent to Michael Waltz. Waltz' iPhone then semi-automatically stored Goldberg's number under the contact card for Hughes, who had now become the spokesman for the National Security Council. So when Waltz set up the "Houthi PC small group" on Signal, he actually wanted to add Hughes, but this resulted in the number of Goldberg being added.
On April 20, 2025, the New York Times
reported that Hegseth also shared similar details about the Yemen operation in another Signal group that included his wife Jennifer, his brother Phil, and his personal lawyer Tim Parlatore. Jennifer Hegseth has no relevant role in the Defense Department, while Phil Hegseth serves in the Pentagon as a Department of Homeland Security appointee. Parlatore, a military defense attorney, recently rejoined the Navy with an assignment to improve military justice issues.
On May 1, 2025, it was
reported that president Trump removed national security advisor Michael Waltz and his principal deputy Alex Wong from their functions. Waltz would be nominated as US ambassador to the United Nations.
Links and sources
- The Guardian: Exclusive: how the Atlantic’s Jeffrey Goldberg got added to the White House Signal group chat (April 6, 2025)
- Politico: Waltz’s team set up at least 20 Signal group chats for crises across the world (April 2, 2025)
- Bruce Schneier: The Signal Chat Leak and the NSA (March 31, 2025)
- The Independent: Previous administrations were wary of the messaging app Signal. Trumpworld has embraced it (March 27, 2025)
- The Atlantic: Here Are the Attack Plans That Trump’s Advisers Shared on Signal (March 26, 2025)
- The Atlantic: The Trump Administration Accidentally Texted Me Its War Plans (March 24, 2025)
- TWZ: C-17’s ‘Silver Bullet’ Airstream Trailer Pod Used By Secretary Of Defense Hegseth On First Overseas Trip (February 12, 2025)
- DoD Inspector General: Audit of Cybersecurity of DoD Classified Mobile Devices (December 13, 2024)
See also the comments on
Hacker News
