Top officials of the US were caught discussing sensitive military plans over Signal, weeks before. Google has warned of Russia top US officials were caught discussing sensitive military plans over Signal, a Google report had already warned of Russia’s ability to exploit the app. According to Google’s Threat Intelligence (GTI) group, Russian military hackers from GRU had successfully compromised Signal accounts of Ukrainian individuals using deceptive tactics like malicious QR codes and fake group invitation links.
Despite Signal’s reputation as a highly secure messaging app, the findings put US officials under intense scrutiny. Vice President JD Vance, Secretary of State Mark Rubio, Secretary of Defense Pete Hegseth, and National Security Advisor Mike Waltz reportedly used Signal to discuss last week’s operational plans to strike the Houthis in Yemen. The situation escalated into one of the worst security breaches in years when Waltz accidentally added The Atlantic’s Editor-in-Chief, Jeffrey Goldberg, to their Signal group chat. Shockingly, Hegseth even shared detailed operational plans—including weapons, targets, and strike timings—potentially jeopardizing national security had the information fallen into the wrong hands.
How Russia Exploited Signal in Ukraine
Google’s report revealed how Russian GRU hackers, specifically a group called ‘APT44,’ infiltrated Signal accounts by exploiting the app’s ‘linked devices’ feature. This feature, which allows users to access their accounts on multiple devices, was used against Ukrainian targets. Hackers tricked individuals into scanning malicious QR codes, unknowingly linking their accounts to adversary-controlled devices. One of the other methods of sending fake Signal group invitation links, if clicked, gives all access to a user’s message instead of adding them to the group.
Also, the end-to-end encryption feature of Signal remains intact, it was not that Signal was hacked. However, Google says that no digital communication platform is completely safe from cyber threats, especially when users are manipulated to give access to their accounts to hackers.
The Bigger Concern: US Officials Violating Security Protocols
The controversy isn’t just about using Signal—it’s about how senior US officials blatantly violated national security protocols. Sensitive discussions are meant to be held via encrypted government channels, not consumer apps vulnerable to exploitation. Official policy even requires attendees to leave personal devices outside during classified meetings.
Adding a journalist to the chat, even by accident, only worsened the situation. While Goldberg didn’t leak the plans, a less ethical or adversary-aligned individual could have, endangering the operation, intelligence sources, and national security. The incident raises serious concerns, with some experts suggesting it could even lead to legal consequences under the Espionage Act.
With these revelations, the debate over cybersecurity and communication policies within the US government is more urgent than ever.
Edited By Saumya Sharan
