The Trump administration planned a military strike in Yemen the way normal people plan a surprise birthday party: in a group chat.
As detailed by The Atlantic earlier this week, Secretary of Defense Pete Hegseth, Vice President JD Vance, and other senior officials used a Signal group to discuss an attack on Houthi targets, sharing details that included the movement of American assets in advance of their deployment. The news leaked because one member, National Security Advisor Mike Waltz, made the bizarre mistake of inviting Atlantic editor-in-chief Jeffrey Goldberg into the discussion. But even before that moment, Hegseth and the rest were doing something dangerous and far outside the bounds of normal military planning — while using an app that, for ordinary people, is still one of the best ways to have a private chat.
Signal is an end-to-end encrypted chat service used for many private communications, including conversations between sources and journalists at outlets like The Verge. But the Houthi attack group chat demonstrates the limits of any conventional electronic communications. Military security is a life-and-death matter, and attack plans are being constantly sought by some of the world’s most sophisticated intelligence-gathering operations. End-to-end encryption is a secure system in a vacuum — but in any normally functioning military, it simply wouldn’t be considered enough.
“Classified discussions at any level can only occur in secured facilities and on secured equipment,” Bradley P. Moss, a lawyer who specializes in security clearance law at the law firm Mark S Zaid, tells The Verge. While the Trump administration has repeatedly downplayed the importance of the leaks, The Atlantic’s chat logs includes information like the movements of F-18s, the time they’ll be departing, and the munitions they’ll use to strike targets. All of that information is — by default — considered classified.
A SCIF is guarded, windowless, and outside electronics-free
Viewing or discussing this information requires Top Secret/Sensitive Compartmented Information (TS/SCI) security clearance, and the most sensitive details (like some of those discussed in the group chat) are often confined to a Sensitive Compartmented Information Facility or SCIF (pronounced “skiff”). That conversation might happen in one of these boxes face to face. It might also happen between multiple parties in different secure boxes conferencing in over secure lines. In no case does it look like a group chat.
Speaking SCIF to SCIF happens most often on secure telephone lines called Secure Terminal Equipment. These phones look like an ordinary office phone but are part of a secure government-run network. Video calls use a similar system called Secure Video Conference or, in the old days, Secure Video Teleconferencing. When Donald Trump became US president in 2016, a SCIF was installed in Mar-a-Lago and a picture from within shows what a modern high-level meeting with video looks like.
SCIF facilities can take many forms, says Joseph Cirincione, a former congressional staffer who worked for almost a decade for the US House of Representatives Committee on Armed Services. (He held a TS/SCI for 14 years and has been inside one many times.) It’s always a “guarded, windowless, secure, shielded room that is impenetrable to surveillance that might intercept signals or discussions being held in that room,” he says. Some are permanent facilities, but Moss notes that senior officials can have staff set up a “mobile SCIF” while they’re traveling.
A lot of SCIFs look like shipping containers. According to construction specifications from the Department of National Intelligence, the walls are lined with gypsum, plywood, sound dampening material, and material that prevent the transmission of electronic signals. The doors have deadbolts and are secured by both guards and an electronic lock. Air vents have to be small enough to prevent humans and devices from going through. Every inch of the “room” is accounted for and light switches, wiring, and outlets are designed in specific ways to avoid creating surfaces that would let sound escape.
In a normal, pre-Trump world, discussion about military strikes takes place in these secure rooms. Even high-level talks with cabinet members and the Vice President about sensitive topics should happen in secure locations. There’s an obvious reason for this: the environment around an official can be a major source of threats. “Our adversaries have devices that can pick up vibrations on windows, for example, that can transmit the conversations being discussed in those rooms, and the rooms might be bugged,” Cirincione says.
If someone’s looking over your shoulder, end-to-end encryption doesn’t do much
“There might be electronic surveillance devices in them,” he says. Compromising a group chat is as simple as looking over someone’s shoulder, which could be done with a hidden camera. The point of a SCIF “is that you have a secure room that’s been scrubbed that you’re certain cannot be surveilled by foreign intelligence agencies. The guiding rule is that you want as few people as possible to have access to this information to minimize the chances of leaks, intentional or unintentional.”
When electronic devices are used in general for sensitive information, they’re supposed to be government-provided. The federal government is a lot like a corporation when it comes to information security: it issues laptops and phones to employees that have been vetted as secure and cleared for government business. If you work for the CIA, you can’t pull up your CIA email on a device that wasn’t issued by the agency. They’re also not allowed in SCIFs.
“You have to walk down a corridor, be signed in and cleared into the room by a guard who then takes your electronics communications device,” Cirincione says. “Cell phones, computers, nowadays smart watches, earpods will be collected. Anything that is capable of receiving or transmitting a signal is collected. You can’t bring that in.”
A 2023 memo from the Pentagon is explicit about using apps like Signal on government-issued devices. “Unmanaged ‘messaging apps,’ including any app with a chat feature, regardless of the
primary function, are NOT authorized to access, transmit, process non-public DoD
Information,” the memo said. “This includes but is not limited to messaging, gaming, and social media apps. (i.e., iMessage, WhatsApps, Signal). An Exception to Policy (E2P) request must be submitted by the appropriate Component for use of an unmanaged messaging app that is critical to fulfilling mission operations.”
Signal is a secure end-to-end encryption channel, which means that between one device sending a message and another receiving it, it’s very difficult to read the information being transmitted. But the service’s creators are upfront about its limitations. If devices or Signal accounts themselves are compromised — including by phishing operations, which the National Security Agency warned staff about a month before the Houthi group chat — the benefits of encryption are lost.
”You need a cryptographically secure link end to end, and user devices need to be secure against penetration,” Carlo Kopp, an Australian security analyst, says. “While Signal is regarded to be reasonably secure itself, the smartphones it runs on might not be, and if penetrated by foreign intelligence become the entry point for an eavesdropper.” This is true for anyone’s phone, not just a government official, of course — but a typical user isn’t facing the same set of threats.
At least one of the group chat participants was in a situation that could have made physical compromise easier. Steve Witkoff, Trump’s special envoy to the Middle East, was in the group chat and in Moscow during some of the conversation. White House press secretary Karoline Leavitt denied that Witkoff had access to a phone with Signal installed on it during his trip to Moscow. “[Witkoff] was provided a secure line of communication by the U.S. Government, and it was the only phone he had in his possession while in Moscow,” she said in a post on X.
Though Wiktoff is present in the group chat, CBS mapped out the timeline of the chat against his presence in Moscow using flight logs and videos. According to its report, Witkoff didn’t post in the chat until he had left Russia. When he did, it was three prayer hand emojis and two American flags.
But the fear persists and the stakes are high. “This was life and death,” Cirincione says. “They had specific targets in Yemen whom they bombed and killed. And if this information had been intercepted by a foreign intelligence service, say the Russians, while Steve Witkoff was in Moscow, and transmitted to the Houthis, those individuals could have been warned and could have not gone into the houses that were being targeted.”
“They killed 32 people in these bombing raids. I mean, of course it was life and death,” he says.
Saving records of military action for posterity matters
The entire incident raises the question: how many other Signal group chats are there? If this is one chat stood up for one operation, does that mean the administration makes a group for every military strike? Conducting all that business over Signal is dangerous, no matter the strength of its end-to-end encryption. A spy could get a keylogger on a personal device that picks up every keystroke or they could simply look over the shoulder of a member of the chat while they’re discussing military plans in public.
As this scandal unfolds, four U.S. Army soldiers are missing in Lithuania. Trump says he didn’t know they were missing. What would happen if the military coordinated the rescue efforts over Signal on a compromised device?
Finally, there’s the issue of record retention and a historical perspective. Information from SCIF sessions is, depending on the president and other factors, at least somewhat documented. A journalist can’t shake loose secret war plans with a Freedom of Information Act request, but posterity matters. We have learned a lot about the Cuban missile crisis in just the last few years because the people who were there went to the effort to preserve the records. Having these conversations in a digital format that automatically vanishes (though a newly issued court order has demanded its preservation) destroys that legacy.
The Trump administration has spent less time defending the security of the group chat than declaring that its contents weren’t important. In a recent interview on Newsmax, Trump insisted that the information was unclassified. In congressional testimony this week, Director of National Intelligence Tulsi Gabbard and CIA Director John Ratcliffe maintained that no classified information was shared.
Cirincione and Moss aren’t so sure. “Top secret information is not just sources and methods,” Cirincione says. “The top secret information is also the debate over whether to have these strikes. It is the discussion of our allies, capabilities, and intentions. It is the discussion of messaging about these attacks. All of that is classified.”
“Think of it this way,” Moss says. “If this information had been leaked to a foreign power in advance of the strikes, could it have put American military assets in danger? The answer is yes, and that is why it is classified.”
