It’s Not Just About Conventional Terrorism — Cyber Terrorism is Now in the Cards
Timothy Snyder’s discussion of how the Trump administration has made America vulnerable to terror attacks mentions in passing that Elon Musk’s band of DOGE cyber vandals are accessing government computer systems, downloading files and shutting down critical agencies. This is a companion diary to one looking at Snyder’s warnings.
They’re doing it with no oversight, no accountability, and no regard for security, or the law.
Wired has an expose:
Palantir, the software company cofounded by Peter Thiel, is part of an effort by Elon Musk’s so-called Department of Government Efficiency (DOGE) to build a new “mega API” for accessing Internal Revenue Service records, IRS sources tell WIRED.
For the past three days, DOGE and a handful of Palantir representatives, along with dozens of career IRS engineers, have been collaborating to build a single API layer above all IRS databases at an event previously characterized to WIRED as a “hackathon,” sources tell WIRED. Palantir representatives have been onsite at the event this week, a source with direct knowledge tells WIRED.
The claim is it’s about rooting out waste and fraud — but does anyone believe it really isn’t about weaponizing the IRS as an attack tool for Trump? (See threats against non-profits.) But it’s not limited to just the IRS. DOGE intrusions into government computer systems without accountability or regard for proper procedures are putting all of us at risk in ways that are largely going under the radar.
Charlie Pierce picks up on NPR reports:
...This legion of super-moles has spread out throughout the executive agencies, breaching security willy-nilly, gathering data, and sending it out into the world, where it could be shared and, if necessary, transliterated into Cyrillic.
The whistleblower’s story sheds further light on how DOGE is operating inside federal systems and comes on the heels of testimony in more than a dozen court cases across the United States that reveal how DOGE rapidly gained access to private financial and personal information on hundreds of millions of Americans. It’s unclear how or whether DOGE is protecting the privacy of that data. Meanwhile, the threatening note, though its origins are unknown, is reflective of the current climate of fear and intimidation toward whistleblowers.
And that’s the other half of this dung sandwich. The DOGE moles are hiding everything that they’re actually doing.
When an IT staffer suggested a streamlined process to activate those accounts in a way that would let their activities be tracked, in accordance with NLRB security policies, the IT staffers were told to stay out of DOGE’s way, the disclosure continues. For cybersecurity professionals, a failure to log activity is a cardinal sin and contradicts best practices as recommended by the National Institute of Standards and Technology and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, as well as the FBI and the National Security Agency.
(See here, here, here, here, and here. Wonder why Trump wants to kill NPR?)
Consider this:
...Within minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, according to Berulis' disclosure. The attempts were "near real-time," according to the disclosure. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created DOGE accounts — and the person had the correct username and password, according to Berulis. While it's possible the user was disguising their location, it's highly unlikely they'd appear to be coming from Russia if they wanted to avoid suspicion, cybersecurity experts interviewed by NPR explained.
On their own, a few failed login attempts from a Russian IP address aren't a smoking gun, those cybersecurity experts interviewed by NPR said. But given the overall picture of activity, it's a concerning sign that foreign adversaries may already be searching for ways into government systems that DOGE engineers may have left exposed.
"When you move fast and break stuff, the opportunity to ride the coattails of authorized access is ridiculously easy to achieve," said Handorf. What he means is that if DOGE engineers left access points to the network open, it would be very easy for spies or criminals to break in and steal data behind DOGE.
He said he could also see foreign adversaries trying to recruit or pay DOGE team members for access to sensitive data. "It would not surprise me if DOGE is accidentally compromised."
Is it only 40 years after 1984?
There’s also the question of how much information is being stolen for the personal advantage of Musk, Thiel, and the other tech bros.
There’s no question at this point that the Trump administration is going to use the information the government needs to function for the benefit of all citizens in ways that contravene the law and destroy civil and property rights. They are building their own Deep State Cyber Stasi in order to cement their control over everyone and carry out Trump’s campaign of retribution.
At the very least, they will destroy the ability of anyone to ever trust the government again with their personal information. They are giving unelected oligarchs access to our most vital personal information. They are also making us vulnerable to external threats.
And here we all are, caught in the middle.
