What a way to ruin Oscar night.
The news alert hit my phone that Defense Security Pete Hegseth has ordered the DoD to suspect offensive cybersecurity campaigns against Russia. As I’ve worked in cybersecurity for more than 30 years, here’s what this means. You might hear a lot about cyberwarfare and cybercrime; the US is a prime target of nation-state hackers (bad cyberplayers who act with the approval of the government) to try and disrupt our critical infrastructure, our military efforts, healthcare and law enforcement, as well as your grandmother’s 401K. The news caught members of Congress and various other Trump officials off-guard; some refused to believe it on the Sunday talk shows.
Principal countries who hack us include China, North Korea, Russia, Iran, Saudi Arabia and even Israel (who are more interested to make sure US Aid continues to flow). Usually left out of the conversation is how good the US is at proactive and reactive cybersecurity operations against these nations. The Trump adminstration has decimated our cybersecurity operations and now, we are telling the Kremlin not to worry and we won’t hack them anymore. I don’t see Moscow making the same pledge.
Former Washington Post cybersecurity writer Brian Krebs has a must-read site for cybersecurity.
He writes:
The Trump administration has fired at least 130 employees at the federal government’s foremost cybersecurity body — the Cybersecurity and Infrastructure Security Agency (CISA). Those dismissals reportedly included CISA staff dedicated to securing U.S. elections, and fighting misinformation and foreign influence operations.
Earlier this week, technologists with Elon Musk’s Department of Government Efficiency (DOGE) arrived at CISA and gained access to the agency’s email and networked files. Those DOGE staffers include Edward “Big Balls” Coristine, a 19-year-old former denizen of the “Com,” an archipelago of Discord and Telegram chat channels that function as a kind of distributed cybercriminal social network.
The investigative journalist Jacob Silverman writes that Coristine is the grandson of Valery Martynov, a KGB double agent who spied for the United States. Silverman recounted how Martynov’s wife Natalya Martynova moved to the United States with her two children after her husband’s death.
…
Another member of DOGE is Christopher Stanley, formerly senior director for security engineering at X and principal security engineer at Musk’s SpaceX. Stanley, 33, had a brush with celebrity on Twitter in 2015 when he leaked the user database for the DDoS-for-hire service LizardStresser, and soon faced threats of physical violence against his family.
My 2015 story on that leak did not name Stanley, but he exposed himself as the source by posting a video about it on his Youtube channel. A review of domain names registered by Stanley shows he went by the nickname “enKrypt,” and was the former owner of a pirated software and hacking forum called error33[.]net, as well as theC0re, a video game cheating community.
DOGE has been steadily gaining sensitive network access to federal agencies that hold a staggering amount of personal and financial information on Americans, including the Social Security Administration (SSA), the Department of Homeland Security, the Office of Personnel Management (OPM), and the Treasury Department.
Most recently, DOGE has sought broad access to systems at the Internal Revenue Service that contain the personal tax information on millions of Americans, including how much individuals earn and owe, property information, and even details related to child custody agreements. The New York Times reported Friday that the IRS had reached an agreement whereby a single DOGE employee — 25-year-old Gavin Kliger — will be allowed to see only anonymized taxpayer information.
The rapidity with which DOGE has rifled through one federal database after another in the name of unearthing “massive fraud” by government agencies has alarmed many security experts, who warned that DOGE’s actions bypassed essential safeguards and security measures.
“The most alarming aspect isn’t just the access being granted,” wrote Bruce Schneier and Davi Ottenheimer, referring to DOGE as a national cyberattack. “It’s the systematic dismantling of security measures that would detect and prevent misuse—including standard incident response protocols, auditing, and change-tracking mechanisms—by removing the career officials in charge of those security measures and replacing them with inexperienced operators.”
Jacob Williams is a former hacker with the U.S. National Security Agency (editor’s note: and a former client of my PR firm) who now works as managing director of the cybersecurity firm Hunter Labs. Williams kicked a virtual hornet’s nest last week when he posted on LinkedIn that the network incursions by DOGE were “a bigger threat to U.S. federal government information systems than China.”
CNN reports the action to stop offensive security measures against Russia is “a major blow,” since planning for these operations is very time consuming and the action makes the US more vulnerable to cyberattacks from Russia and other nation-state hackers.
It’s bad enough Elon Musk’s DOGE is dismantling security protocols designed to protect the privacy of American Citizens and protect classified data, now we’re giving Putin a free pass to make trouble because we told him we won’t look for it anymore.
So what can you do? Make sure your internet-connected devices have Internet security software enabled and back up your data to the Cloud and an external hard drive; once backed up to the external device, disconnect it from the device so it is air-gapped from the Internet. Enable stronger passwords and use a password manager to kep track of them. Your 401K is small fish to a hacker, but learn a bit about common online scams so you don’t fall victim to them.
For our conservative friends, Orange County’s Republicans were famous for “Better Dead than Red.” Is it still like that or have you bent the knee to Orange Jesus?
Catherine Austin Fitts has pointed out Elon Musk is a government defense contractor. However, drastic problems need severe remedies. Our information has been censured. Those who questioned doubtful long election counts were, and still are, jailed. No amount of appeal to our political tyrants from conservatives has been considered, especially here in California. None of the USAID employees were elected. Yet our billions of bucks became weapons against Republicans and wasted on idiotic countries’ projects. Where was CISA when the Chinese balloon floated across America? Our land borders were open for four years. Then Newsom said we must give all the foreigners apartments. Biden taught us how quickly our government can become dangerous.
Dems are freaking out because the party train has been blown off the tracks. No more insane stealth slush funds. No more back door cash for all the stupid initiatives they championed. And a lot of people…will be doing jail time. They are pisses because all of the potential new plantation mentality illegal immigrants they were counting on to swell thier rolls in the future with anchor babies are getting shoved into a c-17 and sent back to the third world shithole they come from. Now wages will being in to rise again because the false floor that dropped out due to all the people willing to work for nothing will be gone. Dems are furious that thier precious Woke revolution has been discredited and dismantled and will be unceremoniously tossed on the 40 foot dumpster of history . They are pissed because if they ever do get back into power, they will have to try to resurrect all this garbage under the heavy scrutiny of the American people. Trump is a transformative change agent that is going to put such a massive hurt on the left, that the Dems will have to finally abandon the far left shit callers who run the show if they ever hope to have any relevance and power in the future.