DOGE to Fired CISA Staff Email Us Your Personal Data Krebs on Security
pA message posted on Monday to the homepage of the US Cybersecurity Infrastructure Security Agency CISA is the latest exhibit in the Trump administrations continued disregard for basic cybersecurity protections The message instructed recentlyfired CISA employees to get in touch so they can be rehired and then immediately placed on leave asking employees to send their Social Security number or date of birth in a passwordprotected email attachment presumably with the password needed to view the file included in the body of the emailppThe homepage of cisagov as it appeared on Monday and Tuesday afternoonppOn March 13 a Maryland district court judge ordered the Trump administration to reinstate more than 130 probationary CISA employees who were fired last month On Monday the administration announced that those dismissed employees would be reinstated but placed on paid administrative leave They are among nearly 25000 fired federal workers who are in the process of being rehiredppA notice covering the CISA homepage said the administration is making every effort to contact those who were unlawfully fired in midFebruaryppPlease provide a password protected attachment that provides your full name your dates of employment including date of termination and one other identifying factor such as date of birth or social security number the message reads Please to the extent that it is available attach any termination noticeppThe message didnt specify how affected CISA employees should share the password for any attached files so the implicit expectation is that employees should just include the plaintext password in their messageppEmail is about as secure as a postcard sent through the mail because anyone who manages to intercept the missive anywhere along its path of delivery can likely read it In security terms thats the equivalent of encrypting sensitive data while also attaching the secret key needed to view the informationppWhats more a great many antivirus and security scanners have trouble inspecting passwordprotected files meaning the administrations instructions are likely to increase the risk that malware submitted by cybercriminals could be accepted and opened by US government employeesppThe message in the screenshot above was removed from the CISA homepage Tuesday evening and replaced with a much shorter notice directing former CISA employees to contact a specific email address But a slightly different version of the same message originally posted to CISAs website still exists at the website for the US Citizenship and Immigration Services which likewise instructs those fired employees who wish to be rehired and put on leave to send a passwordprotected email attachment with sensitive personal datappA message from the White House to fired federal employees at the US Citizenship and Immigration Services instructs recipients to email personal information in a passwordprotected attachmentppThis is hardly the first example of the administration discarding Security 101 practices in the name of expediency Last month the Central Intelligence Agency CIA sent an unencrypted email to the White House with the first names and first letter of the last names of recently hired CIA officers who might be easy to fireppAs cybersecurity journalist Shane Harris noted in The Atlantic even those fragments of information could be useful to foreign spiesppOver the weekend a former senior CIA official showed me the steps by which a foreign adversary who knew only his first name and last initial could have managed to identify him from the single line of the congressional record where his full name was published more than 20 years ago when he became a member of the Foreign Service Harris wrote The former official was undercover at the time as a State Department employee If a foreign government had known even part of his name from a list of confirmed CIA officers his cover would have been blownppThe White House has also fired at least 100 intelligence staffers from the National Security Agency NSA reportedly for using an internal NSA chat tool to discuss their personal lives and politics Testifying before the House Select Committee on the Communist Party earlier this month the NSAs former top cybersecurity official said the Trump administrations attempts to mass fire probationary federal employees will be devastating to US cybersecurity operationsppRob Joyce who spent 34 years at the NSA told Congress how important those employees are in sustaining an aggressive stance against China in cyberspaceppAt my former agency remarkable technical talent was recruited into developmental programs that provided intensive unique training and handson experience to cultivate vital skills Joyce told the panel Eliminating probationary employees will destroy a pipeline of top talent responsible for hunting and eradicating Chinese threatsppBoth the message to fired CISA workers and DOGEs ongoing efforts to bypass vetted government networks for a faster WiFi signal are emblematic of this administrations overall approach to even basic security measures To go around them or just pretend they dont exist for a good reasonppOn Monday The New York Times reported that US Secret Service agents at the White House were briefly on alert last month when a trusted captain of Elon Musks Department of Government Efficiency DOGE visited the roof of the Eisenhower building inside the White House compound to see about setting up a dish to receive satellite Internet access directly from Musks Starlink serviceppThe White House press secretary told The Times that Starlink had donated the service and that the gift had been vetted by the lawyer overseeing ethics issues in the White House Counsels Office The White House claims the service is necessary because its wireless network is too slowppJake Williams vice president for research and development at the cybersecurity consulting firm Hunter Strategy told The Times its super rare to install Starlink or another internet provider as a replacement for existing government infrastructure that has been vetted and securedppI cant think of a time that I have heard of that Williams said It introduces another attack point Williams said But why introduce that riskppMeanwhile NBC News reported on March 7 that Starlink is expanding its footprint across the federal governmentppMultiple federal agencies are exploring the idea of adopting SpaceXs Starlink for internet access and at least one agency the General Services Administration GSA has done so at the request of Musks staff according to someone who worked at the GSA last month and is familiar with its network operations despite a vow by Musk and Trump to slash the overall federal budget NBC wroteppThe longtime Musk employee who encountered the Secret Service on the roof in the White House complex was Christopher Stanley the 33yearold senior director for security engineering at X and principal security engineer at SpaceXppOn Monday Bloomberg broke the news that Stanley had been tapped for a seat on the board of directors at the mortgage giant Fannie Mae Stanley was added to the board alongside newly confirmed Federal Housing Finance Agency director Bill Pulte the grandson of the late housing businessman and founder of PulteGroup William J PulteppIn a nod to his new board role atop an agency that helps drive the nations 12 trillion mortgage market Stanley retweeted a Bloomberg story about the hire with a smiley emoji and the comment Tech SupportppppBut earlier today Bloomberg reported that Stanley had abruptly resigned from the Fannie board and that details about the reason for his quick departure werent immediately clear As first reported here last month Stanley had a brush with celebrity on Twitter in 2015 when he leaked the user database for the DDoSforhire service LizardStresser and soon faced threats of physical violence against his familyppMy 2015 story on that leak did not name Stanley but he exposed himself as the source by posting a video about it on his Youtube channel A review of domain names registered by Stanley shows he went by the nickname enKrypt and was the former owner of a pirated software and hacking forum called error33net as well as theC0re a video game cheating communityppStanley is one of more than 50 DOGE workers mostly young men and women who have worked with one or more of Musks companies The Trump administration remains dogged by questions about how many if any of the DOGE workers were put through the gauntlet of a thorough security background investigation before being given access to such sensitive government databasesppThats largely because in one of his first executive actions after being sworn in for a second term on Jan 20 President Trump declared that the security clearance process was simply too onerous and timeconsuming and that anyone so designated by the White House counsel would have full top secretsensitive compartmented information TSSCI clearances for up to six months Translation We accepted the risk so TAHDAH No riskppPresumably this is the same counsel who saw no ethical concerns with Musk donating Starlink to the White House or with President Trump summoning the media to film him hawking Cybertrucks and Teslas aka Teslers on the White House lawn last weekppMr Musks unelected role as head of an ad hoc executive entity that is gleefully firing federal workers and feeding federal agencies into the wood chipper has seen his Tesla stock price plunge in recent weeks while firebombings and other vandalism attacks on property carrying the Tesla logo are cropping up across the US and overseas and driving down Tesla salesppPresident Trump and his attorney general Pam Bondi have dubiously asserted that those responsible for attacks on Tesla dealerships are committing domestic terrorism and that vandals will be prosecuted accordingly But its not clear this administration would recognize a real domestic security threat if it was ensconced squarely behind the Resolute DeskppOr at the pinnacle of the Federal Bureau of Investigation FBI The Washington Post reported last month that Trumps new FBI director Kash Patel was paid 25000 last year by a film company owned by a dual US Russian citizen that has made programs promoting deep state conspiracy theories pushed by the KremlinppThe resulting sixpart documentary appeared on Tucker Carlsons online network itself a reliable conduit for Kremlin propaganda The Post reported In the film Patel made his now infamous pledge to shut down the FBIs headquarters in Washington and open it up as a museum to the deep stateppWhen the head of the FBI is promising to turn his own agency headquarters into a mocking public exhibit on the US National Mall it may seem silly to fuss over the White Houses clumsy and insulting instructions to former employees they unlawfully firedppIndeed one consistent feedback Ive heard from a subset of readers here is something to this effect I used to like reading your stuff more when you werent writing about politics all the timeppMy response to that is Yeah me too Its not that Im suddenly interested in writing about political matters its that various actions by this administration keep intruding on my areas of coverageppA less charitable interpretation of that reader comment is that anyone still giving such feedback is either dangerously uninformed being disingenuous or just doesnt want to keep being reminded that theyre on the side of the villains despite all the evidence showing itppArticle II of the US Constitution unambiguously states that the president shall take care that the laws be faithfully executed But almost from Day One of his second term Mr Trump has been acting in violation of his sworn duty as president by choosing not to enforce laws passed by Congress TikTok ban anyone by freezing funds already allocated by Congress and most recently by flouting a federal court order while simultaneously calling for the impeachment of the judge who issued it Sworn to uphold protect and defend The Constitution President Trump appears to be creating new constitutional challenges with almost each passing dayppWhen Mr Trump was voted out of office in November 2020 he turned to baseless claims of widespread election fraud to explain his loss with deadly and longlasting consequences This time around the rallying cry of DOGE and White House is government fraud which gives the administration a certain amount of cover for its actions among a base of voters that has long sought to shrink the size and cost of governmentppIn reality government fraud has become a term of derision and public scorn applied to anything or anyone the current administration doesnt like If DOGE and the White House were truly interested in trimming government waste fraud and abuse they could scarcely do better than consult the inspectors general fighting it at various federal agenciesppAfter all the inspectors general likely know exactly where a great deal of the federal governments fiscal skeletons are buried Instead Mr Trump fired at least 17 inspectors general leaving the government without critical oversight of agency activities That action is unlikely to stem government fraud if anything it will only encourage such activityppAs Techdirt founder Mike Masnick noted in a recent column Why Techdirt is Now a Democracy Blog Whether We Like it or Not when the very institutions that made American innovation possible are being systematically dismantled its not a political story anymore Its a story about whether the environment that enabled all the other stories we cover will continue to existppThis is why tech journalisms perspective is so crucial right now Masnick wrote Weve spent decades documenting how technology and entrepreneurship can either strengthen or undermine democratic institutions We understand the dangers of concentrated power in the digital age And weve watched in realtime as tech leaders who once championed innovation and openness now actively work to consolidate control and dismantle the very systems that enabled their successppBut right now the story that matters most is how the dismantling of American institutions threatens everything else we cover Masnick continued When the fundamental structures that enable innovation protect civil liberties and foster open dialogue are under attack every other tech policy story becomes secondarypp
This entry was posted on Wednesday 19th of March 2025 0926 PM
ppapologizes for double posting but glad to see so many positive comments supporting Brian and his story
For those honest folks who have followed this cybernews blog over a long period of time and have faith
in Brians dedication and integrity I think you all know that anyone who goes to extreme invective posts
inflammatory remarks starts using fowl language to foment an emotional response and in any other way
seeks to drag down or make the conversation heated is an enemy of respectful discourse This site has always
been for me a place of good info subtle humor even respectful fellowship of the professionals who usually come here
I hope it will continue to represent decent hard working Americans who wish only the best for their nation and
specifically the health of our cyber infrastructure I am only a wannabe computer professional never was willing
to give the kind of effort focus and discipline that it demands but I can see there is a bigger game afoot and I hope
everyone stays on their guard against itppAs you say Brian your blog is not normally about politics its CyberSecurity And politics are now ripping the complete guts out of the USAs CyberSecurity for startersppI have been shaking my head in disbelief watching all of this in the media I mean fire all the people who are responsible for dealing with taking apart old nuclear warheads Whatre they going to do with them put the old and dodgy DOGE stuff in the corner of a warehouse and let it irradiate everything Chuck it in a hole or drain somewhere in the backwoods of nowhere Im halfway expecting it to be put up on eBay for cash because the US government is now too broke because everyone who checks that taxes have been paid has been firedtax dodgers DOGERS rejoiceppI now understand why people have a fascination with watchingtalking about what amounts to trainwrecks This is probably the biggest trainwreck in history an entire nation voluntarily dismantling itself It makes the mental disconnect of the UKs NCSC saying go to postquantum encryption by 2035 and the UKs government saying to Apple build in a back door and shaddup about it extremely small beerppYou wouldnt read about this in The Onion and the old Mad Magazine Simply because neither were creative enough to imagine this type of lunacy happeningppBack in a minute I need more popcorn I have a Trainwreck to watch unfolding liveppLove having an illegal immigrant nepo baby nazi getting to act as an unelected beaurocrat and mass fire people as a non existent government entity Very frustrating how cult members cannot think about or challenge anything the Trump regime does no matter how abhorrent Thank you Brian for ignoring these hateful people and continuing Gods work Youre a fantastic journalist and investigatorppKeep up your good reportingppAre the us intelligencesecurity agencies ever going to be trustworthy again I feel that its going to be impossible to certify that any technology that they use will be safe from intrusion with so many untrustworthy technical people having access right nowppthehackernewscom202503sixgovernmentslikelyuseisraelihtml ppIts so trustworthy just never check up on itppNot real clear why a password protected attachment is needed for any of that info cept SSN which seems to be optional Very strange request And password protected doesnt always mean encrypted sometimes its only enforced by client app Provide the termination notice Dont they know who they terminated ppand then if you dont want to be reinstated please provide a written statement as quickly as possible What Provide a written statement to who where And what kind of idiot wouldnt want to be paid while on administrative leaveppIm not a fan of Elon or Trump but I havent been following your newsfeed for years to read about politics Im sorry but if this is what Krebs on Security has devolved into then Im removing it from my feed readerppKeep your head in the sand GT500OstrichppWhen politics and cybersecurity overlap as they often do now it is unavoidableppYoure behaving like a ignoramusppKeep on em KrebsppYup go hide gt500 the adults are here we will take care of the boo boo you got from reading about politics hopefully the cops handcuffs are just as soft for yappKeep up the good work Brian It is hard to comprehend what is happening with security and respect for the law south of our border in your otherwise great county It sure undermines our trust in what used to be a friendly neighborppPS The nonchalant approach to security by DOGE and White House will likely also spell trouble for the Five Eyes security arrangement with Canada the UK Australia and New Zealand
BJBppAs I said upthread
Now to be known as 4 EyesppToo nerdy America doesnt need eyes we need moar strength GOP platform distillateppYou know even all those old school GOP Republicans that blindly followed the Orange Pox for the sake of their careers must be squirming in their pants right now for not pushing back sooner especially since the Signal fiasco
Id take a not so wild guess that ol 4 eyes is quietly seeking out closer relations with the likes of France Germany Poland South Korea and Japan right now considering their military spending of late Its a brave new world Hell even India is quietly chipping away at its military disparity with China
httpswwwglobalfirepowercomcountriescomparisondetailphpcountry1indiacountry2china
Once Leon guts the DoD its all over But at least the Oligarch will be wealthy ppThank you for the honest reporting keep telling the truthppSomething that occurred to me while reading this if thousands of Federal workers who have had access to sensitive data and have security clearances are suddenly being laid off I can virtually guarantee foreign intelligence services will be recruiting them as quickly as possible Sudden money trouble and a grudge makes recruitment easy And with the FBI and NSA being weakened our counterintelligence efforts are being hamstringedppIts already happening CNN reported on Mar 1 about intelligence agencies saying this is a nobrainer for foreign adversariesppForeign adversaries including Russia and China have recently directed their intelligence services to ramp up recruiting of US federal employees working in national security targeting those who have been fired or feel they could be soon according to four people familiar with recent US intelligence on the issue and a document reviewed by CNNppThe intelligence indicates that foreign adversaries are eager to exploit the Trump administrations efforts to conduct mass layoffs across the federal workforce a plan laid out by the Office of Personnel Management earlier this weekppRussia and China are focusing their efforts on recently fired employees with security clearances and probationary employees at risk of being terminated who may have valuable information about US critical infrastructure and vital government bureaucracy two of the sources said At least two countries have already set up recruitment websites and begun aggressively targeting federal employees on LinkedIn two of the sources saidppA document produced by the Naval Criminal Investigative Service said the intelligence community assessed with high confidence that foreign adversaries were trying to recruit federal employees and capitalize on the Trump administrations plans for mass layoffs according to a partly redacted copy reviewed by CNNppAlso just the brain drain All these scientists laid off from NOAH CDC NIH etc are being snatched up all over the world If you are the best of the best in your field you will not sit idle longppExcellent reporting Brian Youre right KrebsOnSecurity had no choice but to become involved in politics because the current administration intertwined politics with tech Its now one big mess And the state of our countrys cyber security infrastructure definitely supersedes anything else you could be reporting on Please continue to keep us informedppin a passwordprotected email attachment presumably with the password needed to view the file included in the body of the email ppAmerica is Great Again lets face it Elon Musk the South African Visa fraud is doing a helluba job ppWe all voted for this so we might as well just love itppGT500 keep yer birdbrained head buried in the sand GT50OstrichppAnyone complaining about their cult leader on here needs to reevaluate their life choices if offends them Im not sure how anyone can have an interest andor education in Cybersecurity and approve of the choices being made by this idiotic administrationppCybersecurity attacks which eventually bring down infrastructure and cause harm to others typically happen over time with small incremental combinations of exploits and social engineering I cant imagine what the individuals in CISA have to deal with especially the very low level exploits that effect things like the energy grid to infiltrate our infrastructure Yet here comes Musk and DOGE a man according to his biography who once ripped servers out of a leased datacenter in a manicdruginduced frenzy over Christmas holidays to save a buck and let his minions clean up the messppYou wonder why bad stuff happens throughout history This is how a cascading set of dominoes set off at the low level which eventually effects us all over time Things arent fixed or made by sweeping high level ignorance of looking at a few select numbers and ripping it all out and saying see nothing happened yetppThanks for great reporting Brian please keep it up As someone who endured extensive background checks for a secretcrypto and a Q clearance it is very scary that any president can grant security clearance with no vetting to anyone much less the DOGE idiots The mere fact that at least one of them was involved in nefarious cyber matters in the past should in a rational universe cause all of the DOGE crew as well as their leader to be denied all access to any and all government systems until they are vettedppWhat should be noted that the incoming administration tried to avoid the background checks by the FBI by refusing to submit to the FBI for security clearance but agreed to it and eventually moved the background check for WH staffers from the FBI to the Pentagon I think Trump wanted to make it easier to vet people Thats to me a bad optionppAs for the conflict of interest of Musk providing services of Starlink to the US government could it be he using Starshield more secured version of StarlinkppShame I once enjoyed reading this publicationppAnd if you were a thinking person you still wouldppNobody will miss you if you only come around to complainppThough anyone capable of critical thinking would immediately recognize it based on some of the comments it would have been worth pointing out that rehiring people and putting them on paid leave is the epitome of waste Theyre now being paid to contribute zero to national security Theyre getting paid leverage their skillsppGreat summary reporting Not to mention the news that broke today alleging a magazine editor was in on an imminentmilitaryattack communication that circumvented secure govt comms In any case ppI keep reading that snapping StarLink to the roof of the EOB to cure slow wifi was strange But isnt it not only strange but downright nonsensical and ominous Nonsensical because wifi is only the last 100 feet between you and a wired backhaul Just extend the wire and add a wifi access point And ominous because the true reason to install StarLink might be to evade the government firewall or intrusion detectorppBrian keep reporting the facts Individuals swimming in the personality cult seem to have forgotten or never learned that facts are not politicalppThanks for the informative update on this troubling situation Its concerning to see a parody account like Doge potentially exploiting a serious cybersecurity matter especially involving former CISA employees This highlights the importance of vigilance in handling personal data and verifying sources before sharing sensitive information Hopefully affected individuals will take necessary precautions to protect themselves from further risks Transparency and awareness are crucial in preventing bad actors from taking advantage of such incidentsppFunny this post was made a week ago and were barely two months in with this unqualified idiotic administration and the past week weve been dealing with fallout from topics mentioned here already with OPSECppIf youre a Cybersecurity professional in this industry and come to this blog and are defending whats been going on the past week you should have your credentials revoked and remove yourself from the field for lack of ethics and critical thinkingppOh it gets worse It always gets worse They dont start off at this clip and then land the plane lolppYour email address will not be published Required fields are marked ppComment ppName ppEmail ppWebsite pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppMailing ListppSearch KrebsOnSecurityppRecent PostsppStory CategoriesppWhy So Many Top Hackers Hail from Russiap
This entry was posted on Wednesday 19th of March 2025 0926 PM
ppapologizes for double posting but glad to see so many positive comments supporting Brian and his story
For those honest folks who have followed this cybernews blog over a long period of time and have faith
in Brians dedication and integrity I think you all know that anyone who goes to extreme invective posts
inflammatory remarks starts using fowl language to foment an emotional response and in any other way
seeks to drag down or make the conversation heated is an enemy of respectful discourse This site has always
been for me a place of good info subtle humor even respectful fellowship of the professionals who usually come here
I hope it will continue to represent decent hard working Americans who wish only the best for their nation and
specifically the health of our cyber infrastructure I am only a wannabe computer professional never was willing
to give the kind of effort focus and discipline that it demands but I can see there is a bigger game afoot and I hope
everyone stays on their guard against itppAs you say Brian your blog is not normally about politics its CyberSecurity And politics are now ripping the complete guts out of the USAs CyberSecurity for startersppI have been shaking my head in disbelief watching all of this in the media I mean fire all the people who are responsible for dealing with taking apart old nuclear warheads Whatre they going to do with them put the old and dodgy DOGE stuff in the corner of a warehouse and let it irradiate everything Chuck it in a hole or drain somewhere in the backwoods of nowhere Im halfway expecting it to be put up on eBay for cash because the US government is now too broke because everyone who checks that taxes have been paid has been firedtax dodgers DOGERS rejoiceppI now understand why people have a fascination with watchingtalking about what amounts to trainwrecks This is probably the biggest trainwreck in history an entire nation voluntarily dismantling itself It makes the mental disconnect of the UKs NCSC saying go to postquantum encryption by 2035 and the UKs government saying to Apple build in a back door and shaddup about it extremely small beerppYou wouldnt read about this in The Onion and the old Mad Magazine Simply because neither were creative enough to imagine this type of lunacy happeningppBack in a minute I need more popcorn I have a Trainwreck to watch unfolding liveppLove having an illegal immigrant nepo baby nazi getting to act as an unelected beaurocrat and mass fire people as a non existent government entity Very frustrating how cult members cannot think about or challenge anything the Trump regime does no matter how abhorrent Thank you Brian for ignoring these hateful people and continuing Gods work Youre a fantastic journalist and investigatorppKeep up your good reportingppAre the us intelligencesecurity agencies ever going to be trustworthy again I feel that its going to be impossible to certify that any technology that they use will be safe from intrusion with so many untrustworthy technical people having access right nowppthehackernewscom202503sixgovernmentslikelyuseisraelihtml ppIts so trustworthy just never check up on itppNot real clear why a password protected attachment is needed for any of that info cept SSN which seems to be optional Very strange request And password protected doesnt always mean encrypted sometimes its only enforced by client app Provide the termination notice Dont they know who they terminated ppand then if you dont want to be reinstated please provide a written statement as quickly as possible What Provide a written statement to who where And what kind of idiot wouldnt want to be paid while on administrative leaveppIm not a fan of Elon or Trump but I havent been following your newsfeed for years to read about politics Im sorry but if this is what Krebs on Security has devolved into then Im removing it from my feed readerppKeep your head in the sand GT500OstrichppWhen politics and cybersecurity overlap as they often do now it is unavoidableppYoure behaving like a ignoramusppKeep on em KrebsppYup go hide gt500 the adults are here we will take care of the boo boo you got from reading about politics hopefully the cops handcuffs are just as soft for yappKeep up the good work Brian It is hard to comprehend what is happening with security and respect for the law south of our border in your otherwise great county It sure undermines our trust in what used to be a friendly neighborppPS The nonchalant approach to security by DOGE and White House will likely also spell trouble for the Five Eyes security arrangement with Canada the UK Australia and New Zealand
BJBppAs I said upthread
Now to be known as 4 EyesppToo nerdy America doesnt need eyes we need moar strength GOP platform distillateppYou know even all those old school GOP Republicans that blindly followed the Orange Pox for the sake of their careers must be squirming in their pants right now for not pushing back sooner especially since the Signal fiasco
Id take a not so wild guess that ol 4 eyes is quietly seeking out closer relations with the likes of France Germany Poland South Korea and Japan right now considering their military spending of late Its a brave new world Hell even India is quietly chipping away at its military disparity with China
httpswwwglobalfirepowercomcountriescomparisondetailphpcountry1indiacountry2china
Once Leon guts the DoD its all over But at least the Oligarch will be wealthy ppThank you for the honest reporting keep telling the truthppSomething that occurred to me while reading this if thousands of Federal workers who have had access to sensitive data and have security clearances are suddenly being laid off I can virtually guarantee foreign intelligence services will be recruiting them as quickly as possible Sudden money trouble and a grudge makes recruitment easy And with the FBI and NSA being weakened our counterintelligence efforts are being hamstringedppIts already happening CNN reported on Mar 1 about intelligence agencies saying this is a nobrainer for foreign adversariesppForeign adversaries including Russia and China have recently directed their intelligence services to ramp up recruiting of US federal employees working in national security targeting those who have been fired or feel they could be soon according to four people familiar with recent US intelligence on the issue and a document reviewed by CNNppThe intelligence indicates that foreign adversaries are eager to exploit the Trump administrations efforts to conduct mass layoffs across the federal workforce a plan laid out by the Office of Personnel Management earlier this weekppRussia and China are focusing their efforts on recently fired employees with security clearances and probationary employees at risk of being terminated who may have valuable information about US critical infrastructure and vital government bureaucracy two of the sources said At least two countries have already set up recruitment websites and begun aggressively targeting federal employees on LinkedIn two of the sources saidppA document produced by the Naval Criminal Investigative Service said the intelligence community assessed with high confidence that foreign adversaries were trying to recruit federal employees and capitalize on the Trump administrations plans for mass layoffs according to a partly redacted copy reviewed by CNNppAlso just the brain drain All these scientists laid off from NOAH CDC NIH etc are being snatched up all over the world If you are the best of the best in your field you will not sit idle longppExcellent reporting Brian Youre right KrebsOnSecurity had no choice but to become involved in politics because the current administration intertwined politics with tech Its now one big mess And the state of our countrys cyber security infrastructure definitely supersedes anything else you could be reporting on Please continue to keep us informedppin a passwordprotected email attachment presumably with the password needed to view the file included in the body of the email ppAmerica is Great Again lets face it Elon Musk the South African Visa fraud is doing a helluba job ppWe all voted for this so we might as well just love itppGT500 keep yer birdbrained head buried in the sand GT50OstrichppAnyone complaining about their cult leader on here needs to reevaluate their life choices if offends them Im not sure how anyone can have an interest andor education in Cybersecurity and approve of the choices being made by this idiotic administrationppCybersecurity attacks which eventually bring down infrastructure and cause harm to others typically happen over time with small incremental combinations of exploits and social engineering I cant imagine what the individuals in CISA have to deal with especially the very low level exploits that effect things like the energy grid to infiltrate our infrastructure Yet here comes Musk and DOGE a man according to his biography who once ripped servers out of a leased datacenter in a manicdruginduced frenzy over Christmas holidays to save a buck and let his minions clean up the messppYou wonder why bad stuff happens throughout history This is how a cascading set of dominoes set off at the low level which eventually effects us all over time Things arent fixed or made by sweeping high level ignorance of looking at a few select numbers and ripping it all out and saying see nothing happened yetppThanks for great reporting Brian please keep it up As someone who endured extensive background checks for a secretcrypto and a Q clearance it is very scary that any president can grant security clearance with no vetting to anyone much less the DOGE idiots The mere fact that at least one of them was involved in nefarious cyber matters in the past should in a rational universe cause all of the DOGE crew as well as their leader to be denied all access to any and all government systems until they are vettedppWhat should be noted that the incoming administration tried to avoid the background checks by the FBI by refusing to submit to the FBI for security clearance but agreed to it and eventually moved the background check for WH staffers from the FBI to the Pentagon I think Trump wanted to make it easier to vet people Thats to me a bad optionppAs for the conflict of interest of Musk providing services of Starlink to the US government could it be he using Starshield more secured version of StarlinkppShame I once enjoyed reading this publicationppAnd if you were a thinking person you still wouldppNobody will miss you if you only come around to complainppThough anyone capable of critical thinking would immediately recognize it based on some of the comments it would have been worth pointing out that rehiring people and putting them on paid leave is the epitome of waste Theyre now being paid to contribute zero to national security Theyre getting paid leverage their skillsppGreat summary reporting Not to mention the news that broke today alleging a magazine editor was in on an imminentmilitaryattack communication that circumvented secure govt comms In any case ppI keep reading that snapping StarLink to the roof of the EOB to cure slow wifi was strange But isnt it not only strange but downright nonsensical and ominous Nonsensical because wifi is only the last 100 feet between you and a wired backhaul Just extend the wire and add a wifi access point And ominous because the true reason to install StarLink might be to evade the government firewall or intrusion detectorppBrian keep reporting the facts Individuals swimming in the personality cult seem to have forgotten or never learned that facts are not politicalppThanks for the informative update on this troubling situation Its concerning to see a parody account like Doge potentially exploiting a serious cybersecurity matter especially involving former CISA employees This highlights the importance of vigilance in handling personal data and verifying sources before sharing sensitive information Hopefully affected individuals will take necessary precautions to protect themselves from further risks Transparency and awareness are crucial in preventing bad actors from taking advantage of such incidentsppFunny this post was made a week ago and were barely two months in with this unqualified idiotic administration and the past week weve been dealing with fallout from topics mentioned here already with OPSECppIf youre a Cybersecurity professional in this industry and come to this blog and are defending whats been going on the past week you should have your credentials revoked and remove yourself from the field for lack of ethics and critical thinkingppOh it gets worse It always gets worse They dont start off at this clip and then land the plane lolppYour email address will not be published Required fields are marked ppComment ppName ppEmail ppWebsite pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppMailing ListppSearch KrebsOnSecurityppRecent PostsppStory CategoriesppWhy So Many Top Hackers Hail from Russiap
