Here's why you should care that DOGE breached your data
DOGE as an insider threat, ransomware payments go down 🎉 , and the DeepSeek saga continues
In the United States government, conflict of interest rules require that executive branch employees (including special government employees) are not allowed to take action in matters where the employee has a financial interest. This is for a few reasons.
Insider information to abuse: Access to government systems gives the government employee potential insider information or control that direct competitors do not have. For example, say a government employee has access to and can adjust US government spending however they want. Now imagine that person owns a rocket business and competes with another rocket business that also sells to the US government. That person would have major advantages in knowing information about the competitor’s contracts and private financial data. Further, they would have the opportunity to spread disinformation about competitors, given the swath of data from the Treasury that is not disclosed to the public. Last but not least, they would have control over stopping or adjusting payments to competitors. Now imagine this person runs not one company that does business with the government, but six.
A weakness for foreign entities to target: When a government employee has financial interests related to their work, it will be leveraged against the person by other governments. For example, imagine a US government employee has access to and can adjust US government spending however they want. Now, imagine that person owns a car company that manufactures parts in China and sells cars to China. The Chinese government could bribe the US government employee with better access to the Chinese market, subsidies, expedited supply chain material access, or other benefits in exchange for information on American citizens or companies or increased US government spending with Chinese entities. This would not be new - China (and other nations) has bribed US government employees before.
DOGE becomes an insider threat in the Department of the Treasury, and NOAA, and DOE, and FAA, and the acronyms continue…
What happened: DOGE gained access to Treasury systems over a week ago. The information they have access to includes bank accounts, tax data, disability payment data, Medicare and Medicaid benefits, among other data. There’s been a debate over whether the access is read or write. Treasury and White House officials deny that DOGE staff have write access to these systems, but it’s unclear if that’s actually true. Reporting from WIRED calls this into question, and Elon Musk has made comments that imply they have and are using write access. Either way, it’s bad news. By having access to US Treasury systems, DOGE is operating in a gray area of uncertainty that’s closer to insider threat than legitimate government task force, and security practitioners inside the Treasury aren’t afraid to call that out.
Take note: Even with Elon’s Special Government Employee status, he is still subject to conflict of interest rules — he can’t work on US government matters that affect his financial holdings. His access at the Department of the Treasury and other government organizations gives him visibility into US government contracts and information on his competitors for any of his six companies (SpaceX, The Boring Company, Tesla, Neuralink, xAI, and X).
What it means for you: Having one or two unauthorized persons access your personal information may not seem like a big deal. Why would they care about your data, anyway? The reality is, they do care about it. There’s a lot of sensitive financial information at the Department of the Treasury, including Social Security numbers, bank account details, payment data for government programs like Social Security, Medicare, and tax refunds. They can also control what money you receive and what money the organizations you rely on receive. One CEO and a handful of 25-year-olds are not the financial advisors we need to be forced on us right now.
A website has existed since 2006 because of the Federal Funding Accountability and Transparency Act that allows anyone to search about where US government funds go in detail. If you have questions or concerns about how the US government spends money, you can find the information you want on the website. You can also download all of this data for your perusal.
Ransomware payments plummet in part thanks to law enforcement takedowns
What happened: Despite some major ransomware incidents last year like BlueYonder, Change Healthcare, and Krispy Kreme (is nothing sacred?), according to a study published by Chainalysis, ransomware payments decreased significantly from $1.25 billion in 2023 to $813 million in 2024. Pop the champagne; it’s time to celebrate!
Take note: This is likely because fewer organizations are paying out the ransom when hit, and because law enforcement has upped its efforts on disrupting ransomware groups. Law enforcement had notable takedowns of ransomware actors last year like the disruption of LockBit, the takedown of Nemesis Market, the disruption of Radar/Dispossessor, and several others. Coming back to our conversation from last week and the week before, the work that law enforcement is doing to disrupt and disband criminal activity matters - and this is proof of it.
The DeepSeek saga that will never end (continues)
What happened: The bans keep rolling in. DeepSeek is now banned on NY state government devices and US Senate devices. The US Congress is attempting to pass a bill to ban it on all US government devices.
Take note: The national security concerns over DeepSeek as a Chinese company will continue, especially with spy agencies and other groups accusing it of collecting too much data without considering the privacy implications. However, another factor worth considering here is that the security of the tech is just poor in general - it didn’t take security researchers long at all to find a database with more than a million records, including chat prompts and internal data. Don’t ask questions on DeepSeek that you don’t want the world to see.
I want to hear your perspective. Share a comment with me below.