Search
Items tagged with: doge
When a firefighter dies, a small team of federal health workers helps pinpoint what went wrong and identify how to avoid similar accidents in the future.
Trump laid off nearly all of them.
propublica.org/article/trump-c…
#News #Fire #Trump #DOGE #Musk #Deaths #Health #HHS
Trump Laid Off Nearly All the Federal Workers Who Investigate Firefighter Deaths
The cuts, which are part of Trump’s slashing of the National Institute for Occupational Safety and Health, will also halt a first-of-its-kind study of the causes of thousands of firefighters’ cancer cases.ProPublica
Holy shit the details of this story about #DOGE taking over the #NLRB's systems are nuts.
1. Demanded full control of NLRB's #Azure cloud
2. Disabled logs and network monitoring
3. MFA turned off
4. Russian login attempts with valid (new) credentials
5. 10 GB exfiltrated from #NxGen, the NLRB's legal case database
threadreaderapp.com/thread/191…
#ElonMusk #cybersecurity #CISA #infosec #Russia #Putin #vladimirPutin #GRU #FSB #crime #Elon #TeslaTakedown #Tesla
Thread by @mattjay on Thread Reader App
@mattjay: 🧵 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read. He's saying DOGE came in, data went out, and Russians started attempting logins with new v...…threadreaderapp.com
#DOGE Is Building a Master Database to Surveil and Track #immigrants
DOGE is knitting together data from the Department of Homeland Security, Social Security Administration, and IRS that could create a #surveillance tool of unprecedented scope.
#dhs #ssa #irs #privacy #security
Trump’s War on Measurement Means Losing Data on Drug Use, Maternal Mortality, Climate Change and More
—
By slashing teams that gather critical data, the administration has left the federal government with no way of understanding if policies are working — and created a black hole of information whose consequences could ripple out for decades.
propublica.org/article/trump-d…
#News #Trump #DOGE #Data #Climate #Health #Environment #Immigration #Science #Education
Everyone associated with DOGE should be arrested and investigated.
#BankruptTesla #CancelStarlink #BoycottSpaceX #TeslaTakedown #ArrestElonMusk #ElonMusk #DOGE #Swastikars #SissySpaceX #NaziMusk #PresidentMusk #FuckElonMusk #USPol
Hang it up, Tesla! It’s over.
Tesla drops Cybertruck production targets and moves some workers off the line businessinsider.com/tesla-cybe…
#BankruptTesla #CancelStarlink #BoycottSpaceX #TeslaTakedown #ArrestElonMusk #ElonMusk #DOGE #Swastikars #SissySpaceX #NaziMusk #PresidentMusk #FuckElonMusk #USPol
Tesla drops Cybertruck production targets, moves some workers off line
Some lines are running at a fraction of their previous capacity, and a handful of production teams have been thinned out by over half, workers say.Grace Kay (Business Insider)
Tesla's share price and Elon's wealth are all hype built on vaporware and the myth of Musk's genius. We're here to help pop that bubble. When we tank Tesla's sales, all he'll be left holding is broken promises.
An Internal Tesla Analysis Found the Robotaxi Would Lose Money, and You'll Never Guess What Elon Musk Did in Response
futurism.com/tesla-analysis-ro…
#BankruptTesla #CancelStarlink #BoycottSpaceX #TeslaTakedown #ElonMusk #DOGE #FuckElonMusk #USPol
An Internal Tesla Analysis Found the Robotaxi Would Lose Money, and You'll Never Guess What Elon Musk Did in Response
Instead of focusing on a safe and affordable $25,000 EV, Musk gave the greenlight to the Cybercab, waving away a damning internal report.Joe Wilkins (Futurism)
UPDATE: We've added 11 more names to our DOGE tracker, bringing the total to 77 staffers affiliated with Musk.
Plus, you can now filter our database by federal agency. Check it out ⤵️
projects.propublica.org/elon-m…
#DOGE #ElonMusk #Musk #Government #Data #Research #USPolitics #Trump
Elon Musk’s Demolition Crew
Elon Musk, the world’s richest man, has been unleashed on federal agencies. ProPublica is attempting to document who is working with him and what they are doing.ProPublica
#NLRB stores reams of potentially sensitive data, from confidential info about employees who want to form unions to proprietary business info.
The #DOGE employees, who are led by #Trump adviser & billionaire tech CEO #ElonMusk, appeared to have their sights set on accessing the NLRB's internal systems. They've said their unit's overall mission is to review agency data for compliance with the new admin's policies & to cut costs & maximize efficiency.
& data has nothing to do w/making the govt more efficient or cutting spending.
Meanwhile, acc/to the disclosure & records of internal comms, members of the #DOGE team asked that their activities not be logged on the system & then appeared to try to cover their tracks behind them, turning off monitoring tools & manually deleting records of their access—evasive behavior several #cybersecurity experts compared to what #criminal or #StateSponsored #hackers might do.
It could also intimidate #whistleblowers who might speak up about unfair labor practices, & it could sow distrust in the #NLRB's independence, they said.
The new revelations about #DOGE's activities at the labor agency come from a #whistleblower in the IT department of the NLRB, who disclosed his concerns to #Congress & the US Office of Special Counsel [#OSC] in a detailed report that was then provided to #NPR.
…#DOGE employees demanded the highest level of access, what are called "tenant owner level" accounts inside the independent agency's computer systems, w/essentially unrestricted permission to read, copy & alter #data….
When an IT staffer suggested a streamlined process to activate those accounts in a way that would let their activities be tracked, in accordance with #NLRB #security policies, the IT staffers were told to stay out of DOGE's way….
#law #Trump #Musk #InfoSec #NationalSecurity
For #cybersecurity professionals, a failure to log activity is a cardinal sin & contradicts best practices as recommended by the National Institute of Standards & Technology [#NIST] & the #DHS's #CISA, as well as the #FBI & the #NSA.
"That was a huge red flag," said Berulis. "That's something that you just don't do. It violates every core concept of security & best practice."
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
Those #forensic #digital #records are important for record-keeping requirements & allow for troubleshooting, but they also allow experts to investigate potential breaches, sometimes even tracing the attacker's path back to the vulnerability that let them inside a network. The records can also help experts see what #data might have been removed. Basic logs would likely not be enough to demonstrate the extent of a bad actor's activities, but it would be a start.
There's no reason for any legitimate user to turn off logging or other #security tools, #cybersecurity experts say.
"None of this is normal," said Jake Braun…fmr acting principal dpty natl cyber dir at the WH…. "This type of activity is why the government buys insider-threat-monitoring technology. So we can know things like this are happening & stop sensitive data exfiltration before it happens," he told NPR.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
However, the #NLRB's budget hasn't had the money to pay for tools like that for years, Berulis said.
A couple of days after #DOGE arrived, Berulis saw something else that alarmed him while browsing the internet over the weekend.
MIT grad & DOGE engineer #JordanWick had been sharing info about coding projects he was working on to his public account w/ GitHub….
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
After journalist Roger Sollenberger started posting…about the account, Berulis noticed something Wick was working on: a project, or repository, titled "NxGenBdoorExtract."
Wick made it private before Berulis could investigate further, he told NPR. But to Berulis, the title itself was revealing.
"So when I saw this tool, I immediately panicked,"…He immediately alerted his whole team.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
While NPR was unable to recover the code for that project, the name itself suggests that Wick could have been designing a #backdoor, or "Bdoor," to extract files from #NLRB's internal case management system, known as NxGen, acc/to several #cybersecurity experts who reviewed Berulis' conclusions.
…NxGen is an internal system that was designed specifically for the NLRB in-house, acc/to several of the engineers who created the tool….
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
…while many of the #NLRB's records are eventually made public, the NxGen case management system hosts #proprietary #data from #corporate competitors, personal information about #union members or employees voting to join a union, & #witness testimony in ongoing cases. Access to that data is protected by numerous federal #laws, including the #Privacy Act.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
…engineers were also concerned by #DOGE staffers' insistence that their activities not be logged, allowing them to probe the NLRB's systems & discover info about potential #security flaws or vulnerabilities w/o being detected.
“The whole idea of removing logging & [getting] tenant-level access is the most disturbing part to me," one engineer said.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
"If he didn't know the backstory, any [chief information security officer] worth his salt would look at network activity like this & assume it's a nation-state attack from #China or #Russia," said Braun, the fmr White House #cyber official.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
About a week after arriving, the #DOGE engineers left #NLRB & deleted their accounts….
In the office, Berulis had had limited visibility into what the DOGE team was up to in real time.
That's partly because, he said, NLRB isn't advanced when it comes to detecting insider threats…. "We as an agency have not evolved to account for those," he explained. "We were looking for [bad actors] outside," he said.
But he counted on #DOGE leaving at least a few traces of its activity behind,…details he included in his ofcl disclosure.
First, at least 1 DOGE account was created & later deleted for use in #NLRB's cloud systems, hosted by Microsoft:
DogeSA_2d5c3e0446f9@nlrb.microsoft.com
Then, DOGE engineers installed what's called a "container," a kind of opaque virtual computer that can run programs…w/o revealing its activities to the rest of the network.
#law #Trump #Musk #DOGE #InfoSec #NationalSecurity
On its own, that wouldn't be suspicious, though it did allow the engineers to work invisibly & left no trace of its activities once it was removed.
Then, Berulis started tracking sensitive #data leaving the places it's meant to live…. First, he saw a chunk of data exiting the NxGen case management system's "nucleus," inside the #NLRB system, Berulis explained. Then, he saw a large spike in outbound traffic leaving the network itself.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
From what he could see, the #data leaving, almost all text files, added up to around 10GB…. It's a sizable chunk of the total data in the #NLRB sys, though the agency itself hosts over 10TB in historical data. It's unclear which files were copied & removed or whether they were consolidated & compressed, which could mean even more data was exfiltrated. It's also possible that #DOGE ran queries looking for specific files…& took only what it was looking for….
Regardless, that kind of spike is extremely unusual, …because #data almost never directly leaves from the #NLRB's databases. In his disclosure, Berulis shared a screenshot tracking data entering and exiting the system, & there's only one noticeable spike of data going out. He also confirmed that no one at the NLRB had been saving backup files that week or migrating data for any projects.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
Even when external parties like lawyers or overseers like the inspector general are granted guest accounts on the system, it's only to view the files relevant to their case or investigation, explained #labor #law experts who worked with or at the #NLRB….
"None of that confidential & deliberative information should ever leave the agency," said Richard Griffin, who was the NLRB general counsel 2013–2017, in an interview w/NPR.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
For #cybersecurity experts, that spike in #data leaving the system is a key indicator of a #breach, Berulis explained.
When Berulis asked his IT colleagues whether they knew why the data was exfiltrated or whether anyone else had been using containers to run code on the system in recent weeks, no one knew anything about it or the other unusual activities on the network….
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
In fact, when they looked into the spike, they found that logs that were used to monitor outbound traffic from the system were absent. Some actions taken on the network, including #data exfiltration, had no attribution—except to a "deleted account," he continued. "Nobody knows who deleted the logs or how they could have gone missing," Berulis said.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
The IT team met to discuss insider threats — namely, the #DOGE engineers…. "We had no idea what they did," he explained.…
They eventually launched a formal breach investigation, …& prepared a request for assistance from #CISA. However, those efforts were disrupted w/o an explanation, Berulis said. That was deeply troubling to Berulis….
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
In the days after Berulis & his colleagues prepared a request for #CISA's help…, Berulis found a printed letter in an envelope taped to his door, which included threatening language, sensitive personal info & overhead pictures of him walking his dog…. It's unclear who sent it, but the letter made specific reference to his decision to report the breach. Law enforcement is investigating the letter.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
In part because of the stymied internal investigation & attempts to silence him, Berulis decided to come forward publicly.
…despite all that, Berulis managed to uncover stranger & more troubling details about what happened while #DOGE was logged on….
Unknown users gave themselves a high-level access key, what's called a SAS token, "shared access signature," to access storage accounts, before deleting it. Berulis said there was no way to track what they did with it.
While investigating the #data taken from #NLRB, Berulis tried to determine its ultimate destination. But whoever had exfiltrated it had disguised its destination too….
#DOGE staffers had permission to access the system, but removing data is another matter.
Berulis says someone appeared to be doing something called DNS tunneling to prevent the data exfiltration from being detected.
#criminal #law #Trump #Musk #DOGE #InfoSec #NationalSecurity
"Ppl in #AmeriCorps being told they're done. It's over. No notice."
-J Marshall
"My bff’s son works for AmeriCorps & received a decommissioning letter today. #DOGE is gutting the program. I’m so angry & disappointed DOGE would go after a program that does such good work."
-G Griffin
"The AmeriCorps volunteers here at our local wildlife refuge were let go today--told they had to pack up & leave tonight."
-L Rufus
Trump is eliminating all the good programs his predecessors championed.
“The #DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks…”
“The employees grew concerned that the NLRB's confidential data could be exposed, particularly after they started detecting suspicious log-in attempts from an IP address in #Russia”
#fascism #elonmusk #trump
npr.org/2025/04/15/nx-s1-53558…
