“The Government’s Computing Experts Say They Are Terrified”
Charlie Warzel and Ian Bogost from The Atlantic talked to four experienced federal-government IT professionals who have all “built, modified, or maintained the kind of technological infrastructure” that Elon Musk’s team of young hackers are attacking. They are beyond concerned about the potential consequences.
Based on what has been reported, DOGE representatives have obtained or requested access to certain systems at the U.S. Treasury, the Department of Health and Human Services, the Office of Personnel Management, and the National Oceanic and Atmospheric Administration, with eyes toward others, including the Federal Aviation Administration. “This is the largest data breach and the largest IT security breach in our country’s historyโat least that’s publicly known,” one contractor who has worked on classified information-security systems at numerous government agencies told us this week. “You can’t un-ring this bell. Once these DOGE guys have access to these data systems, they can ostensibly do with it what they want.”
What exactly they want is unclear. And much remains unknown about what, exactly, is happening here. The contractor emphasized that nobody yet knows which information DOGE has access to, or what it plans to do with it. Spokespeople for the White House, and Musk himself, did not respond to emailed requests for comment. Some reports have revealed the scope of DOGE’s incursions at individual agencies; still, it has been difficult to see the broader context of DOGE’s ambition.
The four experts laid out the implications of giving untrained individuals access to the technological infrastructure that controls the country. Their message is unambiguous: These are not systems you tamper with lightly. Musk and his crew could act deliberately to extract sensitive data, alter fundamental aspects of how these systems operate, or provide further access to unvetted actors. Or they may act with carelessness or incompetence, breaking the systems altogether. Given the scope of what these systems do, key government services might stop working properly, citizens could be harmed, and the damage might be difficult or impossible to undo. As one administrator for a federal agency with deep knowledge about the government’s IT operations told us, “I don’t think the public quite understands the level of danger.”
For example:
Many systems and databases in a given agency feed into others, but access to them is restricted. Employees, contractors, civil-service government workers, and political appointees have strict controls on what they can access and limited visibility into the system as a whole. This is by design, as even the most mundane government databases can contain highly sensitive personal information. A security-clearance database such as those used by the Department of Justice or the Bureau of Alcohol, Tobacco, Firearms and Explosives, one contractor told us, could include information about a person’s mental-health or sexual history, as well as disclosures about any information that a foreign government could use to blackmail them.
Comments
Hello! In order to comment or fave, you need to be a current kottke.org member. If you'd like to sign up for a membership to support the site and join the conversation, you can explore your options here.
Existing members can sign in here. If you're a former member, you can renew your membership.
Note: If you are a member and tried to log in, it didn't work, and now you're stuck in a neverending login loop of death, try disabling any ad blockers or extensions that you have installed on your browser...sometimes they can interfere with the Memberful links. Still having trouble? Email me!
In order to comment or fave, you need to be a current kottke.org member. Check out your options for renewal.
This is the name that'll be displayed next to comments you make on kottke.org; your email will not be displayed publicly. I'd encourage you to use your real name (or at least your first name and last initial) but you can also pick something that you go by when you participate in communities online. Choose something durable and reasonably unique (not "Me" or "anon"). Please don't change this often. No impersonation.
Note: I'm letting folks change their display names because the membership service that kottke.org uses collects full names and I thought some people might not want their names displayed publicly here. If it gets abused, I might disable this feature.
If you feel like this comment goes against the grain of the community guidelines or is otherwise inappropriate, please let me know and I will take a look at it.
This thread is closed for new comments & replies. Thanks to everyone for participating!