BrianKrebsFeb 12, 2025

A group of 20-somethings with names like "Big Balls" gain unauthorized access to your servers, delete data, take your website down, and now you can't serve your customers and your organization goes belly up unless you pay money to a mafia boss.

Sounds a lot like ransomware, doesn't it? When your government starts imitating ransomware playbooks, it's a four-alarm fire. At least in theory one can negotiate with ransomware actors.

Show threadBrianKrebsFeb 12, 2025
Here's another way the DOGE team is behaving like ransomware actors: Their strategy for taking over agency databases is to wait until the federal employees go home on Friday and then show up and work through the weekend to undermine federal security.
Show threadJustin DerrickFeb 12, 2025
@briankrebs How long before ransomware actors / foreign agents use this as a strategy? Roll up in some black SUVs, escorted by guys in body armor and balaclavas, with fake badges and real guns, with some fake paperwork and real malware?
Show threaditgrrl Feb 13, 2025

@JustinDerrick @briankrebs

<obligatory>

Show threadJustin Derrick

@itgrrl @briankrebs It's not the guy with the encryption keys they're trying to exploit, it's the rent-a-cop at the door with keys to every door in the entire building. Physical access beats pretty much any other attack.

But yes, I actually used this example in a presentation on Monday when talking about IT security. I turned to the guy sitting closest to me and said "How many times would I need to hit you with a wrench before you give me your bank login credentials."

Of course the answer was along the lines of "None, there's not much in there." Yowza.

Feb 13, 2025 at 2:17pmWeb