Mastodawn

I have quite a few projects I'm super excited to publish in the coming weeks. But honestly, the main thing that's consuming my brain cycles story-wise is a year-end piece about just how badly this administration has fscked our cybers in so many ways.

This won't be a polemical soliloquy. I intend to document all of the specific actions this administration has taken that appear to weaken, redirect, or fully castrate our cyber capabilities. Your assistance would be appreciated (and possibly noted).

BrianKrebs Nov 20

One aspect of this I can't stop thinking about is the example and precedent set by this administration when Musk took over and started joining all these federal databases that had previously been kept separate for about 100+ reasons over time.

Kind of secondary to those alarming developments was the fact that all of the safeguards we put in place to ensure Security 101 things like "need to know access" and auditability were just tossed out the window, and really haven't been observed by this administration since. It's as if the entirety of what they teach you in Security 101, 201, 301, etc, is just a suggestion.

Also, where THE FUCK did this data go? Who has it? How can anyone be sure who does? Is it still being used? How will it be used going forward?

BrianKrebs Nov 20

To my mind, the biggest story of the year that hasn't been gotten yet is WTF happened with all this data? The assumption is that Musk and X have it, which may be true. But who else?

@briankrebs well... over the years, ive collected the leak dumps as i get them (the most recent one, i still need, if you have leads, nudge nudge) and im up to 4.1tb. i insert the data into orbital, phobos' ASM platform, so customers can see what emails from their orgs have been leaked.

unless i need to search for something, the data sits idle.

i wager its going to be very much the same. folks have it squirreled away 'for later'. privately.

and its gonna suck when they pull it out

I think about this at least once a day.

I have a theory. Elon has a copy. When Trump destroys everything and the government has to be started from the ground up, Elon will have the only copy of the database which he will then sell back to whomever inherits the dumpster fire that was the federal government.

or he'll just declare himself supreme ruler

PeaceNick🇨🇦Nov 21

@noondlyt
The only Supreme leader that I recognize.

@briankrebs

Gary Blosser Nov 20

@briankrebs I'm sure we will find out really quickly when the 2026 and 2028 elections hit 😬

Josh Griffiths Nov 20

@briankrebs Who doesn't have it by now?

Loren Kohnfelder Nov 20

@briankrebs 💯 to that - and it's very unlikely that it's properly secured. Any guess at what it'd sell for on the black market?

BrianKrebs Nov 20

@lmk Nowhere near what it would be worth for someone like Musk who has multiple ginormous machines to feed it into privately.

Loren Kohnfelder Nov 20

@briankrebs That's an excellent point ... and you have the rough plot of a dystopian sci-fi novel there. I'm not sure he controls all copies at this point, it sure would be tempting for a minion to squirrel away a copy on the side.

AndroidDreamer Nov 21

@lmk @briankrebs Who needs dystopia when there's reality 🫣

Daniel Lakeland Nov 21

@briankrebs
We gotta assume Putin. Musks DOGE people definitely transferred some of it to Russian IP addresses right? That was fairly widely reported around Feb, March

@dlakelan @briankrebs yes this!! The whistleblowers described this and then we all shrugged and here we are. 😩

Vickie Gray 🍁Nov 21

@briankrebs Right. And how and by whom is it now being used, shared, lost, exposed. Not only to compromise the US but also allies who had no control over it. Training AI, surveillance, military compromise, personal profit, industrial espionage, classified intel exploitation, secure networks infiltration, blackmail, extortion, employment farming, election interference, human trafficking…Can’t wait to read your analysis. The implications gave me vertigo at the time Musk was playing. Still do.

h4nd / UntouchedCupOfTea Nov 21

@briankrebs I assume we can figure that out by analysing changes in behavior of politicians who have discovered that the KGB hold kompromat on them. I wonder if we could x-ref that with emails etc from .ru?

Sterling Nov 21

@briankrebs
"but who else" indeed !
The question is not did it get out...but how far.
No doubt that "some" nefarious actors have it, but how far and wide it has gone.
Then there's the question of who is profiting?
Who has monetized it?

らりるれろ Nov 21

@briankrebs very surprised to see no mention of Palantir in the replies.

@p0intz3r0 @briankrebs https://newrepublic.com/post/191075/elon-musk-power-grab-server-federal-worker-data

https://www.theguardian.com/us-news/2025/mar/18/musk-starlink-internet-white-house

Smells bad.

Elon Musk Installs Illegal Server to Seize All Federal Workers’ Data

Elon Musk’s DOGE henchmen are helping him make his most terrifying power grab yet.

The New Republic

MissConstrue Nov 21

@briankrebs I'd like to know where some of it disappeared to. I can't be the only one who has had decades of earnings disappear from a social security record. Decades. They have my jobs when I was still in school in the 80s....and then nothing. I'm old enough to claim soon, and it's gone. My entire working history and tax paying history is missing and nobody knows where it is.

Apparently, my only option is to file certified things with the IRS for each tax year missing, get all of those statements together and then try to get an appointment with the SSA. I haven't even started, because holy fuck...that's a lot of work.

It's like living in the movie Brazil.

ṫẎℭỚ◎ᾔ ṫ◎ℳ Nov 21

@briankrebs Did you see this news📰 ?

@briankrebs
I expect ICE and CBP are using it to cross reference for stalking people.

Going T. Maine Nov 27

@briankrebs DOGE just kinda melted out of the public and news consciousness, crushed by so many other Trump stories. We need a deep dive into its awfulness! But then I’ll hate reading it, like every other Trump story.

Eddorodzz Nov 20

@briankrebs whe is it

@briankrebs Data that valuable doesn't just disappear.

I'll bet a dollar that the people who stole it have /excellent/ security, because they know how valuable it is. If something turns up leaked it's because they wanted it leaked, otherwise they will protect it very hard because they benefit most if we forget it happened.

@briankrebs Did I say "stole it"? But they were "freely given it" which is so sad it hurts inside.

This is like the flock data: if certain elite randos can access it, then it should be public. Otherwise it's really unfair and breaks society at a fundamental level.

Hell this kind of info inequality is covered in discussions going back to the 60s. Can't claim ignorance; this is a power play. Are they competent to leverage it? Who knows? It is unsettling.

@briankrebs I assume everyone has the data who was willing to pay for it, probably including the Russian and Chinese governments.

BrianKrebs Nov 20

@jamesmarshall Hrm. To my mind, the assumption with this administration should be that one or more of the people who might have access to these joined databases are using a machine that is infected by malware from our adversaries. Or, at the very least, is on the same network as someone using some hacked Android TV box or something.

@briankrebs that makes sense. One effective way to transmit sensitive data to adversaries would be to put it on an insecure machine, either on purpose or not.

MissConstrue Nov 21

@jamesmarshall @briankrebs

Forgive me, but I'm not at a place where I can dig into trying to find a cite, but I have this vague memory of a report that there was some significantly weird traffic coming over the Elon-installed starlink in DC. I can't remember if an embassy was implicated, or if I'm getting my conspiracies confused.

VulcanTourist Nov 20

> How will it be used going forward?

I think you already know the answer but don't want to hear yourself say it.

Seán Fenian Nov 20

@briankrebs I suspect it's safe to speculate that somewhere along the line Elon bogarted copies of ALL of it.

@briankrebs Great questions. I pay attention to what "makes news" in MSM. There needs to be an "event" to register with the larger public.

With so much PI info out there from multiple private SOURCES, leaks are boring.

I'd look for NEW info that was ONLY IN these databases & that is being actively USED.

Finally, if it's proven a 3rd party got this info, who has standing to sue for financial damages in CIVIL COURT? Since it will be hidden for National Security reasons in open court.

Dr Andrew A. Adams #FBPE 🔶Nov 20

@briankrebs
audibility?
Did you mean auditability?

@briankrebs I think about this along with the dismantling of govt cybersecurity functions a lot and it blows my mind. Its functionally a data breach of the entire government and everyone just let it go.

Cedar Fen Farm Cedar Fen Farm Nov 21

Feeding their AI so they can decide who their elite citizens will be.

Greg Bell Nov 21

@briankrebs if we ever recover the US government will just give us 2 years of free credit monitoring

MissConstrue Nov 21

@ferrix @briankrebs from some shady "security broker" nobody has ever heard of.

Greg Bell Nov 21

@MissConstrue @briankrebs how dare you disparage the fine firm of Trump Credit Monitoring

@briankrebs
Is it ongoing, is my q. Is there a batch job running somewhere at each agency to update Musk's metrics, right?

Supermoosie Nov 21

Many replies about who has access to the data that was taken.

But none is thinking about how the data in the systems could have been changed to frame trumps enemies.

@briankrebs THANK YOU

@briankrebs Don't skip the CSRB please.

@adamshostack @briankrebs

Off the top of my head, I vaguely recall they've defunded a lot of CISA outreach, including also participation and funding of ISACs (including especially MS-ISAC), election integrity work, state/regional offices. Not to mention their repeated purges of staff, some through early retirement "fork in the road", and reported arbitrary reassignments of staff and detailing to other DHS components for anti-immigrant operations.

@briankrebs make it long and fiery like catherine the great would, otherwise it won't stand out #sit on it #polemic

@briankrebs The only response to Musk and the so called “Department of Government Efficiency” is to prosecute them under the Espionage Act. The acts they committed against this nation are the worst in our history. Nothing else comes close. Not espionage by the Soviets, not Salt Typhoon, and not even Benedict Arnold’s betrayal. Even if they did not technically commit treason the consequences remain the same. I struggle to decide if they should rot in a cell or in the ground.

Eliza MB Nov 20

Sounds like something @chrischirp might be interested in

Kirsten Verdel Nov 20

@briankrebs all of them (!) are on https://reportersonline.eu/all-of-trumps-decisions-and-their-impact/

SpaceLifeForm Nov 21

Not requiring that routers be updated comes to mind.

sparseMatrix Nov 21

raises hand

Jerry 🦙💝🦙Nov 21

@briankrebs exactly how long is this book going to be? 😅

Tired Panda Nov 21

@briankrebs I happen to recall a whistleblower who noted a large amount of data flowing from the govt agency he worked for headed to Russia, but I don't remember the specifics or if it ended up being legit

Tired Panda Nov 21

@briankrebs oh also, trump took Russia off the list of cyber adversaries

@briankrebs Thank you. It’s very concerning to those of us paying attention, and a timeline of the dismantling of our defenses would be a helpful reference for everyone as they catch up or turn it around.

Please find a way to mention this, which I’m still a bit speechless over: https://www.npr.org/2025/02/05/nx-s1-5286299/nsa-museum-dei-exhibit-women-people-of-color-trump

Cat 🐈🥗 (D.Burch)

@briankrebs Another items to add to the list.

via @zackwhittaker

https://mastodon.social/@zackwhittaker/115588374988857282

@catsalad @briankrebs @zackwhittaker Brendan Carr is such a dummy, there should be a weekly podcast-within-a-podcast where he's ridiculed, taunted, and challenged to defend the dumb things he does.

J Wolfgang Goerlich Nov 22

@briankrebs CSRB, the NIST 800 team, CISA, ISACs for multi-state and elections. It’s a mess.

Happy to share how this is impacting local (county) governments, if that’s a route you explore.