"members of the DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks behind them, turning off monitoring tools and manually deleting records of their access — evasive behavior that several cybersecurity experts interviewed by NPR compared to what criminal or state-sponsored hackers might do." ... "If he didn't know the backstory, any [chief information security officer] worth his salt would look at network activity like this and assume it's a nation-state attack from China or Russia," said Braun, the former White House cyber official. ... In the days after Berulis and his colleagues prepared a request for CISA's help investigating the breach, Berulis found a printed letter in an envelope taped to his door, which included threatening language, sensitive personal information and overhead pictures of him walking his dog, according to the cover letter attached to his official disclosure. ... "If the underlying disclosure wasn't concerning enough, the targeted, physical intimidation and surveillance of my client is. If this is happening to Mr. Berulis, it is likely happening to others and brings our nation more in line with authoritarian regimes than with open and free democracies," wrote Bakaj, his attorney
#DOGE #corruption #infosec #cybersecurity #InsiderThreat #coup #natsec https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-musk-spacex-security
![Threat Model
Cybersecurity: May 6, 20254
This week: Israeli Signal clone used by the Trump admin was hacked, Anonymous launched Operation DreadNought and popped a Trump “deportation” flight company, a fundraiser to save Ada Lovelace Day, WH slashes CISA funding and announces intent to conduct offensive cyber operations, US asks judge to break up Google’s ad tech business after requesting Chrome sale, great videos about Internet Archive and the ILOVEYOU worm, scary video of a robot going ham in a factory, NIOSH (mask safety) gutted and work stopped, Covid trauma strongly tied to institutional betrayal, and much more.
Threat Model is a free, reader-supported publication. Keep the news without paywalls flowing by becoming a patron. If you find value here, you can also donate via Venmo, Cashapp, or PayPal. Charge your batteries with The Covid Safety Handbook or How To Be A Digital Revolutionary. Main post image: New stickers at The Garbage File [Etsy]](https://files.mastodon.social/media_attachments/files/114/462/748/334/212/126/original/1dc8bc3ed7c14ca7.png "Threat Model
Cybersecurity: May 6, 20254
This week: Israeli Signal clone used by the Trump admin was hacked, Anonymous launched Operation DreadNought and popped a Trump “deportation” flight company, a fundraiser to save Ada Lovelace Day, WH slashes CISA funding and announces intent to conduct offensive cyber operations, US asks judge to break up Google’s ad tech business after requesting Chrome sale, great videos about Internet Archive and the ILOVEYOU worm, scary video of a robot going ham in a factory, NIOSH (mask safety) gutted and work stopped, Covid trauma strongly tied to institutional betrayal, and much more.
Threat Model is a free, reader-supported publication. Keep the news without paywalls flowing by becoming a patron. If you find value here, you can also donate via Venmo, Cashapp, or PayPal. Charge your batteries with The Covid Safety Handbook or How To Be A Digital Revolutionary. Main post image: New stickers at The Garbage File [Etsy]")
