A household guide for cyber defense against DOGE attacks
A plan for possible worst-case outcomes where mission critical infrastructure in banking, healthcare and telecommunications suffer outages due to a cyber and land attack by state agent: DOGE.
Proposal: Block and tackle
This is a draft proposal on steps to take to insulate an American household during the cutover of critical government infrastructure in banking and telecommunications that is impending under DOGE governance.
In summary, I’ll explain what appears to be happening with this attack and how you can insulate assets from inevitable outages using a “block and tackle” cyber defense response.
“Block and tackle” emphasizes the need to not rely solely on advanced technologies but to also maintain a solid foundation of basic security practices to achieve a robust defense.
Background
Unless you are living under a MAGA rock you’re likely aware that major changes are in flight in critical American government infrastructure. This doc attempts to provide guidance on how to mitigate impact during the transition of these systems.
The reason you’re hearing from me on this topic is I have worked in Big Tech for the last 15 years and have experience on global system infrastructure rollout and change management. My work experience is at Apple and Microsoft. In both companies I built critical infrastructure that serves the global enterprise and their customers. In enterprise software context, my core competency is in change management, cyber defense, dev ops, delivery mechanics and solution architecture of enterprise systems both web and mobile.
That’s a lot of words meaning I have managed high impact web services and device rollouts at a global scale through distributed teams at America’s two biggest tech giants. Anything I say here is 100% my opinion and based on my assessment, I am not speaking on behalf of my current (Microsoft) or past (Apple) employer.
I plan to share this assessment and proposal with my network of tech professionals for peer review. Given that, I expect the recommendations will change, this is an evolving situation. Subscribe for updates.
In Scope
This is guidance I’m sharing with my network and posting here as well for peer review. Input is welcome on the technical investigation and resulting recommended remediation and mitigation strategies. For those that have specific knowledge of banking systems, your inputs are especially welcome.
Out of scope
This is not a political post and there is no role for political discourse in this proposal. Regardless of who you voted for these recommended steps should be relevant to you. It’s my belief that we are living in post-political society. The actions of politicians and local officials are assumed to be moot for the purposes of the American individual hoping to insulate their household from impact of this attack.
Systems attacked
Friday evening, January 31st, a cyber attack was reported by various news outlets indicating that an external entity, DOGE, had taken over the US Digital Services division and then used badge credentials to gain access to the Federal Treasury department. Based on reports, current understanding is that critical government systems used for processing treasury payments including social security, treasury bond trade and medicare have been compromised by an external agent and potential malicious actor: DOGE.
Additionally, the database containing PII on all federal workers is assumed to be breached as well as the social security numbers and PII for American citizens. It is unclear what specific data was exposed at this time. More details are expected to be revealed as the news cycle catches up to reports from federal workers familiar with details.
Severity Assessment
Given the criticality of these systems the risk assessment is set to Severity 1: meaning that impact is expected to cause widespread outages in critical infrastructure across downstream clients in banking, transportation, healthcare and telecommunications. Immediate actions are necessary to contain impact and stand up a “moat” to insulate from the attack blast radius and activate an offensive posture.
Characterization of attack
An attack on critical infrastructure that protects sensitive government and customer data is not unusual. This is characteristic of a nation state attack, such as the Midnight Blizzard attack experienced early in 2024. Details of that attack can be found at this link.
I am monitoring the DOGE attack as it progresses to downstream systems and adjusting the scope of impact and risk as new information becomes available.
This attack is unusual in that it is coming from an external agent posing as an internal entity: DOGE. In that way it is similar to another nation state attack against SolarWinds. A detailed explanation of that attack can be found at this link. The reason this is similar, is because DOGE is using existing internal channels to attain access of protected systems. In other words, DOGE is exploiting federal badge access to commit cyber crimes that are only possible through an embedded government agency. I’d also characterize the attack as impersonation, because it’s unclear that access was granted or it was taken through badge/ token stealing.
Recommended mitigation: Block and Tackle
The “Block and Tackle” approach is two part: first we will block the attack from spreading through containment. This requires securing sensitive data and documents. Then we will tackle the bad actor by creating distance and an advantageous position. This will require work to localize your household assets and migrate off of vulnerable protocols in broadband telecommunications.
Immediate steps: Block
Immediate steps to mitigate are to secure sensitive data, backup sensitive documents and block chances of impersonation with stolen PII.
Secure sensitive data - Enable MFA (multi factor identification) on all accounts. This can be done with either the Microsoft Authenticator app for your M365 accounts, The Authenticator app can also be used with Dropbox and payment providers. The Google apps offers MFA and so does Fidelity, turn those on immediately.
Backup sensitive documents - Create local backups of all your sensitive documents including tax returns, health records, social security cards, passports and any other government or state identification. Also consider backing up insurance policies and vehicle registration information.
Freeze your credit - Put a credit freeze across all credit bureaus to prevent stolen PII from being used to impersonate your identity and make purchases.
Near Term: Tackle
Once you have secured your data, backed up documents and frozen credit, you can assume an offensive position. We want to build a “moat” around you and your assets, to give you distance from the attack and also buy you time to respond to the next one. The assumption at this time that the attack is ongoing and likely to escalate quickly.
Recommended time to tackle: Before the March 14th deadline to fund the federal government.
Possible motive: “X” —> American WeChat
Like other crimes, with cyber attacks it is important to identify a motive to understand your attacker better and anticipate their next move. In this attack I believe the motive is a forced cutover of critical infrastructure systems in banking, telecommunications and travel to a centralized model. In plain terms what I’m saying is that DOGE wants to migrate American federal systems to X using the WeChat model where all network and transactional systems are centrally routed and processed. I believe this is the case because of these signals:
Elon Musk said he was going to do this with X, see reporting here from The Verge.
Apple silently released an update as part of 18.3 on Friday that includes Starlink support. Note that currently this is a beta release with t-mobile.
What this could look like from a rollout perspective is:
X is assigned as the communications authority for all government agencies, this is already underway: NTSB exclusively communicating via X.
Route all federal transactions through X: This is underway as DOGE has taken control of the federal treasury and pushed out the acting director.
Create X profiles that map to the US citizen records database, to streamline management of identity and act as proof of citizenship.
Standardize on a government monitored telecommunications network, Starlink, to allow network traffic control of all domestic communications, giving federal agencies (or just DOGE) the authority to censor information at will.
The above roadmap would result in an American permutation of the CCP’s WeChat app model where the American government has final and singular authority to monitor and surveil all payments, domestic travel and communications of American citizens.
Yes this should freak you out.
No this is not a drill.
Yes this is a real thing in other rich, technologically sophisticated, countries, like China.
For Americans that are unaware of the superiority of Chinese technology in surveillance and control, I’m sorry this is going to be a rude awakening. Moving on. What can we do? Well, a lot actually. If you’re still with me, read on.
Proposed Mitigation: offline banking & offline communications
While the North Star outcome of a WeChat mutation of X may ultimately be great for streamlining critical government infrastructure, the transitional period is going to be painful for Americans. That is why I am recommending that you consider offline activities as the best failsafe to insulate your household from impact. The two attack vectors you will want to move offline immediately are banking and telecommunications.
Step 1 Block: Talk to your local bank/ credit union
For X to transition to a WeChat app it will need to provide an exchange protocol for payments and transactions. The mechanics to make this possible are unknown at the time but the blast radius will be felt most acutely at larger banks, where managing money at scale requires an over-reliance on infrastructure in enterprise technology and offline backup processes may not exist/ be hard to invoke.
For this reason my recommendation is:
Approach a local bank or credit union and request information on their offline banking capacity.
Assume that there will be a period where it is impossible to look up your account information using cloud enabled systems.
Order checks for your accounts and have enough cash stored at your house to float you through 3mos of banking outages.
When you go to the bank ask the leadership to confirm they will be able to get your money out, in an emergency, and know what identification you will need to provide for look-up.
They may think you’re crazy, that’s okay.
Ask as many questions as you can and do not apologize for wanting to know how they would offer offline banking backup. Having an offline back up plan is best practice for cyber defense. Tell them you expect a period of instability in connectivity and need to know you can still get your money out of the bank to pay bills.
Step 2 Tackle: Set up alternate telecommunications channels
DOGE standardization on a monitored communication channel is a sophisticated mechanism that would result in a forced migration of potentially billions of devices and users to the X platform. Doing so might look something like this:
Take existing telecommunications channels offline (meaning AT&T, Verizon and T-Mobile) under the guise of “national security” because of a known hack where a foreign agent has embedded in existing telecommunications channels.
Pause automatic payments from the federal treasury, under the guise of “stopping fraud” and require validation of citizenship through X in order to reactivate payments
Force migration with network monitoring through a Starlink gateway, resulting in self-activated surveillance compliance.
What I’ve just described is not a new strategy, its best practice in the enterprise to require compliance when using applications & gateways in order to access managed resources. In this example the “managed” resource is your account with the federal government and “compliance” is checking whether you are registered as an American citizen and are connected via Starlink. This is all speculation but is one way that remote forced migration could be achieved over large swaths of the population in a relatively short period of time.
For that reason, I recommend configuring backup communication channels by activating a landline if you can and switching to a flip-phone that is not Starlink enabled. If DOGE is successful in forcing compliance of a Starlink gateway, it will be necessary to access federal resources; you can have a backup phone that you use for everything other than checking your accounts with the government. I can’t help but believe their intention is to force us into a consolidated infrastructure, in the name of “efficiency”, but their ability to enforce compliance outside of workloads related to federal accounting is going to be limited to start.
I hope I’m wrong and this will all be overkill for what is required to respond to the DOGE attack. I will post more as I can. Please comment and ask questions but know I won’t respond to political commentary, no time for that now.
Good luck.
As someone whose entire income is Social Security and VA family disability, this is extremely frightening. I’m 70, so I know how to be offline. Thank you for this powerful information. Do you know any small cell companies that don’t share towers and access?
And we thought Y2K was going to wipe us out. LOL
I don’t trust the administration and Trump’s butt-buddy Putin. Elon Muskrat is a national security threat. His goal is to be God.
Thanks again.
Many of we folk over 80 do not know a lot of what you’re talking about. We didn’t grow up with technology. No laptops or cell phones until we were over 30. Probably some low income folk who aren’t up on the latest technology don’t either. I’ve got friends who can’t cope with the constant required updates!
Tell us simple steps. Do we need to stop online banking? But they charge for paper statements. $6.00 a moth. That’s counts if you’re low income.
Should we get rid of credit cards? Pay by cash or check only?
Please tell us what to do.
As for we wretched married women who had to change our names when we married - were being heavily punished for that horrendous misdeed.
Suppose you can’t afford all it requires to prove it’s who you are?
Anything FREE and easy? Is there anyone who’ll help you free of charge?