President's Day UPDATE: A Household Guide to Cyber Defense against Nation State Agent: DOGE
An update for American households wanting to opt-out of DOGE governance of critical federal infrastructure using cyber defense strategies and tactics.
Executive Summary
It has been two weeks since bad actor and internal government agent, DOGE, has captured critical infrastructure via invasion of federal buildings and cyber attacks on federal systems. For more information on the nature of the attacks and suspected intent review the linked paper published earlier this month:
Below is the setup to provide a clear picture into what you are witnessing and the purpose of this newsletter. If you want to skip down to what you can do, review this TL;DR then scroll to the American Household Playbook for DOGE Threat and Defense Response section.
TL;DR:
Nothing I say here is on behalf of my current employer, Microsoft, or past employer, Apple. I’m a cyber defense expert and enterprise solution architect and the ideas presented here are my own.
This is not a political communication, it is a newsletter to provide practical guidance on how to respond to DOGE and create the option to opt-out of breaking changes using cyber defense strategies and tactics.
The current status of the DOGE attack is Severity 1. To determine severity I’m monitoring signals from impacted systems through the Alt National Park Service and checking
score card on the Project 2025 rollout.What the American public is experiencing is newfound awareness of a cyber conflict between Nation States that has been escalating for years in the Big Tech universe. See Microsoft’s Secure Future Initiative for more information.
My prediction is that DOGE’s end goal is a consolidation of American federal systems into a centralized authoritarian technology model that closely resembles the CCP’s (Chinese Communist Party) WeChat app.
⏭️ Read on for details or skip down to the American Household Playbook for DOGE Threat and Defense Response section for incremental actions you can take now.
Monitoring methodology: Live Incident tracking
While monitoring of the ongoing DOGE attack is happening across frontlines in the legal and political landscape, there is a gap in general understanding on how to insulate an American household from impact; that is where I come in.
General understanding definition: skills needed to understand how the changes DOGE is making affect the American household.
For the purposes of cyber defense readiness, I am following reporting on federal systems whose administrators have been replaced or superseded and recommending paths to mitigate, recover and opt-out of the new governance model being built by DOGE directives.
Lack of general understanding of cyber defense is a vulnerability that can be easily exploited by DOGE to enact governance over American households.
🔔 Disclaimer
What I post is based on my own assessment and is not in any way affiliated with my current (Microsoft) or former (Apple) employer. I am not a financial planner or advisor and I recommend you speak with a financial advisor/ planner or trusted source before making any major money moves.
In scope: What to expect from Land Family Home
In my role as a volunteer incident manager, I am taking the following actions to assist American households in staying one step ahead of breaking changes to federal systems:
Communicating potential risks to you, customers of federal systems (the American citizenry), as DOGE makes progress through critical infrastructure.
Offering mitigation strategies to “block and tackle” for the purposes of containment and elevating your household security posture.
Assigning a severity rating based on signals from impacted systems (see below for channels monitored).
Sharing status on DOGE’s go-to-market plan/roadmap via reverse engineering of field distress signals and subject matter expertise of reference implementations.
Monitored channels
The primary channels monitored are the Alternative National Park Service via Holly Matheson. The Alt National Park Service is a cohort of 125k+ current and discharged federal workers that are reporting on moves of DOGE agents within federal systems.
I am monitoring these systems as they are the current battleground of attack. As the attack progresses downstream my monitoring will attempt to follow the attackers’ movements.
I’m also checking major news outlets and
’s Substack for relevant reporting and recently added Project 2025 tracker via . KeepTrack is sharing a score card on progress towards completion for the rollout and execution of Project 2025.Given the pace of change and lack of change management, we run the risk of missing good signals because of excess noise. For that reason I am ignoring all data that is not explicitly a distress signal from federal systems and offices.
In simple terms that means I’m ignoring elected officials and politicians and instead I’m watching DOGE. As they say, keep your eye on the prize. 👀
Out of Scope
Political commentary is out of scope for the purposes of my tracking. Justification being that there is sufficient coverage of the political and legal defense landscape. My value to add is to provide guidance for how American households can remain ahead of breaking change in federal systems and make moves to insulate themselves from impact.
Big picture: What’s happening?
I have seen many posts asking “What’s happening?” in regards to the events of the last 2 weeks with DOGE insurgence of federal systems.
It is my opinion that the cyber war that has been waging between Nation State hackers has now crossed over into the American consciousness.
I say consciousness because American systems have been under relentless Nation State attack for the last several years but we have been fighting out of sight of public view. But now that mainstream America is aware of the seriousness of the cyber war between America, China and Russia we need your help to hold the line.
In a major escalation of the cyber war, last year Microsoft pivoted company focus to security under the Secure Future Initiative. Read more about that here.
Long story short, this has been a long time coming.
We need all Americans that are willing to step up and do their part to help. For those that are willing, I’m going to attempt to make things easy to understand so you can partake.
Be patient with me please as I try to explain cyber defense in simple terms. Ask questions if you’re confused in the comments and I will do my best to respond.
What’s their end goal? One app to rule them all.
With that in mind you might wonder, what is DOGE’s end goal? It is my belief that DOGE is attempting to consolidate federal systems under an authoritarian technology model using Musk’s proprietary Ai technology with X and Starlink that will closely resemble WeChat.
WeChat is a centralized government technology stack, operated by the CCP (Chinese Communist Party), that acts as the singular authority over all Chinese citizens and visitors through surveillance and enforcement via government agencies that control banking, consumer transactions, domestic transportation and telecommunications.
WeChat is an incredibly sophisticated and successful reference implementation that the Chinese Communist Party has spent the last decade building.
It’s unsurprising that Elon Musk is not capable of original ideas. But I digress. 🤭
Severity Assessment: Sev 1
Given the criticality of these systems the risk assessment is set to Severity 1: meaning that impact is expected to cause widespread outages in critical infrastructure across downstream clients in banking, transportation, healthcare and telecommunications. Immediate actions are necessary to contain impact and stand up a “moat” to insulate from the attack blast radius and activate an offensive posture.
An American Household Playbook for DOGE Threat and Defense Response.
Now that you know what is happening, and some of the background for why, let’s discuss what you can materially do to slow things down and maneuver your household into a cyber offensive position.
Think of your household as a fortress, and everything in your home, either in the real world or the cloud, will remain under your control.
This is going to take time, that is okay, change takes time. We want to avoid further exacerbating the whiplash your household is experiencing from DOGE changes. So pace yourself.
DOGE has communicated that they aim to be dev-complete in 2 years, that is the time we have to get American households ready to opt-out of the new DOGE governance model. How fast you move is up to you, my advice is to do one thing every day to make progress towards readiness and you’ll find yourself ready a lot quicker than our target.
What are we getting ready for?
We are building an off-ramp from DOGE governance and, in doing so we are managing a cutover of our own: moving American households away from the cloud. The reason we are moving away from the cloud is because the government cloud is now occupied by a presumed bad actor and foreign agent, DOGE, and therefore not a trusted service for essential services for travel, healthcare, banking and telecommunications.
Now that DOGE has taken the reigns of the American enterprise, we are the customers and we will have “acceptance criteria” before we elect to opt-in to the new governance model. My aim is to give you the space to decide if you want to opt-in and do it on your terms and timeline.
Step 1: Offline mode
Once you have taken basic protections to secure your identity via credit freezes and MFA, the most important thing to do is to create an “offline mode” for all your household systems.
As pre-reads, review these two papers I wrote about the importance of backing up and how to request an offline banking protocol from your bank:
Why are we laser focused on offline mode
Offline mode is a fundamental principle of enterprise architecture design. If a critical system does not support offline access it is not “enterprise-ready”, meaning it cannot function at scale and meet customer service agreements (SLA). The goal with offline mode is to ensure that whatever DOGE breaks, these breaking changes do not impact you directly. Creating distance between DOGE breaking changes and your household is effectively creating a “moat” between you and the insurgents. The goal of a moat is to buy you time to assess and respond to the next attack.
🚨 A breaking change is a change that may require you to make changes to your application in order to avoid disruption to your integration.
Methodology: Change Management
As stated above, we are going to make incremental progress though a process called “change management”. Change management is necessary to maintain an enterprise customer base. It gives us structure to formalize change via communication, phased migrations and rollouts.
DOGE lacks basic change management
In this regard DOGE is woefully lacking. The lack of transparency of changes indicates that the DOGE code that has been checked into the federal systems does not meet the high quality bar of enterprise readiness deemed reliable for American household use. DOGE’s dev ops risk of breaking changes is high.
🚨 Simply put, DOGE’s tactics make us prone to failure.
In enterprise and government systems, in order to release new changes, a system administrator will publish a memo alerting customers to new change, known issues and expected impact a minimum of 30 days out from release.
Then customers have an opportunity to opt-out of the changes if they aren’t ready to accept them. Ideally the changes will be accepted by the customer and within a designated period they will opt-in.
DOGE has not given American households the option to “opt-out” of what they are doing, they are seizing control without explanation of impact or a heads-up of what to expect. In response, the call to action is for American households to self-select themselves out of DOGE changes and ultimately governance.
Let’s talk about how you are going to do that, finally! 😮💨
Roles and Responsibilities
In the Big Tech world we have a saying that some people know just enough to be dangerous.
What this implies is that you are not a highly technical person necessarily, but you understand the gist of what technology does and you have a rudimentary understanding of how to interact with or change it.
Together, we are going to make your household know just enough to be dangerous to DOGE’s end goal.
In case it isn’t obvious by now, technology is a dangerous weapon when in the wrong hands, which is why I want you to tread carefully with everything that I share here. Read materials carefully, plot your moves and pace yourself. The danger of messing with technology is that it is incredibly hard to reverse breaking changes, and if you aren’t careful you can create a bigger mess than what you started with.
All that said, I am positive you cannot cause a bigger mess than DOGE will. 🫠
Knowledge Transfer
We are going to make your household an unreachable target for DOGE through a mechanism in Big Tech called Knowledge Transfer.
Knowledge transfer is different than traditional learning when used in the Big Tech context because it is often time boxed and there is no test at the end, instead there is a transfer of operating capacity to preserve continuity in services.
Continuity is key to extending capacity of systems and via knowledge transfer I am going to extend my household’s cyber defense capacity to yours. Then you can extend to another household… and somewhat quickly we can reach critical mass of customers that are opting out of change. If successful, this tactic should give us leverage to negotiate an SLA (service level agreement) with DOGE.
Knowledge transfer is critical to scale an operating model, which is one of my core competencies, and soon it will be yours.
Prioritization
To keep our heads on straight we are going to prioritize what is important so we can use our time efficiently. The DOGE boys aren’t sleeping and likely taking amphetamines to push through all-nighters. We don’t have the luxury of doing that because we have jobs and families that depend on us, so we need to be extremely judicious about how we spend our time.
DO spend your time re-reading educational materials about security, researching cyber security terminology and definitions and following distress signals from impacted systems in the federal government.
DON’T waste time and energy doomscrolling social media or reacting to Trump admin politicians. For now we are going to delegate the political and legal defense to the subject matter experts: politicians and attorneys/ judges.
In Big Tech prioritization is painful, but it’s absolutely critical.
While I was working at Apple, Steve Jobs would say that he was most proud of what we said “No” to. Try your best to tune out the noise and only respond to the important signals by keeping a close eye on DOGE and Musk.
Threat Response: Obfuscate, Interrupt & Kill
Assuming you’ve made it this far, you should know just enough to be dangerous, you may be ready to strike back at DOGE. What comes next is a threat response. From here on out it’s up to you to follow through.
Threat detection and response is the practice of identifying any malicious activity that could compromise a network and then composing a proper response to mitigate or neutralize the threat before it can exploit present vulnerabilities.
Remember what we discussed: pace yourself, do 1 thing a day to make progress towards securing your household and once you build confidence use knowledge transfer to preserve continuity of the DOGE threat response across your network.
Once you have secured your household, enlighten your local municipalities, elected leaders, city council people, banks, utility companies and communication networks via knowledge transfer.
Obfuscate banking
Immediate action: As of Saturday, February 16th, reporting indicates that DOGE has gained access to the IRS systems for Americans’ sensitive banking information needed for processing tax refunds and payments. If you have ever paid or received payment from the IRS, change that bank account number ASAP.
Fast follow action: If that account is at a major bank, proceed with the recommendation to switch to a regional bank or credit union, only after you’ve confirmed they can support offline banking.
Reference resource:
Interrupt surveillance
Immediate action: If you have any “connected devices” in your household, evaluate their utility and deactivate their surveillance capability.
A connected device is a mobile device that is connected to a network via either WiFi, Satellite or a telecommunications provider. This includes your Alexa device, Apple HopePod, Google Home, Google Nest, handheld gaming devices, tablets, smart phones and any hardware in your home that are idle while connected to the network, including “fixed” devices like Smart TV’s and gaming consoles.
Interrupting the signal means that you are disconnecting the device from its ability to “check in” with its base. In practical terms this will mean killing its network connection unless it is in use.
Discrete Actions:
Take devices off wifi.
Turn your wifi off.
Switch devices into Airplane Mode.
Many devices will no longer have utility if they are not allowed to be in idle surveillance mode. Store them and put them away for now. Otherwise disable their wifi and/or network connection unless you are explicitly using them.
I have made the habit of unplugging our TV and powering off my cell phone unless it is in use. Even if you are in the room talking and the TV is “sleeping” but it is powered on, assume it is harvesting data from your household to be shared back to its base.
Kill the signal
Finally, for every cloud enabled system in your household, install a kill switch. Hopefully this is an easy one, it could just mean unplugging the power cable from your devices and/or powering them down*.
*Make sure there is not a backup battery store to override your kill switch.
Desired outcome: Distress at the Mothership
Big Tech devices are watching you continuously and reporting back on your activities to their base (Mothership). By interrupting their ability to monitor your household you will trigger a response upstream in their services that will catch the attention of their product teams.
These teams will then be forced to share metrics about usage with the leaders of Big Tech firms. If we reach critical mass with removal of connected devices from our households that is going to get the right people’s attention (aka Wall Street).
Signing off
That’s all I got for now. This article, written on President’s Day 2025, is how I wanted to honor my favorite president, Jimmy Carter, may he RIP. 🇺🇸
Stay strong, and good luck.
Lexi
Thank you for your expertise, first things first. I am Getting a quote for a whole house generator. Was putting off but not now. I can get health aides and stock my pantry easy enough. I can unplug my wi-fi and even take my phone offline whenever possible. But even if I stop paying bills via my bank, and use paper checks, the bank will process through their online service, so my account number will be available through their systems, right? Also, my financial advisor direct deposits to my bank account from my retirement account, how do I get that? It seems impossible to hide, there will be a crack somewhere. This is exhausting . . . But truly appreciate your effort to inform us.
Just a couple things…
1. credit freeze is good but, realize that the 3 bureaus have processes in place for you to easily regain access to your credit. Each allow you to create a new account with your SSN & a new/different email address. Doge has access to all of our SSNs. Definitely since up with a service to monitor your credit.
2. Please don’t use Microsoft or Google 2FA they CANNOT be trusted! Authenticator app, yubikey or duo are much better options.
3. Secure your bank/creditunion account with a secret passcode when you talk them. Reiterate that nothing happens without this code. If you’ve received tax refund direct deposits ask the bank/CU to give you a new account number & don’t do direct tax refunds, ask for a check.
Great article otherwise… I’m also a Sr Cyber Analyst for the past 40yrs