DOGE Is Hacking America

[IMPORTANT: Make this 4 times longer with much more detail]

Argument An expert’s point of view on a current event. DOGE Is Hacking America The U.S. government has experienced what may be the most consequential security breach in its history. By Bruce Schneier , a security technologist and lecturer at the Harvard Kennedy School, and Davi Ottenheimer , the vice president of trust and digital ethics at Inrupt, a data infrastructure company. A security guard stands at the entrance to the U.S. Agency for International Development (USAID) headquarters on Feb. 3. A security guard stands at the entrance to the U.S. Agency for International Development (USAID) headquarters on Feb. 3. Kevin Dietsch/Getty Images My FP: Follow topics and authors to get straight to what you like. Exclusively for FP subscribers. Subscribe Now | Log In Science and Technology United States February 11, 2025, 6:49 PM Comment icon View Comments ( 14 ) In the span of just weeks, the U.S. government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. Trump’s Second Term Ongoing reports and analysis First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the U.S. Treasury computer system, giving them the ability to collect data on and potentially control the department’s roughly $5.45 trillion in annual federal payments. In the span of just weeks, the U.S. government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound. Trending Articles The Dangers of Presidential Impoundment Nixon tried what Trump is planning—and it caused a constitutional crisis. Powered By Advertisement The Dangers of Presidential Impoundment X Trump’s Second Term Ongoing reports and analysis First, it was reported that people associated with the newly created Department of Government Efficiency (DOGE) had accessed the U.S. Treasury computer system, giving them the ability to collect data on and potentially control the department’s roughly $5.45 trillion in annual federal payments. Then, we learned that uncleared DOGE personnel had gained access to classified data from the U.S. Agency for International Development, possibly copying it onto their own systems. Next, the Office of Personnel Management—which holds detailed personal data on millions of federal employees, including those with security clearances— was compromised . After that, Medicaid and Medicare records were compromised. Meanwhile, only partially redacted names of CIA employees were sent over an unclassified email account. DOGE personnel are also reported to be feeding Education Department data into artificial intelligence software, and they have also started working at the Department of Energy. This story is moving very fast. On Feb. 8, a federal judge blocked the DOGE team from accessing the Treasury Department systems any further. But given that DOGE workers have already copied data and possibly installed and modified software, it’s unclear how this fixes anything. In any case, breaches of other critical government systems are likely to follow unless federal employees stand firm on the protocols protecting national security. The systems that DOGE is accessing are not esoteric pieces of our nation’s infrastructure—they are the sinews of government . For example, the Treasury Department systems contain the technical blueprints for how the federal government moves money, while the Office of Personnel Management (OPM) network contains information on who and what organizations the government employs and contracts with. What makes this situation unprecedented isn’t just the scope, but also the method of attack. Foreign adversaries typically spend years attempting to penetrate government systems such as these, using stealth to avoid being seen and carefully hiding any tells or tracks. The Chinese government’s 2015 breach of OPM was a significant U.S. security failure, and it illustrated how personnel data could be used to identify intelligence officers and compromise national security. In this case, external operators with limited experience and minimal oversight are doing their work in plain sight and under massive public scrutiny: gaining the highest levels of administrative access and making changes to the United States’ most sensitive networks, potentially introducing new security vulnerabilities in the process. But the most alarming aspect isn’t just the access being granted. It’s the systematic dismantling of security measures that would detect and prevent misuse—including standard incident response protocols, auditing, and change-tracking mechanisms— by removing the career officials in charge of those security measures and replacing them with inexperienced operators. Read More A pile of building letters removed from the sign on the headquarters of the U.S. Agency for International Development in Washington on Feb. 7. Attacking Government Workers Has Long Been a Presidential Pastime Donald Trump’s attempt to dismantle the federal bureaucracy is the latest in a string of efforts by both parties. Analysis | Julian E. Zelizer U.S. President-elect Donald Trump and Elon Musk watch the launch of the sixth test flight of the SpaceX Starship rocket in Brownsville, Texas. What Drives Elon Musk? His wealth, political power, and support for far-right parties are setting off alarm bells. Insider | Cameron Abadi , Adam Tooze Oligarch Elon Musk is seen from the chest upward as he sits among a crowd of people at a meeting. Musk wears a black suit and tie and an expression that makes it look like he’s somehow smiling and frowning at the same time. Elon Musk Gets His DOGE Though he has to share it. Report | Rishi Iyengar The Treasury’s computer systems have such an impact on national security that they were designed with the same principle that guides nuclear launch protocols: No single person should have unlimited power. Just as launching a nuclear missile requires two separate officers turning their keys simultaneously, making changes to critical financial systems traditionally requires multiple authorized personnel working in concert. This approach, known as “separation of duties,” isn’t just bureaucratic red tape; it’s a fundamental security principle as old as banking itself. When your local bank processes a large transfer, it requires two different employees to verify the transaction. When a company issues a major financial report, separate teams must review and approve it. These aren’t just formalities—they’re essential safeguards against corruption and error. Sign up for Editors’ Picks A curated selection of FP’s must-read stories. Sign Up By submitting your email, you agree to the Privacy Policy and Terms of Use and to receive email correspondence from us. You may opt out at any time. Enter your email Sign Up ✓ Signed Up You’re on the list! More ways to stay updated on global news: FP Live Enter your email Sign Up ✓ Signed Up World Brief Enter your email Sign Up ✓ Signed Up China Brief Enter your email Sign Up ✓ Signed Up South Asia Brief Enter your email Sign Up ✓ Signed Up Situation Report Enter your email Sign Up ✓ Signed Up View All Newsletters These measures have been bypassed or ignored . It’s as if someone found a way to rob Fort Knox by simply declaring that the new official policy is to fire all the guards and allow unescorted visits to the vault. The implications for national security are staggering . Sen. Ron Wyden said his office had learned that the attackers gained privileges that allow them to modify core programs in Treasury Department computers that verify federal payments, access encrypted keys that secure financial transactions, and alter audit logs that record system changes. Over at OPM, reports indicate that individuals associated with DOGE connected an unauthorized server into the network. They are also reportedly training AI software on all of this sensitive data. This is much more critical than the initial unauthorized access. These new servers have unknown capabilities and configurations, and there’s no evidence that this new code has gone through any rigorous security testing protocols. The AIs being trained are certainly not secure enough for this kind of data. All are ideal targets for any adversary, foreign or domestic, also seeking access to federal data. There’s a reason why every modification—hardware or software—to these systems goes through a complex planning process and includes sophisticated access-control mechanisms. The national security crisis is that these systems are now much more vulnerable to dangerous attacks at the same time that the legitimate system administrators trained to protect them have been locked out . By modifying core systems, the attackers have not only compromised current operations, but have also left behind vulnerabilities that could be exploited in future attacks—giving adversaries such as Russia and China an unprecedented opportunity . These countries have long targeted these systems. And they don’t just want to gather intelligence—they also want to understand how to disrupt these systems in a crisis. Now, the technical details of how these systems operate, their security protocols, and their vulnerabilities are now potentially exposed to unknown parties without any of the usual safeguards. Instead of having to breach heavily fortified digital walls, these parties can simply walk through doors that are being propped open—and then erase evidence of their actions. The security implications span three critical areas. First, system manipulation: External operators can now modify operations while also altering audit trails that would track their changes. Second, data exposure: Beyond accessing personal information and transaction records, these operators can copy entire system architectures and security configurations—in one case, the technical blueprint of the country’s federal payment infrastructure. Third, and most critically, is the issue of system control: These operators can alter core systems and authentication mechanisms while disabling the very tools designed to detect such changes. This is more than modifying operations; it is modifying the infrastructure that those operations use. To address these vulnerabilities, three immediate steps are essential. First, unauthorized access must be revoked and proper authentication protocols restored. Next, comprehensive system monitoring and change management must be reinstated—which, given the difficulty of cleaning a compromised system, will likely require a complete system reset. Finally, thorough audits must be conducted of all system changes made during this period. This is beyond politics—this is a matter of national security. Foreign national intelligence organizations will be quick to take advantage of both the chaos and the new insecurities to steal U.S. data and install backdoors to allow for future access. Each day of continued unrestricted access makes the eventual recovery more difficult and increases the risk of irreversible damage to these critical systems. While the full impact may take time to assess, these steps represent the minimum necessary actions to begin restoring system integrity and security protocols. Assuming that anyone in the government still cares. This post is part of FP’s ongoing coverage of the Trump administration . Follow along here . Bruce Schneier is a security technologist and lecturer at the Harvard Kennedy School. His latest book is A Hacker’s Mind: How the Powerful Bend Society’s Rules, and How to Bend them Back. Davi Ottenheimer is the vice president of trust and digital ethics at Inrupt, a data infrastructure company. Read More On Donald Trump | Science and Technology | U.S. Government | United States Join the Conversation Commenting on this and other recent articles is just one benefit of a Foreign Policy subscription. Already a subscriber? Log In . Subscribe Subscribe View 14 Comments Join the Conversation Join the conversation on this and other recent Foreign Policy articles when you subscribe now. Subscribe Subscribe Not your account? Log out View 14 Comments Join the Conversation Please follow our comment guidelines , stay on topic, and be civil, courteous, and respectful of others’ beliefs. You are commenting as . Change your username | Log out Change your username: Username I agree to abide by FP’s comment guidelines . (Required) Confirm CANCEL Confirm your username to get started. The default username below has been generated using the first name and last initial on your FP subscriber account. Usernames may be updated at any time and must not contain inappropriate or offensive language. Username I agree to abide by FP’s comment guidelines . (Required) Confirm