To share confidential tips about events unfolding in the federal government you can contact me on Signal at joshtpm dot 99 or via encrypted mail at joshtpm (at) protonmail dot com.
I don’t like to think in conspiratorial ways. But DOGE currently has far deeper and far more extensive access to U.S. government computer systems — and is far deeper into the national security space — than is conceivably necessary for anything related to their notional brief and goals. I don’t just mean this about the front-facing notional goals of making the federal government “efficient.” I mean it as well in the most sinister versions of the group’s goals — hollowing out the federal bureaucracy, destroying oversight agencies which pose threats to Musk’s business interests, building centralized command and control over budgets, employment, personal data, etc., etc.
WIRED is now reporting that two DOGE operatives, including the 19-year-old Edward Coristine (aka “Big Balls”), have gained access to the computer systems of the Cybersecurity and Infrastructure Security Agency (CISA), the agency charged with the defense of the federal government’s civilian computer networks as well as helping to organize the defense of the country’s critical infrastructure.
I don’t know what the goal is here. I could speculate. But it would just be speculation. But it’s way more than just the version of the story that we’re now hearing. Atlantic has this piece describing the level and scope of access in similar terms.
I want to re-emphasize the point I made on Tuesday about the continued use of as few as seven or eight early-20s operatives to manage the initial landings/break-ins at these various agencies, which involve gaining access to systems as disparate as NIH medical research labs and high-stakes national-security computer networks. Coristine, one of the DOGErs in question here, is 19 years old and his only “experience” for any of this is a brief internship at Musk’s Neurolink company. This is someone who got this level of access long before any kind of serious security background check could be completed. In Coristine’s case, he owns a “company” called Tesla.Sexy LLC, which reportedly controls Russian-registered web domains. He briefly worked at a competitor known for hiring “reformed” black hat hackers and was later fired from that company for sharing confidential company data with a competitor firm. It seems like an understatement to say that this does not appear to be a trustworthy person to entrust with this level of access to critical data systems and command-and-control systems across the U.S. government. I return to the point I made in that Tuesday post: the only conceivable reason you give these assignments to someone like this guy is that he’s loyal and willing to do things that other people won’t.
The additional, clear through-line in the whole DOGE story is that the DOGErs arrived at a federal government that was complex and decentralized in its powers. There’s no button at the White House you can push and turn off all the government’s computer networks. On a more mundane level, there’s no central email database from which the President can fire off an all-staff email to everyone who works in the U.S. government. This feature of the federal government has many roots, some good, some bad. But one reason it’s set up that way is that it creates resilience. You’re not going to have a computer virus take down everything at once, or gain access to everything everywhere. If we look at everything that DOGE has done over the last 3+ weeks, a unifying feature is the effort to pull all of these networks together for more central control. The first signs of DOGE activities at the Office of Personnel Management was the creation of just that centralized email distribution. It kicked off with the “fork” emails. But it continued from there and expanded out beyond email. Gaining access to CISA is just another chapter in that fast-moving story.
It’s obvious that you’d want to be very cautious about centralizing this much power in anyone’s hands, especially people working outside all existing frameworks of oversight and accountability. But creating these centralizing structures and pathways also creates more dangerous pathways for other bad actors to attack the U.S. government. It’s a bit like compartmentation in intelligence work. You don’t create single points of access to everything because you want to limit the potential harm of any single break-in or compromise.
The additional point is a more generic and interpretive one. There’s no question Elon Musk is driving this train. Trump has licensed it. He is approving what happens after the fact. I have no doubt he’s enjoying the pain he’s seeing inflicted. And a good bit of it overlaps with the goals of his existing entourage. But Musk is driving this train and I don’t think anyone really knows entirely where he’s going.