A federal judge’s order that Elon Musk’s team temporarily cease boring into the treasury department’s payment systems raises a far larger question: whether what Elon Musk has labelled the department of government efficiency is creating a major cyber and national security vulnerability.
The activities of Musk’s government cost-cutting effort, Judge Paul A. Engelmayer said in his order on Saturday, risk “the disclosure of sensitive and confidential information” and render the Treasury’s systems “more vulnerable than before to hacking”.
It is a risk that cybersecurity experts have been sounding alarms over in the past 10 days, as Musk’s band of young coders demanded access to the treasury’s innermost systems. That access was ultimately granted by Scott Bessent, the newly confirmed treasury secretary.
But other than vague assurances that the new arrivals at the treasury’s door had proper clearances, there was no description of how their work would be secured — and plenty of reason to believe that it would make it easier for Chinese and Russian intelligence services to target the treasury’s systems.
That was the central argument made by 19 attorneys general as they sought a temporary restraining order to get Musk’s workers out of the treasury systems. And Judge Engelmayer endorsed it on Saturday, limiting access to existing treasury officials until a hearing next week in front of a different federal judge.
The government has maintained that Musk’s team has been limited to reviewing “read-only” data in the treasury department’s systems, though the administration is now placing appointees in positions where they could do much more.
The concern about the targeting of the department is hardly hypothetical: In December, the agency said in a letter to Congress that a Chinese intelligence group had broken into its systems and stolen unclassified material. A full assessment of that damage has not been made public. But it was a reminder that the treasury department — as much at the Pentagon and its contractors, the CIA and the White House — is high on Beijing’s target list. And any new access to the agency’s systems potentially creates a new way in for intruders.
In the days before the order, concerns over the potential security vulnerabilities created by Musk’s project were rampant. The Washington Post reported that a subcontractor to Booz Allen Hamilton, the firm that runs much of the treasury’s threat detection centre, had issued a written warning; it was retracted after its contents were leaked.
Outside experts have described, in detail, what could happen when an outsider gains sudden access to a locked-down system: Personal data could leak, payments could be diverted and information about political rivals could be collected.
Bruce Schneier, a cybersecurity expert at Harvard and the author of a series of books on security vulnerabilities, including Click Here to Kill Everybody, called the entry of Musk’s force “the most consequential security breach” in American history.
Schneier noted that the intrusion came “not through a sophisticated cyberattack or an act of foreign espionage but through official orders by a billionaire with a poorly defined government role”.
Musk, of course, is attuned to cybersecurity issues. Starlink, the satellite system run by his company SpaceX, kept Ukraine in communications after the Russian invasion and is considered highly secure. So are the reusable rocket operations of SpaceX, which China’s space engineers have been eager to replicate.
So federal officials say that they have been shocked by the carelessness with which Musk’s workers pierced government systems, including two that are repositories of millions of sensitive records: the treasury and the US office of personnel management, both of which have been major targets of China’s intelligence services.
New York Times News Service
