{"id":881,"date":"2024-11-18T16:22:11","date_gmt":"2024-11-18T16:22:11","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=881"},"modified":"2024-11-18T16:22:11","modified_gmt":"2024-11-18T16:22:11","slug":"musks-anticipated-cost-cutting-hacks-could-weaken-american-cybersecurity","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=881","title":{"rendered":"Musk\u2019s anticipated cost-cutting hacks could weaken American cybersecurity"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Donald Trump has named<\/a> loyalist and the richest man in the world, Elon Musk, along with former presidential candidate Vivek Ramaswamy, to spearhead an initiative called the Department of Government Efficiency, or DOGE.<\/p>\n

DOGE, named in a nod to Musk\u2019s favorite meme currency, aims to make deep cuts to US government spending. Musk says he seeks to cut at least $2 trillion from the US civilian agency federal budget while dramatically scaling back regulations in what he calls<\/a> a \u201cbonfire of nonsense regulations.\u201d<\/p>\n

Despite its name, DOGE will not, at least immediately, function as an actual US government department. Creating such a department would require an act of Congress, a virtual impossibility in the current political environment. Instead, reports suggest it will act as a business advisory panel operating under a 1972 law<\/a> called the Federal Advisory Committee Act.<\/p>\n

Some experts argue that it doesn\u2019t matter if DOGE is only an advisory arm, given Trump\u2019s obeisance to Musk, whose campaign finance donations and heavy promotion of his candidacy on X helped ensure his victory. \u201cWhether it\u2019s a department is not the question here,\u201d David Brumley, CEO of Mayhem Security, tells CSO. \u201cMusk has access to Trump. Trump has put in a bunch of people with no experience. They\u2019re going to need to get advice. They\u2019re going to just follow his advice.\u201d<\/p>\n

DOGE-recommended cuts, if implemented, will likely significantly impact the cybersecurity efforts of most US federal agencies. \u201cThe main implication for cyber is he\u2019s not going to go in and say, \u2018We need less cybersecurity,’\u201d Brumley says.<\/p>\n

\u201cThat\u2019s not what we\u2019re going to see. We\u2019re going to see him chipping at the edges where quality and cybersecurity are very heavily related. He will start ignoring and removing the bureaucrats responsible for enforcing cybersecurity rules and recommendations. I think Elon will get rid of people in the bureaucracy who ask questions,\u201d just as he did with Twitter when he cut<\/a> 80% of the staff, including most of the cybersecurity, trust, and safety staff after he acquired the company.<\/p>\n

Musk\u2019s business interests implicate a range of cyber efforts<\/h2>\n

Although it\u2019s too soon to predict what cybersecurity regulations DOGE might affect, experts say Musk might, at minimum, seek to strip regulatory power from agencies that align with some of his business interests, weakening their cybersecurity requirements or recommended practices in the process.<\/p>\n

Musk\u2019s effort dovetails with what experts have already said: there is a high likelihood that the Trump administration will move<\/a> to eliminate cybersecurity regulations. A landmark Supreme Court decision<\/a> this summer that casts doubt on the future of all expert agency regulations reinforces this deregulatory direction.<\/p>\n

Musk\u2019s major businesses and the corresponding cybersecurity regulations or recommendations that the DOGE effort might hamper include:<\/p>\n

SpaceX and Tesla<\/h3>\n

Most of the cyber constraints related to Musk\u2019s SpaceX or Tesla deal with \u201ccyber-physical systems\u201d or industries that rely on operational technology. Unlike other cybersecurity regulations, cybersecurity requirements imposed on cyber-physical systems can be bespoke arrangements with government agencies that aren\u2019t open to the public. Therefore, it\u2019s difficult to gauge the degree to which Musk\u2019s companies are already complying with or objecting to those requirements today.<\/p>\n

\u201cFor example, SpaceX works with NASA, and NASA ultimately has to approve what gets flown,\u201d Brumley explains. \u201cIt\u2019s one company working with very high-tier people at NASA. Given how big the program is, you won\u2019t see much public discussion about these sorts of things.\u201d<\/p>\n

Even so, some well-known regulatory initiatives undertaken by the Trump and Biden administrations might be in DOGE\u2019s crosshairs, including those that, while not technically federal requirements, are cited by agencies as recommended practices for cybersecurity risk management. These include SPD-5<\/a>, a space cybersecurity policy directive signed by Trump in 2020 to provide guidance on protecting space assets.<\/p>\n

To strip away regulations affecting Tesla, Musk might target the February 2023 National Electric Vehicle Infrastructure Standards and Requirements<\/a> issued by the Federal Highway Administration and the US Department of Transportation. This effort established minimum standards and regulatory requirements, including cybersecurity requirements, for light-duty EV chargers funded under the Infrastructure Investment and Jobs Act. Musk might also seek to negate the 2022 voluntary cybersecurity guidance for modern vehicles<\/a> issued by the National Highway Traffic Safety Administration.<\/p>\n

Neuralink<\/h3>\n

Another Musk business facing cybersecurity requirements is his implantable brain-computer interface startup, Neuralink. In May 2023, Neuralink received<\/a> US Food and Drug Administration (FDA) clearance for its first-in-human clinical trial<\/a> of its brain implant. In September 2024, Neuralink\u2019s Blindsight implant received<\/a> the FDA\u2019s \u201cbreakthrough device\u201d designation to restore sight in the vision-impaired. Both devices are subject to FDA recommendations<\/a> regarding cybersecurity in medical devices.<\/p>\n

xAI<\/h3>\n

xAI is Elon Musk\u2019s artificial intelligence company, founded in 2023 as a rival to OpenAI. Its goal is to \u201cunderstand the true nature of the universe.\u201d Given Musk\u2019s grand ambitions for xAI, his DOGE effort could loom large in what will likely be a shift in policy away from the joint guidance of securing AI systems<\/a> agreed to by the Five Eyes consortium, Biden\u2019s executive order<\/a> on the safety and security of AI systems and the White House\u2019s Blueprint for an AI Bill of Rights<\/a>.<\/p>\n

However, given that Trump issued a non-controversial AI executive order<\/a> during his first term, and Musk backed<\/a> the stringent AI regulation bill<\/a> that California governor Gavin Newsom vetoed in September, it\u2019s also possible that Musk and DOGE might lead a policy shift on AI that is more aligned with existing AI safety efforts.<\/p>\n

X (formerly Twitter)<\/h3>\n

Although no federal regulations govern Musk\u2019s social media network X, Musk has sought to terminate a consent order<\/a> with the US Federal Trade Commission regarding the social media company\u2019s data privacy protections.<\/p>\n

In addition, Musk could weigh in at the federal level on several legislative proposals related to content moderation. These proposals include revoking<\/a> Section 230 of the Communications Decency Act, which exempts social media and other platforms from liability for hate and other offensive speech posted on their platforms.<\/p>\n

Musk\u2019s vast conflict of interests creates a bad image<\/h2>\n

Experts agree that Musk\u2019s role in DOGE signals a massive conflict of interest, given how many cyber requirements and recommendations affect his businesses and, more importantly, how much Musk\u2019s enterprises depend on US government contracts.<\/p>\n

For example, NASA has awarded<\/a> SpaceX more than $4 billion for two human moon landings later this decade. SpaceX also has multiple contracts with the US Defense Department, some classified and said to be worth billions. In addition, the Pentagon has purchased internet services in Ukraine from SpaceX\u2019s Starlink constellation to launch rockets, build satellites, and provide space-based communications services. SpaceX has reportedly landed $11 billion in federal contracts over the past five years.<\/p>\n

\u201cTrump could not possibly have made a worse choice than Elon Musk to lead the new \u2018Department of Efficiency\u2019 panel,\u201d Craig Holman, who focuses on governmental ethics at nonprofit consumer advocacy organization Public Citizen, tells CSO.<\/p>\n

\u201cHe is battling the FAA as the agency seeks to ensure safety regulations over SpaceX rocket development. He has been fined by the EPA for pollution near his Texas launch pad. The Securities and Exchange Commission disciplined Musk over Tesla. And the National Highway Traffic Safety Administration is watching for safety concerns over the course of Tesla\u2019s self-driving cars.\u201d<\/p>\n

Holman adds: \u201c[Musk] will now be in a position to influence the awarding of lucrative government contracts, all the while whittling down public safety measures for self-serving enrichment. Musk\u2019s appointment is not only untenable for the public\u2019s interest; it is likely to backfire on the Trump administration by creating an image of self-dealing manipulation of government regulations and fostering corruption in government contracting.\u201d<\/p>\n

Michael Daniel, president and CEO of the Cyber Threat Alliance, agrees. He tells CSO, \u201cThe idea that you\u2019re going to put somebody who has as many business interests as he does in a place where he could easily make himself even richer from the actions that he would take should be anathema to people.\u201d<\/p>\n

Stripping out regulations won\u2019t be easy or could be impossible<\/h2>\n

Even if Musk and the DOGE effort were to succeed in hacking back a significant number of regulations, experts say it won\u2019t come easy. \u201cOne doesn\u2019t know how enduring their relationship will be, nor how much of it is just going to be talk, nor how much opposition there might be in the state generally,\u201d Tony Yates, former Professor of Economics at Birmingham University in the UK and a former senior advisor to the Bank of England, tells CSO.<\/p>\n

\u201cThe US has lots of checks and balances, many of which aren\u2019t working as well as they used to,\u201d he says. \u201cBut they\u2019re still not entirely absent. So, it\u2019s really hard to predict.\u201d<\/p>\n

Daniel notes that it is not the first time that a US administration has tried to bring in businesspeople to look at how the government works and make recommendations, Daniel says. \u201cBut, at the end of the day, most of what you\u2019re talking about would also have to go through the legislative process.<\/p>\n

Despite all the tough talk, Trump and Musk face an uphill battle even with the Republican party in control of the House and Senate. \u201cThere are no programs in the federal government that do not have constituencies,\u201d Daniel says. \u201cNow, they may be constituencies that this administration doesn\u2019t care about. But, the programs that don\u2019t have constituencies have been cut and killed, and their resources have been applied to other things over time.\u201d<\/p>\n

Some experts doubt that Musk will be able to achieve the regulatory bonfire he desires. \u201c[Both Trump and Musk] have sketched very drastic cuts in government expenditure that might be possible because, in their wisdom, they think that there\u2019s 20%, 30%, 40% waste in the state,\u201d Yates says. \u201cThat\u2019s complete nonsense. I\u2019m sure there is some waste in every modern state, but there is no prospect of saving that kind of money without causing very great damage to the administrative state in the US.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Donald Trump has named loyalist and the richest man in the world, Elon Musk, along with former presidential candidate Vivek Ramaswamy, to spearhead an initiative called the Department of Government Efficiency, or DOGE. DOGE, named in a nod to Musk\u2019s favorite meme currency, aims to make deep cuts to US government spending. Musk says he […]<\/p>\n","protected":false},"author":0,"featured_media":880,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-881","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/881"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=881"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/881\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/880"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=881"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=881"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=881"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}