The fundraiser for the ICE agent in the Renee Good killing has stayed online in seeming breach of GoFundMe’s own terms of service, prompting questions about selective enforcement.

The crowdfunding platform GoFundMe is allowing a fundraising campaign tied to the potential legal defense of an Immigration and Customs Enforcement (ICE) agent who fatally shot a civilian to remain online, despite company rules barring fundraisers connected to violent crimes and past enforcement actions against similar campaigns.

The fundraiser, titled “ICE OFFICER Jonathan Ross,” seeks at least $550,000 to support potential legal expenses for the ICE agent identified as having shot and killed Renee Nicole Good, a mother of three and widow of a military veteran, during an encounter with immigration agents in Minneapolis.

The officer was first identified as Jonathan Ross, 43, by the Minnesota Star Tribune.

The GoFundMe campaign’s stated purpose—raising money for legal services following a killing—directly conflicts with GoFundMe’s terms of service, which specifically bars fundraisers that are intended to support the legal defense of people accused of financial or violent crimes.

GoFundMe has not publicly explained why the Ross fundraiser remains active despite its terms of service stating users agree not to “use the Service or Platform to raise funds” for the “the legal defense of financial and violent crimes, including those related to money laundering, murder, robbery, assault, battery, sex crimes or crimes against minors.”

Ross has not been formally charged with any crime. The shooting is being investigated exclusively by the FBI after federal authorities effectively blocked Minnesota investigators from participating, prompting the state attorney general and Hennepin County attorney to launch a parallel effort to collect evidence independently.

In an email, a GoFundMe spokesperson told WIRED on Sunday night that it was in the process of reviewing all fundraisers tied to the shooting. “During the review process, all funds remain safely held by our payment processors,” the spokesperson said. “GoFundMe’s Terms of Service prohibit fundraisers that raise money for the legal defense of anyone formally charged with a violent crime. Any campaigns that violate this policy will be removed.”

The company added that it was working directly with the organizer of the Ross fundraiser to “gather additional information.” The organizer is identified on the site as Clyde Emmons of Mount Forest, Michigan. WIRED could not immediately reach Emmons or confirm his identity.

On Sunday night, Emmons’ fundraiser stated that “funds will go to help pay for any legal services this officer needs.” That language was removed after WIRED’s inquiry and replaced by Monday morning with the phrase, “Funds will go to help him.”

GoFundMe did not respond to multiple follow up requests for comment, including questions as to whether it had advised the organizer to change the description to better comport with its rules.

Despite the changes, several slides in a carousel at the top of the Ross fundraising page—which remain active at time of writing—make the purpose of the fundraising explicitly clear: “Give to cover Jonathan’s legal defense” and “Officer Jonathan Ross’s legal defense fund pays attorney fees and court costs.”

GoFundMe’s inaction contrasts with its handling of earlier cases involving law enforcement officers and civilians killed during encounters with police.

In 2015, GoFundMe removed a Baltimore City Fraternal Order of Police fundraiser for Baltimore police officers charged in the death of Freddie Gray, citing violations of its rules against supporting legal defenses in violent cases. That same year, the platform removed a campaign for a South Carolina officer charged in the fatal shooting of Walter Scott.

Said a company spokeswoman at the time of the Gray fundraiser: “GoFundMe cannot be used to benefit those who are charged with serious violations of the law. The campaign clearly stated that the money raised would be used to assist the officers with their legal fees, which is a direct violation of GoFundMe’s terms."

Good, 37, was gunned down during a January 7 encounter with ICE agents in Minneapolis. Video recorded by bystanders shows Good in a dark red SUV reversing as masked agents approach. One agent, identified in the press as Ross, is shown circling the vehicle with his cell phone raised, then stepping into position almost directly in front of the idling SUV before firing as it moves past him.

The video evidence sharply conflicts with public accounts offered by senior Trump administration officials, including DHS statements describing Good as a “domestic terrorist” who “weaponized” her vehicle, as well as President Donald Trump’s claim that “she ran him over.”

State officials said over the weekend that the Minnesota Bureau of Criminal Apprehension had been cut off from the crime scene and no longer had access to key evidence, including Good’s vehicle and witness interviews. Local prosecutors claimed that without access to the FBI’s case file, it may be impossible for the state to assess whether charges are warranted, even though the shooting is well documented, occurred in Hennepin County, and involves a Minnesota resident.

A separate fundraiser for Good’s widow and family has currently raised more than $1.5 million.

GoFundMe Ignores Own Rules by Hosting a Legal-Defense Fund for the ICE Agent Who Killed Renee Good

Plus: Iran shuts down its internet amid sweeping protests, an alleged scam boss gets extradited to China, and more.

After a federal agent shot and killed 37-year-old Renee Good in Minneapolis on Wednesday, WIRED surfaced December federal court testimony from the reported ICE shooter, Jonathan Ross. In it, he said he was a firearms trainer and that he has had “hundreds” of encounters with drivers in a professional capacity during enforcement actions. Separately, we looked at how the tactics behind protest policing are moving toward intentional antagonism. If you haven’t seen it, here’s our guide to protesting safely in the age of surveillance.

Meanwhile, the artificial-intelligence-powered chatbot Grok, developed by Elon Musk’s xAI, was everywhere this week because the platform has been expanding access to digital “undressing” capabilities that allow users to generate naked images of people and then post them to the social media platform X. A WIRED review found that Grok has been generating graphic content—including violent sexual images and videos, as well as media that depicts apparent minors—that has been available on Grok’s official website that’s even more explicit than content on X. All of this has led researchers and activists to ask why Grok and X are still available in Apple’s and Google’s app stores when the companies have removed other “nudify” apps for violating their terms. On Friday, X seemed to take steps to limit who can generate images with Grok to paid, “verified” users. In practice, though, the chatbot is still being used to create sexualized “undressing” images on the platform, even if the capability isn’t quite as accessible as it was before.

If you, like billions of other people globally, are a WhatsApp user, we’ve got tips about features in the end-to-end encrypted communication app that can boost its privacy and security even more. Plus, while invasive spyware is still relatively rare, it continues to proliferate around the world, so we have a guide to protecting your smartphone.

And there’s more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**ICE’s New Surveillance Tools Can Monitor Whole Neighborhoods and Track People**

Materials obtained by 404 Media shed new light on how the surveillance tools Tangles and Webloc from a company called Penlink can provide information to ICE agents after the agency contracted for the services in September. The social-media and phone-surveillance platforms can be used to monitor neighborhoods or city blocks for mobile phones and track the devices over time, potentially revealing where people live, work, and visit. Penlink purchases vast troves of commercial location data to augment and expand the dragnet.

“This is a very dangerous tool in the hands of an out-of-control agency. This granular location information paints a detailed picture of who we are, where we go, and who we spend time with,” Nathan Freed Wessler, deputy project director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project, told 404 Media.

**Iran Shuts Down the Internet Again as Mass Protests Unfold**

For the past two weeks, thousands of Iranians have been protesting against the country’s brutal regime and leadership, calling for reform after protests initially broke out over poor economic conditions. In response to the growing unrest, the country’s supreme leader has indicated harsh potential crackdowns may happen. As part of the country’s response, it has initiated a total internet blackout: As of January 9, Iranians had been without connectivity for more than 24 hours. Reports indicate that people have not been able to access social media, leaving them out of contact with family members, as well as preventing them from using ATMs and bank cards.

It is not the first time that Iran has shut down the internet for millions of people. The country, which has been building out the technical capability to digitally isolate itself from the global internet for years, previously shut down connections in 2025, 2022, and 2019. Often these internet shutdowns have been designed to stop protesters from communicating with one another and organizing, to limit the spread of news, and to stop video footage of law enforcement brutality from spreading around the world. They also cause huge self-inflicted economic damage to Iran.

**Alleged $15 Billion Scam-Center Boss Extradited to China**

In October, officials in the United States and United Kingdom sanctioned Cambodian national Chen Zhi and his company, Prince Holding Group, for allegedly running forced labor scam compounds across Cambodia—and a $15 billion fraudulent operation in the process. This week, Chen was extradited to China from Cambodia. He was shown on television wearing a hood and handcuffs as he was escorted off a plane in Beijing. The Guardian reports it is “not immediately clear” what charges Chen faces in China, although officials said his case is part of a wider crackdown on notorious scam compounds that have stolen billions from people around the world.

**China’s “Salt Typhoon” Hackers Breached Email Accounts of US Congressional Committee Staffers**

The notorious Chinese state-backed espionage hackers Salt Typhoon reportedly compromised the email accounts of a number of US congressional committee staffers as part of a campaign detected in December. Attackers targeted House China Committee staff communications as well as those from the Intelligence Committee, Armed Services Committee, and Foreign Affairs Committee. The incident is just the latest in a sprawling series of public and private sector breaches carried out by Salt Typhoon that have given Chinese intelligence extensive insight into US government communications.

ICE Can Now Spy on Every Phone in Your Neighborhood

X is allowing only “verified” users to create images with Grok. Experts say it represents the “monetization of abuse”—and anyone can still generate images on Grok’s app and website.

After creating thousands of “undressing” pictures of women and sexualized imagery of apparent minors, Elon Musk’s X has apparently limited who can generate images with Grok. However, despite the changes, the chatbot is still being used to create “undressing” sexualized images on the platform.

On Friday morning, the Grok account on X started responding to some users’ requests with a message saying that image generation and editing are “currently limited to paying subscribers.” The message also includes a link pushing people toward the social media platform’s $395 annual subscription tier. In one test of the system requesting Grok create an image of a tree, the system returned the same message.

The apparent change comes after days of growing outrage against and scrutiny of Musk’s X and xAI, the company behind the Grok chatbot. The companies face an increasing number of investigations from regulators around the world over the creation of nonconsensual explicit imagery and alleged sexual images of children. British prime minister Keir Starmer has not ruled out banning X in the country and said the actions have been “unlawful.”

Neither X nor xAI, the Musk-owned company behind Grok, has confirmed that it has made image generation and editing a paid-only feature. An X spokesperson acknowledged WIRED’s inquiry but did not provide comment ahead of publication. X has previously said it takes “action against illegal content on X,” including instances of child sexual abuse material. While Apple and Google have previously banned apps with similar “nudify” features, X and Grok remain available in their respective app stores. xAI did not immediately respond to WIRED's request for comment.

For more than a week, users on X have been asking the chatbot to edit images of women to remove their clothes—often asking for the image to contain a “string” or “transparent” bikini. While a public feed of images created by Grok contained far fewer results of these “undressing” images on Friday, it still created sexualized images when prompted to by X users with paid for “verified” accounts.

“We observe the same kind of prompt, we observe the same kind of outcome, just fewer than before,” Paul Bouchaud, lead researcher at Paris-based nonprofit AI Forensics, tells WIRED. “The model can continue to generate bikini \[images\],” they say.

A WIRED review of some Grok posts on Friday morning identified Grok generating images in response to user requests for images that “put her in latex lingerie” and “put her in a plastic bikini and cover her in donut white glaze.” The images appear behind a “content warning” box saying that adult material is displayed.

On Wednesday, WIRED revealed that Grok’s stand-alone website and app, which is separate from the version on X, has also been used in recent months to create highly graphic and sometimes violent sexual videos, including celebrities and other real people. Bouchaud says it is still possible to use Grok to make these videos. “I was able to generate a video with sexually explicit content without any restriction from an unverified account,” they say.

While WIRED’s test of image generation using Grok on X using a free account did not allow any images to be created, using a free account on Grok’s app and website still generated images.

The change on X could immediately limit the amount of sexually explicit and harmful material the platform is creating, experts say. But it has also been criticized as a minimal step that acts as a band-aid to the real harms caused by nonconsensual intimate imagery.

“The recent decision to restrict access to paying subscribers is not only inadequate—it represents the monetization of abuse,” Emma Pickering, head of technology-facilitated abuse at UK domestic abuse charity Refuge, said in a statement. “While limiting AI image generation to paid users may marginally reduce volume and improve traceability, the abuse has not been stopped. It has simply been placed behind a paywall, allowing X to profit from harm.”

X Didn’t Fix Grok's ‘Undressing’ Problem. It Just Makes People Pay for It

Jonathan Ross told a federal court in December about his professional background, including “hundreds” of encounters with drivers during enforcement actions, according to testimony obtained by WIRED.

Jonathan Ross, the Immigration and Customs Enforcement officer identified by multiple news outlets as the federal agent who shot 37-year-old Renee Good in Minneapolis on Wednesday, is a veteran deportation officer in ICE’s Enforcement and Removal Operations division, according to sworn testimony from the federal district court in Minnesota obtained by WIRED. A member of a Special Response Team, ICE’s version of a SWAT team, he’s had duties as a firearms trainer and led teams drawn from multiple federal agencies including the FBI, Ross testified.

The testimony stems from a December 2025 trial related to a June incident with parallels to the interaction that led to Good’s killing.

In June, according to Ross’s testimony, he led a team seeking to apprehend a man named Roberto Carlos Muñoz-Guatemala, who was on an administrative warrant for being in the United States without authorization. Because the man’s home was across from a school and immigration agents had no authority to enter his home, Ross testified, they instead trailed him in unmarked vehicles.

Muñoz-Guatemala’s attorney did not immediately reply to a request for comment.

According to the December testimony and a New York Times account of an FBI agent’s affidavit associated with the case, Ross approached Muñoz-Guatemala and asked him to roll down his window and open his door. Ross, who testified that he had been driving an unmarked vehicle, was dressed in ranger green and gray, and wore his badge on his belt, broke the driver’s side back window and reached into the vehicle, at which point Muñoz-Guatemala pulled away.

While being dragged at a speed he claimed seemed like “40 miles an hour at least, if not more,” Ross pulled out his Taser and fired it at the driver. Muñoz-Guatemala continued to drive and succeeded in shaking Ross from the car. At trial, Ross testified that he suffered injuries that required 33 stitches.

According to the affidavit, Muñoz-Guatemala called 911 to report that he’d been assaulted by ICE, which led to his arrest. Last month, he was convicted of assault on a federal officer with a dangerous weapon.

Reports from the Minnesota Star-Tribune, The Intercept, and The Guardian identified Ross as the shooter who killed Good, a mother and recent transplant to Minneapolis, during an immigration enforcement action in the city. Video of the incident appears to show a federal agent firing shots into Good’s vehicle as she attempted to leave the scene. The officer did not appear to have been struck by the vehicle, and Good appeared to be turning the wheel to avoid contact, video analysis by The New York Times and The Washington Post shows.

At Thursday’s White House press briefing, vice president JD Vance answered questions about the incident, and his responses included numerous identifying details about Ross, mainly relating to his interaction with Muñoz-Guatemala. “That very ICE officer nearly had his life ended, dragged by a car, six months ago, 33 stitches in his leg,” said Vance, “so you think maybe he is a little bit sensitive about somebody ramming him with an automobile?”

Department of Homeland Security secretary Kirsti Noem has repeatedly described Good’s actions as an intentional act of “domestic terrorism.” An FBI investigation into Good’s killing is ongoing.

DHS spokesperson Tricia McLaughlin told WIRED in a statement that the department is “not going to expose the name of this officer. He acted according to his training.” McLaughlin added that federal immigration agents “are under constant threat from violent agitators” because of “doxxing” and that the Minnesota Star Tribune, which first published Ross’ name, “should delete their story immediately.”

According to Ross’ December testimony, he served in the Indiana National Guard and was deployed to Iraq from 2004 to 2005 as a machine gunner on a patrol truck, then joined Border Patrol in 2007 after finishing college, working near El Paso, Texas.

“I did normal Border Patrol duties,” Ross testified, “including line-watch operations, tracking, and I also was a field intelligence agent.” In that latter role, he testified, Ross “compiled and analyzed information from raw information, creating an intelligence product and focusing more so on the cartels and drug smuggling and also alien smuggling.”

In 2015, according to his testimony, Ross joined ICE, working in the ERO division, where he was tasked with targeting “higher-value targets” as a deportation officer in the Twin Cities area. A member of a joint anti-terrorism task force with the FBI, he testified that he’s a “team leader” who, on a typical operation, oversees two FBI agents and an IRS or ATF agent.

“I develop the targets, create a target package, surveillance, and then develop a plan to execute the arrest warrant,” he testified. He also described what he termed “collateral” duties he’s carried out in addition to deportation work.

“I am a firearms instructor, an active shooter instructor,” he testified. “I'm also a field intelligence officer, and I am a member of the SWAT team, the St. Paul Special Response Team.”

In his testimony, Ross said that he had made hundreds of vehicle stops in his career and generally described people who attempt to flee. “They do erratic behaviors,” he testified. “They take great risks, and they seem to not be aware of other people driving on the road. They usually—they make just extreme movements with their vehicles.”

In his testimony, Ross claimed that after he approached Muñoz-Guatemala, the man asked for his attorney.

In court, Eric Newmark, who was representing Muñoz-Guatemala, noted that even government lawyers hadn’t previously heard this assertion. “I think he just made it up on the stand,” Newmark told the judge. “He never said it before. I think he said it for a particular reason”—allegedly to show that Muñoz-Guatemala was aware that he was being apprehended by law enforcement and not attacked by a masked carjacker. A prosecutor in the case conceded that the claim was “grounds for impeachment” against Ross because he “did not previously say that—as far I know.”

Under cross-examination by Newark, Ross testified that people he encounters often “act like they’re confused,” implying that they do know he’s a federal agent even if they appear not to.

“I believe it's—it seems to be something that some ​​people just—just say to—to stall,” he testified. “I believe a lot of time people are on the phone and they're waiting for people to get—to show up, especially with our line of work.

“They've got phone trees where they call and then protesters show up.”

_Updated 8:30 am ET, January 9, 2026: Added citation to The Intercept, which identified Ross following the Minnesota Star-Tribune and first reported on a Facebook photo captioned “Jon Ross in Iraq.”_

ICE Agent Who Reportedly Shot Renee Good Was a Firearms Trainer, per Testimony

A WIRED review of outputs hosted on Grok’s official website shows it’s being used to create violent sexual images and videos, as well as content that includes apparent minors.

_This story contains descriptions of explicit sexual content and sexual violence._

Elon Musk’s Grok chatbot has drawn outrage and calls for investigation after being used to flood X with “undressed” images of women and sexualized images of what appear to be minors. However, that’s not the only way people have been using the AI to generate sexualized images. Grok’s website and app, which are are separate from X, include sophisticated video generation that is not available on X and is being used to produce extremely graphic, sometimes violent, sexual imagery of adults that is vastly more explicit than images created by Grok on X. It may also have been used to create sexualized videos of apparent minors.

Unlike on X, where Grok’s output is public by default, images and videos created on the Grok app or website using its Imagine model are not shared openly. If a user has shared an Imagine URL, though, it may be visible to anyone. A cache of around 1,200 Imagine links, plus a WIRED review of those either indexed by Google or shared on a deepfake porn forum, shows disturbing sexual videos that are vastly more explicit than images created by Grok on X.

One photorealistic Grok video, hosted on Grok.com, shows a fully naked AI-generated man and woman, covered in blood across the body and face, having sex, while two other naked women dance in the background. The video is framed by a series of images of anime-style characters. Another photorealistic video includes an AI-generated naked woman with a knife inserted into her genitalia, with blood appearing on her legs and the bed.

Other short videos include imagery of real-life female celebrities engaged in sexual activities, and a series of videos also appear to show television news presenters lifting up their tops to expose their breasts. One Grok-produced video depicts a recording of CCTV footage being played on TV, where a security guard fondles a topless woman in the middle of a shopping mall.

Multiple videos—likely created to try to avoid Grok’s content safety systems, which may restrict graphic content—impersonate Netflix “movie” posters: Two videos show a naked AI depiction of Diana, Princess of Wales, having sex with two men on a bed with an overlay depicting the logos of Netflix and its series _The Crown_.

Around 800 of the archived Imagine URLs contain either video or images created by Grok, says Paul Bouchaud, the lead researcher at the Paris-based nonprofit AI Forensics, who reviewed the content. The URLs have all been archived since August last year and represent only a tiny snapshot of how people have used Grok, which has likely created millions of images overall.

“They are overwhelmingly sexual content,” Bouchaud says of the cache of 800 archived Grok videos and images. “Most of the time it’s manga and hentai explicit content and \[other\] photorealistic ones. We have full nudity, full pornographic videos with audio, which is quite novel.”

Bouchaud estimates that of the 800 posts, a little less than 10 percent of the content appears to be related to child sexual abuse material (CSAM). “Most of the time it's hentai, but there are also instances of photorealistic people, very young, doing sexual activities,” Bouchaud says. “We still do observe some videos of very young-appearing women undressing and engaging in activities with men,” they say. “It's disturbing to another level.”

The researcher says they reported around 70 Grok URLs, which may contain sexualized content of minors, to regulators in Europe. In many countries, AI-generated CSAM, including drawings or animations, can be considered illegal. French officials did not immediately respond to WIRED’s request for comment; however, the Paris prosecutor's office recently said two lawmakers had filed complaints with its office, which is investigating the social media company, about the “stripped” images.

Grok Is Generating Sexual Content Far More Graphic Than What's on X

Paid tools that “strip” clothes from photos have been available on the darker corners of the internet for years. Elon Musk’s X is now removing barriers to entry—and making the results public.

Elon Musk hasn’t stopped Grok, the chatbot developed by his artificial intelligence company xAI, from generating sexualized images of women. After reports emerged last week that the image generation tool on X was being used to create sexualized images of children, Grok has created potentially thousands of nonconsensual images of women in “undressed” and “bikini” photos.

Every few seconds, Grok is continuing to create images of women in bikinis or underwear in response to user prompts on X, according to a WIRED review of the chatbots’ publicly posted live output. On Tuesday, at least 90 images involving women in swimsuits and in various levels of undress were published by Grok in under five minutes, analysis of posts show.

The images do not contain nudity but involve the Musk-owned chatbot “stripping” clothes from photos that have been posted to X by other users. Often, in an attempt to evade Grok’s safety guardrails, users are, not necessarily successfully, requesting photos to be edited to make women wear a “string bikini” or a “transparent bikini.”

While harmful AI image generation technology has been used to digitally harass and abuse women for years—these outputs are often called deepfakes and are created by “nudify” software—the ongoing use of Grok to create vast numbers of nonconsensual images marks seemingly the most mainstream and widespread abuse instance to date. Unlike specific harmful nudify or “undress” software, Grok doesn’t charge the user money to generate images, produces results in seconds, and is available to millions of people on X—all of which may help to normalize the creation of nonconsensual intimate imagery.

“When a company offers generative AI tools on their platform, it is their responsibility to minimize the risk of image-based abuse,” says Sloan Thompson, the director of training and education at EndTAB, an organization that works to tackle tech-facilitated abuse. “What’s alarming here is that X has done the opposite. They’ve embedded AI-enabled image abuse directly into a mainstream platform, making sexual violence easier and more scalable.”

Grok’s creation of sexualized imagery started to go viral on X at the end of last year, although the system’s ability to create such images has been known for months. In recent days, photos of social media influencers, celebrities, and politicians have been targeted by users on X, who can reply to a post from another account and ask Grok to change an image that has been shared.

Women who have posted photos of themselves have had accounts reply to them and successfully ask Grok to turn the photo into a “bikini” image. In one instance, multiple X users requested Grok alter an image of the deputy prime minister of Sweden to show her wearing a bikini. Two government ministers in the UK have also been “stripped” to bikinis, reports say.

Images on X show fully clothed photographs of women, such as one person in a lift and another in the gym, being transformed into images with little clothing. “@grok put her in a transparent bikini,” a typical message reads. In a different series of posts, a user asked Grok to “inflate her chest by 90%,” then “Inflate her thighs by 50%,” and, finally, to “Change her clothes to a tiny bikini.”

One analyst who has tracked explicit deepfakes for years, and asked not to be named for privacy reasons, says that Grok has likely become one of the largest platforms hosting harmful deepfake images. “It’s wholly mainstream,” the researcher says. “It’s not a shadowy group \[creating images\], it’s literally everyone, of all backgrounds. People posting on their mains. Zero concern.”

During a two-hour period on December 31, the analyst gathered more than 15,000 URLs of images created by Grok and screen-recorded the chatbots’ “media” tab on X, where generated images—both sexualized and non-sexualized—are posted.

WIRED reviewed more than a third of the URLs that the researcher gathered and found that over 2,500 were no longer available, and nearly 500 were marked as “age-restricted adult content,” requiring a login to view. Many of the remaining posts still featured scantily clad women. The researcher’s screen recordings of Grok’s “media” page on X show an overwhelming number of images of women in bikinis and lingerie.

Musk’s xAI did not immediately respond to a request for comment about the prevalence of sexualized images that Grok has been creating and publishing. X did not immediately respond to a request for comment from WIRED.

X’s Safety account has said it prohibits illegal content. “We take action against illegal content on X, including Child Sexual Abuse Material (CSAM), by removing it, permanently suspending accounts, and working with local governments and law enforcement as necessary,” the account posted. X’s most recent DSA transparency report said that it suspended 89,151 accounts for violating its child sexual exploitation policy between the start of April and the end of June last year, but hasn’t published more recent numbers.

The X Safety account also points to its policies around prohibited content. X’s nonconsensual nudity policy, which is dated December 2021, before Musk purchased what was then Twitter, claims that “images or videos that superimpose or otherwise digitally manipulate an individual’s face onto another person’s nude body” are against the policy.

The use of Grok to create sexualized images of real people is also just the tip of the iceberg. Over the past six years, explicit deepfakes have become more advanced and easier for people to create. Dozens of “nudify” and “undress” websites, bots on Telegram, and open source image generation models have made it possible to create images and videos with no technical skills. These services are estimated to have made at least $36 million each year. In December, WIRED reported how Google’s and OpenAI’s chatbots have also stripped women in photos down to bikinis.

Action from lawmakers and regulators against nonconsensual explicit deepfakes has been slow but is starting to increase. Last year, Congress passed the TAKE IT DOWN Act, which makes it illegal to publicly post nonconsensual intimate imagery (NCII), including deepfakes. By mid-May, online platforms, including X, will have to provide a way for people to flag instances of NCII, which the platforms will be required to respond to within 48 hours.

The National Center for Missing and Exploited Children (NCMEC), a US-based nonprofit that works with companies and law enforcement to address instances of CSAM, reported that its online abuse reporting system saw a 1,325 percent increase in reports involving generative AI between 2023 and 2024. (Such large increases don’t necessarily mean a similarly large increase in activity and can sometimes be attributed to improvements in automated detection or guidelines about what should be reported.) The NCMEC did not respond to a request for comment from WIRED about the posts on X.

In recent months, officials in both the UK and Australia have taken the most significant action so far around “nudifying” services. Australia’s online safety regulator, the eSafety Commissioner, has targeted one of the biggest nudifying services with enforcement action, and UK officials are planning on banning nudification apps.

However, there are still questions around what, if any, action countries may take against X and Grok for the widespread creation of the nonconsensual imagery. Officials in France, India, and Malaysia are among those who have raised concerns or threatened to investigate X over the recent flurry of images.

A spokesperson for the eSafety office says it has “several reports” of Grok being used to generate sexual images since late last year. The office says it is assessing images of adults that were submitted to it, while some images of young people did not meet the country’s legal definition of child sexual exploitation material. “eSafety remains concerned about the increasing use of generative AI to sexualize or exploit people, particularly where children are involved,” the spokesperson says.

On Tuesday, the UK government officially called for X to take action against the imagery. “X needs to deal with this urgently,” technology minister Liz Kendall said in a statement, which followed communications regulator Ofcom contacting X on Monday. “What we have been seeing online in recent days has been absolutely appalling, and unacceptable in decent society.”

Grok Is Pushing AI ‘Undressing’ Mainstream

Meta’s end-to-end encrypted messaging app is used by billions of people. Here’s how to make sure you’re one of the most locked-down ones out there.

WhatsApp is one of the most popular messaging apps in the world, with over 3 billion users. But its ubiquity also makes it a target for attackers. In December, security researchers documented a new form of account hijacking called GhostPairing, which sees users tricked into linking an attacker’s browser to their WhatsApp device.

Meanwhile, in November, Austrian researchers plugged billions of numbers into WhatsApp’s contact discovery tool to create “the most extensive exposure of phone numbers” ever—along with profile photos and more.

WhatsApp is protected by end-to-end encryption, the gold standard of security that, when implemented properly, means only you and the person you’re chatting with can read your messages. Behind the scenes, WhatsApp has also launched passkey-encrypted backups and privacy-enhanced AI technology.

But there are a bunch of features you can use to boost your own privacy and security in the Meta-owned app. Here are eight of the best.

**Privacy Checkup**

A good place to start is WhatsApp’s Privacy Checkup feature in **Settings** under **Privacy**, which allows you to control who sees data such as your profile photo, **About** information, and status. You can also add extra privacy to your profile by adjusting the last **Seen/Online** setting to **Nobody**.

From there, you can choose who is able to contact you on WhatsApp by blocking unwanted calls and messages. It’s also possible to specify who can add you to groups, silence unknown callers, and manage your blocked contacts.

**Disappearing Messages**

While WhatsApp is protected by end-to-end encryption, your messages can be read if you are compromised by spyware or if someone gains physical access to your device.

One way of helping to secure chats against this is disappearing messages, which allows you to set a period of time for texts to stay visible before they are deleted. Messages can be set to disappear after 24 hours, seven days, or 90 days after they’re sent.

Disappearing messages can be set for all chats or for specific conversations. To enable the feature as default for new one-to-one chats, go to **Settings** > **Privacy** > **Default message timer** and set the time frame for messages to **disappear**.

Just keep in mind that the feature requires trust—anyone can screenshot a message, so you can’t guarantee that what you’ve sent will be deleted everywhere all the time.

**Two-Factor Authentication Including a Security PIN**

WhatsApp needs your phone number when you set up an account, but this can also leave it open to various security and privacy risks. A feature that will protect your WhatsApp account from such threats such is a security PIN.

The PIN works as two-factor authentication to protect your chats from prying eyes. Open WhatsApp **Settings**. Tap **Account** > **Two-step verification** > **Turn on or Set up PIN**. Enter a PIN of your choice and confirm it.

You can also add an email address in case you need to reset two-step verification. In addition, you can now add passkeys to protect your WhatsApp account.

**App Lock and Chat Lock**

When using an encrypted app such as WhatsApp, the last thing you want is your message previews popping up for everyone to see. With this in mind, it’s a good idea to disable push notifications in your smartphone’s settings panel.

You can also protect the app via FaceID or Touch ID on the iPhone, or with Android’s Fingerprint Lock. To enable App Lock in WhatsApp, go to **Settings** > **Privacy** > **App Lock**.

If some of your chats require extra privacy, you can lock them so they appear in a separate folder away from the main list. Also protected by your face or fingerprint, the Chat Lock feature can be enabled by going to the contact’s picture, scrolling down, and tapping **Lock Chat**.

If you need to delete conversations in a hurry, WhatsApp allows you to do so in **Settings** > **Privacy** > **Chat Lock** > **Unlock and Clear Locked Chats**.

**Enable Advanced Security Settings**

WhatsApp offers some advanced settings to help protect your account against scammers and prevent revealing your IP address. These settings are super-useful, but they are turned off by default.

To turn the settings on, go to **Privacy** > **Advanced**. The first is **Block Unknown Messages**, which stops you from being bombarded with high volumes of texts—a common scammer tactic.

Next up is the **Protect Your IP Address** setting, which ensures your calls are end-to-end encrypted via WhatsApp’s servers. This will prevent your IP address from being revealed, but the quality of your calls may be reduced.

Finally, if you enable **Disable Link Previews**, the links you send will not generate a preview, which may again reveal your IP address.

**Advanced Chat Privacy**

Another key feature for WhatsApp security is Advanced Chat Privacy, which helps prevent people taking your chats outside of the app, auto-downloading media to their phone, and using your messages for AI features.

To enable the feature for individuals, click the chat you want to edit. Go to **View Contact** > **Advanced Chat Privacy,** and **turn it on**. Just note, you need to enable Advanced Chat Privacy for each individual or group chat you want to apply it to.

For groups, be aware that anyone can update the setting, but an admin can restrict it. Click the chat you want to edit. Click **Group Info** > **Group Permissions**. **Turn on Edit Group Setting**s. Go back to the **Group page** and click **Advanced Chat Privacy** and **turn the feature on or off**.

When using Advanced Chat Privacy, be warned that users who aren’t on the latest version of WhatsApp may still be able to share chats outside of the app, such as auto-downloading media—and you won’t be notified if this is the case.

**Disable Read Receipts**

One of the less private features in WhatsApp is the ability for a recipient to see when you’ve read a message via the blue-tick read receipts. You can disable these, but be aware that it works both ways, and you won’t be able to see when others read your messages. The feature doesn’t apply to group chats. Go to your **Settings** > **Privacy** > **Read Receipts** and **toggle the feature off**.

**Turn Off Media Downloads**

WhatsApp automatically saves the videos and photos sent to your phone, which is annoying to say the least. To prevent this, go to your **Settings** > **Chats** and **turn off Save to Photos**.

At the same time, WhatsApp allows you to send media and voice notes for one-time viewing. Just select the media you’d like to send, but before doing so **tap the ‘1’ icon** in the **caption field**.

All that said, WhatsApp says it takes the role of providing private communication “incredibly seriously.”

“We continue to lead the industry in meaningful innovations that protect people’s messages and calls, including through collaboration with security researchers to strengthen our defenses,” WhatsApp spokesperson Ellie Heatrick tells WIRED. “With every feature we build, we sweat the details to protect what matters most: The ability to communicate privately and securely.”

8 WhatsApp Features to Boost Your Security and Privacy

Being targeted by sophisticated spyware is relatively rare, but experts say that everyone needs to stay vigilant as this dangerous malware continues to proliferate worldwide.

In December, hundreds of iPhone and Android users received a threat notification, warning them their device had been targeted by spyware. Days later, Apple and Google patched security holes that experts think were used to plant the stealthy malware on a select group of devices.

Spyware is so dangerous because the adversary is able to see and hear everything you do on your smartphone, including via encrypted messaging apps such as WhatsApp and Signal. But it tends to be extremely targeted against dissidents, journalists, politicians, and business leaders operating in certain sectors.

The malware has hit a number of high-profile people, including former Amazon CEO Jeff Bezos and Hanan Elatr, wife of murdered Saudi dissident Jamal Khashoggi—who were both compromised by NSO Group’s Pegasus spyware.

Today, spyware remains just as prolific in these circles, but experts think its impact could be widening. In early December, as Google issued its threat notification, the tech firm’s researchers detailed how an exploit chain was used to install Predator spyware surreptitiously onto a device.

It came after an alert issued by the US Cybersecurity and Infrastructure Security Agency (CISA), warning users that adversaries are “actively leveraging” commercial spyware to target mobile messaging applications.

As the risk increases, what can you do to protect your Android device or Apple iPhone?

**Zero-Click Attacks**

Spyware often hits smartphones in so-called zero-click attacks, meaning your phone can become infected without clicking a link, downloading a malicious image, or any other kind of user interaction.

The attack cannot be mitigated via the usual routes. If the malware has infected your smartphone, adversaries can “read messages, observe keystrokes, take screenshots, monitor notifications, and access banking apps,” according to Pieter Arntz, a senior malware researcher at security firm Malwarebytes.

With full system access, spyware can “exfiltrate data such as emails and texts, send messages, steal credentials, and log in to cloud systems,” says Rocky Cole, cofounder of iVerify, an app that helps users to detect spyware.

Aside from zero-click attacks, spyware can infect a device when someone clicks on a compromised link sent over text, email, or social media. Meanwhile, the malware can hide in malicious apps that appear to be legit. It can also be concealed in an image file and downloaded via a message, or get onto your smartphone due to vulnerabilities in your browser.

Infection usually starts through malicious links and fake apps, but it is also taking place via “more subtle methods,” says Richard LaTulip, a field CISO at security company Recorded Future, which collaborated with Google’s threat intelligence team on the Predator spyware findings.

LaTulip cites the example of recent research on malicious browser extensions affecting millions of users that shows “how seemingly harmless tools can become surveillance devices.”

These techniques, often developed by nation-state adversaries linked to governments, indicate a trend toward “more covert, persistent, and device-level compromises,” he says.

**A Bigger Problem**

Over the past few years, spyware has become a growing issue. Governments and the companies that make the malware say the surveillance tools are used to target only criminals and terrorists, or for national security purposes.

“But the truth is that human rights activists, journalists, and many others across the world have been unlawfully targeted with spyware,” Rebecca White, Amnesty International’s researcher on targeted surveillance, tells WIRED. “In this way, spyware can be used as a tool of repression—to silence people speaking truth to power.”

Thai activist Niraphorn Onnkhaow is a prime example. Between 2020 and 2021, at the height of Thailand’s pro-democracy protests, Onnkhaow was targeted 14 times by Pegasus spyware. Soon afterward, she decided to end her role in the protest movement amid fears that her private data could be weaponized against her.

“Data can be weaponized and lead to more abuse, online and offline—especially for people who already face discrimination based on their identity; for example, on the basis of gender or race,” White says.

Beyond activists, mobile spyware appears to be targeting a wider subset of people, often within a business environment. The malware is hitting “a wide range of society,” from government officials to financial IT workers, says iVerify’s Cole. “Increasingly, it's used beyond intelligence gathering, to steal credentials for enterprise access.”

**Signs You’ve Been Hit**

Spyware is difficult to detect—especially sophisticated strains such as Pegasus and Predator, which are typically only discovered via forensic analysis. But you might notice some subtle signs, such as your device overheating or slowing down, or your camera or mic activating when they’re not supposed to be in use.

While advanced spyware may leave little to no visible trace, sudden drops in performance or changes in connectivity can serve as early warning signs, says LaTulip.

One more obvious indicator of being hit by a sophisticated campaign is an official threat notification from Apple, Meta, or Google. This “should be taken seriously,” White says.

Another sign is leaked private information that you haven’t shared previously, or if colleagues or friends have been compromised.

**How to Prevent and Mitigate Spyware**

The most reliable way to mitigate spyware is to prevent your device being taken over in the first place. If you think you may be at risk, Apple offers Lockdown Mode, which includes a higher level of security with reduced functionality that has improved over time as the feature has been updated. For example, it blocks most message attachments and incoming FaceTime calls.

To enable Lockdown Mode on your iPhone, go to **Settings** > **Privacy & Security** > **Lockdown Mode** and tap **Turn On Lockdown Mode**.

Ivan Krstić, vice president of Apple security engineering and architecture, tells WIRED there “has never been a successful, widespread malware attack” against the iPhone. The only system-level iOS attacks Apple has seen in the wild come from mercenary spyware, according to the iPhone maker. In other words, iPhones have been infected with spyware, but only the most sophisticated type, Krstić says.

Krstić describes how mercenary spyware is “historically associated with state actors and costs millions of dollars to target a very small number of specific individuals and their devices.” He adds that Apple has continued to develop new methods for combating spyware, including Lockdown Mode and Memory Integrity Enforcement.” Introduced alongside the latest iPhone line-up, Memory Integrity Enforcement is a “comprehensive, always-on memory-safety protection,” which helps prevent memory corruption exploits often used in spyware attack chains.

Krstić is confident about Memory Integrity Enforcement’s advancements, claiming that the new feature is “the most significant upgrade to memory safety in the history of consumer operating systems.”

Google offers spyware protection for Android called Advanced Protection, which has been enhanced in Android 16 with intrusion logging, USB protection and the option to disable auto-reconnect to insecure networks. It can be enabled via your **Settings** > **Security & Privacy** > **Other Settings** > **Advanced Protection**.

In addition to using anti-spyware features, all users should be mindful of clicking links from strangers, says White. “Pay attention to changes in devices’ functioning. Using a reputable VPN can help prevent some forms of surveillance and censorship,” she says. “Evaluate any new requests for social media followers before accepting. Visit Amnesty’s secure onion website, privately and anonymously, using the Tor network’s browser.”

More generally, exercise “strict control” over what gets installed on your device, adds Arntz.

At the same time, avoid side-loading on Android and ensure your mobile operating system and apps are fully updated. “Patches often close the same vulnerabilities that spyware relies on,” warns LaTulip.

Experts say spyware can be temporarily disrupted by turning your smartphone off and on again. However, if the malware does get on your device, the best course of action is to ditch it altogether.

Alongside Amnesty, several organizations can support members of civil society concerned they have been targeted with spyware, such as Access Now and Reporters Without Borders.

Above all, operate with a healthy skepticism, says LaTulip. “Assume compromise is possible, but avoid the paranoia that shuts down normal use.”

How to Protect Your iPhone or Android Device From Spyware

The tactics behind protest policing are changing—from one of cooperation to intentional antagonism for political marketing purposes.

In 2025, protest policing in major US cities increasingly took on the character of a spectacle: overwhelming deployments, theatrical staging, and aggressive crowd-control tactics that emphasized signaling power over maintaining public safety. This was not a one-off episode; it followed the deployment of federal troops into multiple Democratic-led cities, prompting lawsuits and court challenges that local leaders described, with justification, as militarized intimidation.

Los Angeles provided an early template. After protests erupted in June over an increase in aggressive Immigration and Customs Enforcement raids, President Donald Trump ordered roughly 4,000 federalized National Guard troops into the city and activated about 700 US Marines. At the same time, he signaled—online and through traditional media—a willingness to escalate even further by invoking the Insurrection Act. Troops stood shoulder to shoulder with long guns and riot shields as smoke canisters and crowd-control munitions blanketed highways and city streets, a posture nominally framed as deescalation and for the protection of federal property but calibrated to provoke confrontation.

Inside the Pentagon, officials rushed to draft domestic use-of-force guidance for Marines that contemplated temporary civilian detention—an unusually explicit entry into a legal gray area, paired with a highly visible show of force.

By August, the federal government shifted from episodic deployment to direct control: Trump placed Washington, DC’s police department under federal authority and deployed roughly 800 National Guard troops, exploiting the district’s unique legal vulnerability. The Washington Post described the city as a “laboratory for a militarized approach.”

The administration’s rhetoric was not subtle—Trump cast the crackdown as an image project, calling Washington a “wasteland for the world to see,” and openly endorsing fear as a policing tactic, urging officers to “knock the hell out of them.” City leaders countered that the supposed emergency was manufactured, noting that crime in the capital was at multi-decade lows. In city after city, “restoring order” became a flimsy euphemism for preemptive displays of force aimed at deterring dissent before it reached the streets.

Across Chicagoland, protest control became overtly choreographed. As “Operation Midway Blitz” intensified in September, officials erected barricades and “protest zones” around the Broadview ICE facility. State police in riot gear lined perimeters, while federal agents repeatedly fired tear gas and other projectiles into crowds, according to videos and witness accounts. The most brazen moment came when homeland security secretary Kristi Noem appeared on the facility’s roof beside armed agents and a camera crew, positioned near a sniper’s post, as arrests unfolded below.

This was performative policing at its most distilled: public safety reduced to a spectacle with vaguely defined urban threats cast as the danger being neutralized. The absurdity of the displays allowed routine acts of disorderly conduct to be perceived as folk-hero moments.

This performative turn didn’t emerge from nowhere. It displaced a quieter, less theatrical—but still controlling—model that had dominated US protest policing for decades. Policing scholars refer to it as strategic incapacitation: a practice whereby conditions are shaped so that protests can’t become effective in the first place.

Strategic incapacitation is policing by preemption. Rather than responding to crowds, police constrain when, where, and whether they can form at all. The toolkit overlaps with what protesters experienced in 2025: expansive surveillance, intelligence sharing, selective preemptive arrests, and “less-lethal” disruption—but the objective is more procedural than demonstrative. Protest is treated as an inherent risk, managed through no-go zones, curfews, press restrictions, and designated First Amendment areas designed to prevent organic growth.

The model began to coalesce in the late 1990s, as police agencies moved away from earlier approaches that had, for a time, encouraged nonviolent protest. That earlier shift reflected hard-earned lessons: violent crackdowns throughout much of the early 20th century often backfired, generating public sympathy for movements that might otherwise have remained marginal. Security-style protest policing accelerated after 9/11, driven by police intelligence units operating under national security frameworks and by lessons drawn from earlier confrontations—most notably the 1999 World Trade Organization protests in Seattle—where activists viewed negotiation as political surrender.

As formally permitted demonstrations gave way to impromptu, social-media-driven protests, police responded with expanded surveillance, tighter control of physical space, and covert intelligence-gathering efforts that relied on technologies first introduced on battlefields. The approach scaled seamlessly into the post-9/11 fusion-center ecosystem: threat assessments heavy with speculation, coordinated planning designed to constrain dissent, and information campaigns that framed protesters as dangerous outsiders.

Public sentiment became a critical lever. While Americans tend to resist overt militarization against First Amendment activity, fear of protesters reliably increases support for riot deployments, mass arrests, and force, providing a ready-made justification for escalation. Before this preemptive model took hold, protest policing had already undergone a reputational reckoning. In the 1960s, police responses relied on large shows of force—batons, dogs, fire hoses—and brutal violence against labor, civil rights, and antiwar demonstrators. By the 1970s, the costs of injuries, deaths, property damage, and political fallout pushed authorities to seek a less volatile approach.

That alternative became a bureaucratic system built on permits, advanced coordination, and predictable rules. Developed most clearly in Washington, DC, it aimed to preserve speech rights while limiting disruption through communication, restraint, and minimal use of force, with arrests treated as a last resort, when not carefully planned and prearranged. Court rulings, training programs, and standardized permitting systems spread the model nationwide. What began as a pragmatic response to cycles of unrest and force that produced little political or public-safety gain became the dominant public-order framework for decades.

Together, these shifts trace a clear arc in US protest policing—from suppression, to management, to prevention, to performance—where authority is asserted as much through optics and narrative today as it is by force.

How Protesters Became Content for the Cops

Government staffing cuts and instability, including this year’s prolonged shutdown, could be hindering US digital defense and creating vulnerabilities.

As the first year of the Trump administration approaches its end, government cybersecurity experts and even some United States government officials are warning that recent White House initiatives—including downsizing and restructuring of the US federal workforce—risk setting the government back on improving and expanding its digital defenses.

For years, the federal government was playing catch-up on cybersecurity, scrambling to replace ancient software, apply security patches to newer systems, and deploy other baseline protections across a massive and disparate population of PCs and other gadgets. With so many agencies and offices that needed upgrading, it was slow going. But as repeated government data breaches drew urgent attention to the issue, and as the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency—founded in 2018—established itself during the early 2020s, minimum standards seemed to be rising. Now, with major staffing cuts at CISA and in other key departments across the government, that incremental progress could quickly erode.

“We’ve spent a lot of time trying to encourage the government to do more, and CISA was doing, you know, a better job,” retiring comptroller general Gene Dodaro told the US Senate Committee on Homeland Security and Governmental Affairs on December 16. He added that the Government Accountability Office has “a lot of open recommendations still for them to do. But I’m concerned that we’re taking our foot off the gas at CISA, and I think we’ll live to regret it.”

CISA lost about 1,000 people, more than a third of its staff, as a result of cuts that seemed to be motivated by the Trump administration’s anger about the agency’s election security work. Cybersecurity Dive reported in mid-November that the agency is planning to rebuild in 2026.

“The recent reduction in personnel has limited CISA’s ability to fully support national security imperatives and administration priorities,” acting CISA director Madhu Gottumukkala wrote in a memo to staff at the beginning of November. He added that that agency has “reached a pivotal moment” but is “hampered by an approximately 40 percent vacancy rate across key mission areas.”

When asked for comment about staffing cuts at CISA and the administration’s plans for maintaining and improving federal cybersecurity and critical infrastructure defenses, the White House referred WIRED to the Department of Homeland Security.

CISA director of public affairs Marci McCarthy told WIRED in a statement that the agency is focused on executing its statutory mission. “Claims that staffing adjustments are weakening cybersecurity miss the truth,” she said in the statement. “We are accelerating innovation, deepening operational collaboration, and directing resources where they yield the greatest return.”

This fall’s weekslong government shutdown only added to concerns about the state of federal cybersecurity—creating the possibility of blind spots or gaps in monitoring while so many workers were furloughed and contributing in general to the already extensive IT backlog at agencies across the government.

“Federal IT workers, they are good jobs, there’s not enough resources for the issues that they have to deal with,” one former national security official, who requested anonymity because they are not authorized to speak to the press, told WIRED. “It’s always underfunded. They always have to catch up.”

Amélie Koran, a cybersecurity consultant and former chief enterprise security architect for the Department of Interior, notes that one of the most significant impacts of the shutdown likely involved disrupting, or in some cases potentially ending, relationships with specialized government contractors who may have needed to take other jobs in order to get paid but whose institutional knowledge is difficult to replace.

Koran adds, too, that given the limited scope of the continuing resolution Congress passed to reopen the government, “no new contracts and extensions or options are probably being done, which will cascade to next year and beyond.”

While it is unclear if the shutdown was a contributing factor, the United States Congressional Budget Office said more than five weeks into the ordeal that it had suffered a hack and had taken steps to contain the breach. The Washington Post reported at the time that the agency was infiltrated by a “suspected foreign actor.” And after years of incredibly consequential US government data breaches—including the 2015 Office of Personnel Management hack perpetrated by China and the sprawling, multi-agency breach launched by Russia in 2020 that is often called the SolarWinds hack—experts warn that inconsistent staffing and reduced hiring at key agencies like CISA could have disastrous consequences.

“When, not if, we have a major cybersecurity incident within the federal government, we can’t simply staff up with additional cybersecurity resources after the fact and expect the same outcomes we would get from long-tenured staff,” says Jake Williams, a former NSA hacker and current vice president of research and development at Hunter Strategy.

Brain drain, Williams says, and any loss of momentum on digital defense, is a serious concern for the US.

“On a daily basis I’m worrying that federal cybersecurity and critical infrastructure protection may be backsliding,” Williams says. “We must stay ahead of the curve.”

Source

Wired