Sign in Subscribe
6 min read Letter

Keys to the fortress

A Nobel in chemistry for structures that pull water from desert air. A former FBI chief faces Trump’s Justice Department in court. + Red Hat’s consulting breach—800 clients exposed through a trusted partner.
The District bureau
Wednesday, Week XLI, MMXXV

Recently: Fifty comedians playing in Saudi Arabia, millions of dollars, and one head-scratcher: Why are they doing this? John Jamesen Gould on the Riyadh Comedy Festival.

Today: Attackers didn’t want software from IBM’s Red Hat. They wanted something more valuable: the passwords, network maps, and access credentials for 800 clients. All of it sitting in repositories because these consultants need that information to do their jobs—integrating software into client systems.

For members: What’s so special about the Chinese tech multinational Huawei? Eva Dou’s House of Huawei: Inside the Secret World of China’s Most Powerful Company.

& New music from µ-Ziq ...

Developments

  • Molecular architecture for climate problems. Three scientists won the Nobel Prize in Chemistry on Wednesday for developing metal-organic frameworks—porous molecular structures that can capture carbon dioxide from the atmosphere or extract water from desert air. Susumu Kitagawa of Kyoto University, Richard Robson of the University of Melbourne, and Omar Yaghi of UC Berkeley share the prize for work the Nobel Committee says creates “new rooms for chemistry.” Yaghi, born in Jordan to Palestinian refugee parents, told reporters he was “astonished” when he received the call while transiting flights.
  • The indictment in Virginia. The former director of the U.S. Federal Bureau of Investigation James Comey was arraigned on Wednesday in a federal court in Alexandria, Virginia, on charges of making false statements and obstructing a congressional proceeding—the first time President Donald Trump has secured the indictment of a prominent opponent. The charges stem from Comey’s 2020 Senate testimony about FBI leak investigations during the 2016 election. Trump’s Justice Department brought the case after replacing a U.S. attorney who found insufficient evidence, installing Lindsey Halligan—Trump’s former personal lawyer with no prosecutorial experience—who signed the indictment alone. Comey pleaded not guilty.
  • Consultants as vulnerabilities. The cybercrime group Crimson Collective claims to have stolen 570 gigabytes of data from Red Hat—the open-source enterprise-software company owned by IBM. The breach targeted repositories used by Red Hat’s consulting division, potentially exposing infrastructure details and credentials for roughly 800 organizations, including Bank of America, the U.S. Navy, and AT&T. Red Hat confirmed the October 2 breach but said its core products and software supply chain remain secure.
  • Two years, still counting. Israel marked the second anniversary of the October 2023 Hamas attacks on Monday and Tuesday with memorial ceremonies as indirect ceasefire negotiations continued in Egypt. Hamas killed about 1,200 people and abducted 251 hostages two years ago; 48 hostages remain in Gaza, with roughly 20 believed alive. The war has killed more than 67,000 Palestinians, according to Gaza health authorities. Negotiators in Sharm el-Sheikh are discussing President Trump’s 20-point proposal, with sources describing Monday’s session as “positive”—though Israeli strikes continued during the talks.
  • In Washington, D.C., day eight. The U.S. government shutdown entered its eighth day on Wednesday with no signs of progress, as Republicans and Democrats remain deadlocked over healthcare subsidies tied to the Affordable Care Act. About 750,000 federal employees are furloughed, with another 700,000 working without pay. House Speaker Mike Johnson said the House won’t return until the Senate acts. The Trump administration’s budget office has claimed—contradicting a 2019 law—that furloughed workers aren’t automatically entitled to back pay, a legal interpretation Democrats say is designed to maximize Republican leverage.
Out now from The Signal

Keys to the fortress

Red Hat confirmed last week that hackers breached a GitLab instance used by its consulting division, accessing data from engagements with roughly 800 clients. The compromised system held Customer Engagement Reports—documents that can contain infrastructure blueprints, authentication tokens, database credentials, and VPN configurations. Crimson Collective, the group claiming responsibility, says it pulled 570 gigabytes across more than 28,000 repositories. The list of potentially affected organizations reads like a directory of critical infrastructure: banks, telecommunications firms, government agencies, the U.S. Navy.

Red Hat emphasizes the breach didn’t touch its core products or software supply chain. That’s true and beside the point. The attackers weren’t after Red Hat’s code. They were after the layer where Red Hat’s consulting arm integrates that code into client systems—the handoff point where vendor meets customer, where trust relationships create access, where credentials live in repositories because they have to. Consulting environments occupy a strange position in enterprise security: too integrated to be treated as external, too distributed to be locked down like internal systems. They exist in the gap between vendor and client, holding exactly the kind of information that makes lateral movement possible.

What Crimson Collective appears to have understood is that you don’t need to breach the fortress when you can breach the people with keys to the fortress. Customer Engagement Reports aren’t just documentation. They’re operational intelligence—maps of how systems connect, where authentication happens, what the network topology looks like. If the group’s claims are accurate, they now hold reconnaissance data for hundreds of organizations that paid for Red Hat’s expertise in deploying secure systems. The breach converts consulting relationships into exposure, expertise into vulnerability. Organizations that engaged Red Hat precisely because they wanted help securing their infrastructure now face the odds that those same integration projects created new attack surfaces.

The Signal’s new print extra is here. A limited-run newsprint magazine, Out of Control explores the global battle over money and assets between dictators and dissidents.

This special edition features conversations with Félix MaradiagaFarida NabouremaRoger Huang, and Justin Callais—on what financial repression is, how dissidents are using Bitcoin, why countries around the world are developing their own digital currencies, and what financial repression in the autocratic world has to do with financial freedom in democracies.

Currently available in the U.S.A. To register interest in ordering internationally, or with any questions, please be in touch: concierge@thesgnl.com.

Order your copy now
Out now from The Signal

Books

‘Let them do their worst’

What’s so special about the Chinese tech multinational Huawei? Eva Dou, House of Huawei: Inside the Secret World of China’s Most Powerful Company.

Gustav Jönsson

This February, China’s President Xi Jinping convened a meeting of his country’s top tech executives in Beijing’s Great Hall of the People. Almost anyone who mattered was there, including the heads of BYD, Alibaba, DeepSeek, and Xiaomi. At the center of the front row sat Huawei’s founder and CEO, Ren Zhengfei—the man Bloomberg once called the “Darth Vader in the minds of Chinese national-security hawks in Washington worried about China’s rising tech power.” 

During his first term, U.S. President Donald Trump repeatedly said that Huawei poses a threat to the United States. In 2019, he declared the company’s market position a “national emergency,” claiming that “foreign adversaries are increasingly creating and exploiting vulnerabilities in information and communications technology and services.” His former strategist Steve Bannon put it even more colorfully, calling Huawei a “dirty bomb inside industrial democracies.”

Why would Huawei be such a problem?

Read on

Your loyal guide to a changing world.

Membership with The Signal means exclusive access to premium benefits:

  • Regular profiles on the questions behind the headlines
  • In-depth feature interviews with our network of specialist contributors from across America and around the world
  • The despatch, our weekly current-affairs and cultural-intelligence briefing
  • Early access to new products, including print extras

It also means vital support for an independent new enterprise in current-affairs journalism.

Join now

‘Escorial’

Mike Paradinas has been releasing music under the name µ-Ziq since 1993. In fact, he’s of the same vintage as Aphex Twin and Global Communication. An original in the techno space. This is the closing number on his upcoming album, 1979, due on October 31.

Video thumbnail
Mario La Pergola

Recommendations

11
Oct
Can’t get started

Can’t get started

War halts in Gaza as Israel and Hamas begin prisoner exchanges. Peru removes its president in the middle of the night. + Out now—the weekend despatch.
6 min read
09
Oct
The tower goes dark

The tower goes dark

An agreement on Gaza’s first peace phase after two years of war. A new set of American sanctions cut Serbia’s fuel supply. + U.S. air-traffic controllers are working 60-hour weeks without pay—and airports are going dark.
7 min read
07
Oct
Digital fentanyl

Digital fentanyl

The U.S. treasury targets the Sinaloa cartel’s chemical suppliers. A hardline conservative is Japan’s first woman PM. + How TikTok turns casual scrollers into compulsive users—by design.
7 min read
06
Oct
The 24-hour government

The 24-hour government

France’s government collapses in less than a day. Georgia’s opposition tries storming the presidential palace. &c. + When political fragmentation makes even forming a cabinet impossible.
7 min read
05
Oct
‘Ready for a lasting peace’

‘Ready for a lasting peace’

The Czech Republic turns away from Ukraine. The Church of England names its first woman archbishop. + Out now—the weekend despatch.
6 min read