Brian Krebs broke the news this week that America’s top cyber agency has the security habits of a confused teenager. The Cybersecurity & Infrastructure Agency, or CISA, left a massive store of plaintext passwords and private keys in a public GitHub repo. The repository was aspirationally named Private-CISA, but it was visible to anyone with an internet connection since last November. Security researcher Philippe Caturegli confirmed the leak was no joke, successfully using the credentials to gain high-level access to government cloud accounts.

GitGuardian discovered that the agency’s administrator had manually disabled GitHub’s default protections against committing secrets. These are the same basic safeguards designed to protect unskilled developers from their own mistakes. The leak included SSH private keys and tokens that could have allowed an attacker to walk right into multiple Amazon Web Services GovCloud accounts. While the agency warns the private sector about the risks of AI-driven hacking, they appear to have left the digital front door wide open with a physical key under the mat.

This display of incompetence comes as the world’s elite move toward the Cognitive Enclosure. Companies like Google and Microsoft are adopting advanced computer security designs from the late Dr. Peter G. Neumann, who spent 93 years warning us about this exact kind of complexity. Microsoft recently fixed 17 critical flaws, 16 of which were discovered by an autonomous AI agent. It seems the only way to protect the government from its own stupidity is to replace the humans with a more reliable machine subscription.