Analysis | The Cybersecurity 202: Fears grow about White House interference at CISA after Krebs’s ouster
“It’s going to be a challenge to overcome the chilling effect from having had a leader of the organization fired for telling the truth,” Suzanne Spaulding, who led DHS cybersecurity operations during the Obama administration, told me.
President Trump fired Krebs on Twitter earlier this week after his public statements contradicting the president’s baseless claims that fraud caused his election loss to Joe Biden and for maintaining a rumor control page that fact- checked some of those claims. Two other top CISA officials were also forced to resign in recent weeks.
As of now, that rumor control page is still up and Krebs will be replaced — at least temporarily and on an acting basis — by Brandon Wales, a longtime Department of Homeland Security official with extensive experience who is well respected at CISA.
But Wales’s days as director could be numbered, especially if the agency continues to draw Trump’s ire by contradicting him.
“If Brandon Wales is allowed to stay in place as acting director, I think CISA is in good hands,” said Spaulding, who worked with Wales when she led a predecessor agency to CISA called the National Protection and Programs Directorate.
“But CISA is going to have to continue its disinformation mission and it’s hard to see how that doesn’t put them in a tough situation vis-a-vis the White House,” she said. “Brandon will have to convey to the organization how important it is to continue to surface what might be seen as bad news, to call it as they see it — and ideally to do it in a way that doesn’t get him immediately removed.”
CISA didn’t respond to a request for comment about its plans for the remainder of the transition.
The White House announced plans in October to bring in Sean Plankey, an Energy Department political appointee, to be CISA’s assistant director, which could put him in line to be director — but he hasn’t yet made the transition.
Wales has been trying to raise morale and salve concerns as he takes the helm.
“A change in leadership is not a change in mission,” he wrote in a letter to CISA staff yesterday.
He stressed the importance of continuing to help states protect election processes, including certifying the presidential election and protecting runoffs in Georgia and Louisiana.
“We made great strides in our election security efforts, and we need to stay focused on continuing to provide the assistance and guidance that state and local election officials have come to rely on,” he wrote.
Wales also emphasized the agency must focus on protecting coronavirus vaccine development by “continu[ing] to support healthcare systems and vaccine manufactures in their defense against ransomware attacks and foreign adversaries.”
CISA Senior Cybersecurity Adviser Matt Masterson also urged calm in a tweet.
But without permanent leadership in place, former officials still fear the agency could be vulnerable to White House pressure.
“What if a massive disinformation operation comes out about the elections or the vaccine? Who’s going to be the voice of truth and rationality?” Phil Reitinger, a top DHS cybersecurity official during the Obama administration, told me. “I’m sure the career people will try, but they need the backing of political people to do the best job.”
There’s also concern the White House could hamper CISA’s efforts to respond to digital attacks aiming to undermine state election officials’ efforts to conduct audits or certify vote totals.
A similar situation might play out if there were digital attacks on groups Trump frequently criticizes, such as Democrats, media organizations and social media companies.
“I worry very much as we face a political apparatus that seems to be oscillating out of control, that directives could come down that severely adversely affect national security,” Reitinger said. “There could be a major incident and it would not shock me if word came down, ‘You guys help people who are politically useful to me and don’t help those who aren’t.’”
More officials also stepped forward to praise Krebs and protest his firing — including some Republicans.
Former national security advisor John Bolton told my colleague Robert Costa that Trump had no “legitimate reason” to fire Krebs.
“I’m sure the reason he fired Chris Krebs was that Krebs said there was no evidence in cyberspace of fraud, election hacking or other malfeasance, which is completely contradictory to the fantasy world that the president lives in,” he said.
Ohio Secretary of State Frank LaRose (R) told StateScoop’s Benjamin Freed that Krebs “has been a strong partner to me and my team, as well as state election officials across the nation, and I’m disappointed to see him go.” LaRose, who openly criticized Trump’s pre-election claims about election fraud, appeared to be the only Republican secretary of state to criticize Krebs’s firing.
Outgoing Rep. Will Hurd (R-Tex.) was more definitive in his statement on Twitter:
Praise also came in from colleagues.
“The professionals at CISA and Chris Krebs deserve a ton of credit for keeping a watchful eye on our nation-state adversaries,” Brian Harrell, former assistant director at CISA, told me. “It’s a shame that in this administration you can be fired for safeguarding the American people and faithfully doing your duties.”
Spaulding also praised Krebs, who she said “knows he did the right thing and he can sleep well at night.”
“But I do worry about the rest of the men and women at CISA,” she said, “who are having to experience what so many in the government have experienced over the last four years — having to deal with picking up the pieces and continuing your mission in the midst of a political maelstrom.”
Georgia will announce the results of its statewide audit of all 5 million ballots at noon today.
Officials expressed confidence the initial results would not be overturned or found to be seriously flawed, Michelle Lee and Felicia Sonmez report. So far officials have found discrepancies in just four counties, decreasing Biden's lead in the state from 14,156 to 12,781.
Only 21 of the state's 159 counties had not yet reported results yesterday afternoon.The audit involved hand counting all the state's ballots because Biden's victory was so slim. But it wasn't an official recount. Trump could still request such a recount two days after the state certifies the results on Friday. Gabriel Sterling, who manages the voting information system in Georgia, said officials were preparing for that possibility.
“We feel good about where we stand right now. We feel comfortable about the direction of the audit,” Sterling said. “I’m prayerful that we can get through this, and that we can find a way to have everybody, at the end of the day — Republicans, Democrats, Libertarians, socialist, whatever — have faith in the outcome of the election, regardless of how it came out.”
The Trump campaign is seeking a recount in two Wisconsin counties.
It's unlikely the recount of the two Democratic counties would reverse his loss, experts say. Trump trails Biden by about 20,600 votes, or about 0.6 percent, in the state, Rosalind S. Helderman reports. About 804,000 ballots were cast in the two counties the campaign is paying to recount.
The state will have 13 days to complete the process.
The campaign just narrowly beat the state's deadline to file for a recount. Recounting the whole state would have cost the campaign around $8 million. Recounting the two counties will cost around $3 million. The recounting process will prolong Trump's ability to raise public doubts about his loss in the state and the presidential election.
Wisconsin law automatically allows for a candidate to request a recount if the margin of victory is under 1 percent. Trump allies have failed to secure recounts in other states, including Arizona.
A bill tightening cybersecurity requirements for government-owned Internet-connected devices is prepped to become law.
The bill mandates that devices must meet minimum cybersecurity standards from the Commerce Department. Providers must also immediately notify agencies if their devices have a cybersecurity vulnerability under the law.
The bill passed the House and Senate unanimously.
“The bipartisan Internet of Things Cybersecurity Improvement Act will ensure that the U.S. government purchases secure devices,” said Rep. Robin L. Kelly (D-Ill.), who sponsored the bill.
Hurd also sponsored the bill in the House, and Sens. Mark R. Warner (D-Va.) and Cory Gardner (R-Colo.) sponsored the Senate version.
Separately, Sen. Ron Wyden (D-Ore.) and Rep. Lauren Underwood (D-Ill.) introduced a bill that would make it harder for federal agencies to opt out of cybersecurity rules. Underwood is chair of the House Homeland Security Committee's cybersecurity subcommittee.
Canada's intelligence agency called out China, Russia, Iran and North Korea as major cybercrime threats for the first time in a report.
The nation follows the United States and the United Kingdom in specifically calling out those countries as threats during an uptick in nation-sponsored hacking during the pandemic, David Ljunggreen at Reuters reports. The four nations have largely denied any attempts to hack other nations' infrastructure.
More cybersecurity news:
The New York Times's Kate Conger spins a roaring tale of how a cybersecurity maverick's beloved pig couch became the source of numerous Craigslist scams.
Roesch joined in on the fun:
Some more fun trivia from the piece.
- MIT Technology Review’s CyberSecure conference will take place Dec. 2 and 3.
Secure log off
The government official holding up Biden's transition by refusing to release funds for it spoke up on Twitter. About what? We aren't quite sure.
or reload the browser