Analysis | The Cybersecurity 202: Firing CISA chief leaves Trump unchecked to make false claims about election fraud.
“This is the first business in history where the surest way of getting fired is doing your job” Sen. Angus King (I-Maine) told me when rumors about Krebs’s firing began circulating.
Krebs's firing is part of a government effort to clean house at the Homeland Security Department agency that vouched for the security of the 2020 election. Krebs's agency also ran a “Rumor Control ”page that knocked back phony election fraud claims — including some made by the president.
Following that move, acting homeland security secretary Chad Wolf told Krebs’s deputy Matthew Travis that the White House was also forcing him to resign, effectively purging CISA of its top leadership, Ellen Nakashima and Nick Miroff report. The assistant director for CISA’s cybersecurity division, Bryan Ware, was forced to resign last week.
Krebs shepherded the federal government from playing virtually no role in protecting elections against foreign interference before 2016 to serving as a go-to source for cybersecurity know-how, testing and intelligence.
His agency was widely credited with helping to ensure the 2020 election was free of foreign interference four years after Russia upended the 2016 contest.
Trump’s move could hamper CISA’s efforts to protect the election from foreign interference as audits, canvassing and certification continue across the country.
Adversaries might still target those efforts with online disinformation or sow public anxiety by locking up or defacing official websites that report on them.
Georgia is also still conducting a statewide hand audit of its presidential vote and two January runoffs that could decide control of the Senate, which could be ripe for foreign interference.
And it will make it far harder for CISA to protect against other hacking and disinformation campaigns during the presidential transition, such as those aimed at undermining faith in a coronavirus vaccine.
“CISA’s job is not done. We’re in a very dangerous period,” said King, who led a major government and industry review that recommended raising CISA’s profile called the Cyber Solarium Commission.
Krebs was defiant on Twitter.
Trump had been rumored to be preparing to fire him since Thursday and during those five days Krebs repeatedly asserted his independence — and tempted the president’s ire — with tweets and retweets that vouched for the election’s integrity and disputed false claims.
Hours before being fired yesterday, he tweeted out a statement by 59 election experts calling claims of election fraud “unsubstantiated” or “technically incoherent.”
Less than an hour after being fired, he tweeted another defense from his personal account:
Later that evening, he touted the Rumor Control page that drew Trump’s outrage.
He tweeted this this morning:
A spokesman for the Biden campaign commended Krebs and criticized Trump for firing him.
“Chris Krebs should be commended for his service in protecting our elections, not fired for telling the truth,” spokesman Michael Gwin said. “Bipartisan election officials in the administration itself — and around the country — have made clear that Donald Trump's claims of widespread voter fraud are categorically false and Trump’s embarrassing refusal to accept that reality lays bare how baseless and desperate his flailing is.”
In the end, Krebs’s firing has done nothing to shift Trump’s near nonexistent chances of overturning the election’s outcome.
Nor have any of Trump’s other efforts to cast doubt on the election’s legitimacy.
Yesterday, Michigan appeared poised to certify Joe Biden as the winner of the state’s electoral vote after Republicans in Wayne County, which includes Detroit, relented in a short-lived effort refusing to certify the results, Kayla Ruble and Tom Hamburger report.
In Georgia, another key state that Biden won, Secretary of State Brad Raffensperger (R) said it’s highly unlikely that a hand audit of all the state votes, which faces a deadline tomorrow, will deliver the 14,000-vote shift Trump would need to win there.
But that hasn’t hampered the president’s baseless allegations.
In his pair of tweets firing Krebs, he repeated a slew of false claims that CISA had debunked. They included that voting machines changed votes and that numerous ballots were cast on behalf of the deceased.
The tweets were both labeled as “disputed” by Twitter.
Krebs’s success on election security was due largely to a fierce nonpartisanship, which convinced Republican and Democratic election officials to work with the agency.
As he took the reins of the agency in 2017, the relationship with state officials was at a low ebb. Secretaries of state had signed a unanimous declaration criticizing the agency for what they considered an attempted federal takeover after 2016’s Russian interference. Georgia’s then-Secretary of State Brian Kemp even erroneously accused the Department of Homeland Security of trying to hack his agency. In fact, the network traffic Kemp thought was evidence of hacking was just his workers visiting DHS databases.
Four years later, states and CISA formed a unified front on election security. No secretaries have echoed Trump’s baseless election fraud claims. Some, including Raffensperger, have openly disputed them.
“[Krebs] kept cyber an apolitical issue and he kept his head down,” Kiersten Todt, president of Liberty Group Ventures, who led an Obama-era cybersecurity commission, told me. “When you look at the fact that we didn’t have any disruption on Election Day, that’s a credit to his work and collaboration across parties and with state and local governments.”
She called the president firing Krebs “disappointing and irresponsible.”
Democrats savaged Trump for firing Krebs.
“The death throes of the Trump Administration increasingly put our national security in jeopardy,” warned Rep. Jim Langevin (D-R.I.), co-founder of the Congressional Cybersecurity Caucus. “It is sadly ironic that Chris’s greatest success is the reason he has been removed from office. The President’s inability to accept the election results and his lashing out at those willing to speak the truth about his lies has gone from petulant to downright dangerous.”
California Secretary of State Alex Padilla (D) warned that the president’s “ongoing purge of respected, competent leaders who refuse to perpetuate Trump’s delusional conspiracy theories about the election is a disturbing sign for American government.”
“The President’s decision to fire Director Krebs makes America less safe,” House Homeland Security Committee Chairman Bennie G. Thompson (D-Miss.) and Rep. Lauren Underwood (D-Ill.), chair of the committee’s cybersecurity panel, said in a joint statement.
Sen. Ben Sasse (R-Neb.), another Cyber Solarium Commission co-chair, was one of the few Republicans to criticize Krebs’s ouster. Via Aaron Blake:
Sen. Richard Burr (R-N.C.) called Krebs “a dedicated public servant who has done a remarkable job during a challenging time.” He called CISA’s work “essential in protecting the 2020 U.S. presidential election against threats of foreign interference.”
Burr was chairman of the Senate Intelligence Committee but temporarily stepped down because of an ethics investigation.
More praise from House Speaker Nancy Pelosi (D-Calif.):
Sen. Elizabeth Warren (D-Mass.):
Election and cybersecurity pros also praised Krebs on Twitter.
Here’s Miles Taylor, a former DHS chief of staff, who revealed himself as the anonymous author of an op-ed and book criticizing Trump:
Ciaran Martin, former head of the United Kingdom’s top digital spying agency:
Ellen Weintraub, a Democratic member of the Federal Election Commission:
Paul Rosenzweig, a top DHS official during the George W. Bush administration who has been highly critical of Trump:
A key cybersecurity lawmaker will be going to the White House.
Biden named Rep. Cedric L. Richmond (D-La.) as senior adviser to the president and director of the White House Office of Public Engagement, Sean Sullivan and Michael Scherer report.
Richmond, a former leader of the House Committee on Homeland Security’s cybersecurity subcommittee, spearheaded congressional efforts to fund state and local cybersecurity improvements, including legislation for $400 million in grants that passed the House.
Rep. Bennie G. Thompson (D-Miss.), chairman of the Committee on Homeland Security, praised Richmond’s contributions.
“Congressman Richmond has been a leader on homeland security and cybersecurity issues for many years and I fully expect him to bring that experience and knowledge to the White House next year,” Thompson told the Cybersecurity 202.
Russia may not have hacked the election because domestic disruption was already so prevalent.
With a rise in domestic disinformation and President Trump raising doubts about the legitimacy of the election, Russia had less of a reason to step in and risk blowback, analysts tell Nakashima.
“I am convinced that if Moscow had the strong intent to interfere in this year’s elections to the same level they did in 2016, no amount of cyber counterattacks would have stopped them,” said Dmitri Alperovitch, co-founder of the Silverado Policy Accelerator think tank who helped expose Russia's 2016 election interference as a co-founder of the cybersecurity firm Crowdstrike. “The fact that they didn’t go that far this year is very significant.”
Increased U.S. government preparedness to combat election interference also probably played an important role. U.S. Cyber Command went on the offensive by attacking Russian hacking and disinformation systems ahead of the election, for instance.
Republican and Democratic lawmakers are both displeased by social media labels on Trump’s election fraud claims.
Republicans said the labels showed bias against conservatives during a Senate hearing with Facebook and Twitter CEOs, while Democrats said the platforms did not go far enough, Cat Zakrzewski and Rachel Lerman report.
“You have used this power to run amok,” Sen. Marsha Blackburn (R-Tenn.) said at the Senate Commerce Committee hearing. “You have used this power to silence conservatives.”
Democrats, meanwhile, argued that simply labeling Trump’s false tweets alleging he won the election and his unfounded claims of voter fraud were not effective enough.
Sen. Richard Blumenthal (D-Conn.) said the companies were giving Trump a platform to spread lies “in an apparent attempt to overturn the will of the voters.”
Twitter CEO Jack Dorsey defended the labels, which link out to news coverage.
“I do believe that connecting people to the larger conversation, to give them more context, is the right avenue,” he said.
The House passed two cybersecurity-related bills yesterday.
The Utilizing Strategic Allied Telecommunications Act of 2020 would create a new grant program through the National Telecommunications and Information Administration to promote technology that enhances supply-chain security in 5G telecom networks.
The Combating Pandemic Scams Act of 2020 would require the FTC to inform the public about scams related to the coronavirus, disseminate information about reporting virus scams and establish a national database for such information.
It's unclear if either bill will pass the Senate during the lame duck period.
More cybersecurity news:
Another of Krebs's legacies: A social media campaign that taught lessons about disinformation by asking the question: Does pineapple belong on pizza?
Georgetown disinformation researcher Оlga Belogolova:
Ingraham County, Mich., Clerk Barb Byrum:
Secure log off
Imagine what would happen if Twitter labeled all of your false claims:
or reload the browser