Departures Leave Questions About US Cybersecurity Readiness
DHS resignations: Valerie Boyd, assistant secretary for international affairs, and Bryan Ware, assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency.
Two senior U.S. Department of Homeland Security officials have been forced to resign, and a senior cybersecurity official fears he will be fired by the Trump administration, according to news reports.
Valerie Boyd, assistant secretary for international affairs at DHS, and Bryan Ware, assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, have resigned, CNN reports.
The loss of Krebs would “take away a strong leader at DHS and be disruptive at a time when the threat of disinformation and other malicious cyber activity remains great,” says Christopher Painter, who was the State Department’s top cyber diplomat until mid-2017 and is a former federal cybercrime prosecutor.
“It will make us more vulnerable and less able to respond,” Painter says.
Krebs provided a steady hand for CISA during the election and received wide praise. Experts have said they hope for him to retained (see: What a Joe Biden Presidency Means for Cybersecurity).
Krebs spoke in August at Information Security Media Group’s Cybersecurity Virtual Summit. He described how the agency was assisting local and state government election officials with technical support, training and cyber hygiene exercises (see Election Security: A Progress Report From CISA’s Krebs).
Jake Williams, a former network exploitation engineer with the National Security Agency who now runs Georgia-based consultancy Rendition Infosec, says losing Krebs would impact U.S. cybersecurity readiness.
“Let me just say for the record that I have a lot of trust issues with most federal cybersecurity leadership,” Williams tweets. “I didn’t have that issue with Krebs – at all. This is the biggest continuity loss I’ve seen yet during the transition and one that will impact the nation’s cybersecurity.”
The resignations come as President Donald Trump has thus far refused to concede the election to President-elect Joe Biden, who is tracking to win both the Electoral College vote and the popular vote.
The development also comes after Trump on Monday fired Defense Secretary Mark T. Esper.
The departure of senior officials in agencies critical for the national security of the United States has sparked questions about the country’s stability. It raises further tensions in what is usually a calm and orderly transition period before an elected president takes office on Jan. 20.
The New York Times reported on Monday that other officials at risk of being fired before Trump’s tenure ends include FBI Director Christopher Wray and CIA Director Gina Haspel.
Democratic Sen. Ron Wyden of Oregon, who sits on the Senate’s Select Committee on Intelligence, expressed concern that the possible firing of Krebs could be part of a Trump plan to spread misinformation about the election.
“Under Chris Krebs’ leadership, CISA has been a trusted source of election security information,” Wyden tweets. “If Donald Trump fires him, it will suggest Trump is preparing to spread lies about the election from a government agency.”
As the news broke, Democratic Sen. Mark Warner of Virginia tweeted that Krebs “has done a great job protecting our elections.”
Chris Krebs has done a great job protecting our elections. He is one of the few people in this Administration respected by everyone on both sides of the aisle. There is no possible justification to remove him from office. None. https://t.co/WaOEiIlzKi
— Mark Warner (@MarkWarner) November 12, 2020
Report: Trump Unhappy With CISA
Citing an anonymous source, Reuters reports that the White House was displeased with some of CISA’s work on the election. That included a section on its website called Rumor Control, which sought to debunk widely spread myths about the integrity of the U.S. electoral process.
Rumor Control listed circulating falsehoods – such as dead people could vote and that bad actors could change results without detection – and countered with why these statements were false.
An excerpt from Rumor Control, a section of CISA’s website that sought to dispel falsehoods about the integrity of U.S. voting. (Source: CISA)
Election Day was uneventful on the cybersecurity front, an achievement widely attributed to hyper-alert U.S. intelligence agencies that sought to head off interference by countries such as Iran and Russia.
There have been concerns, however, that the period after the election could also pose opportunities for adversaries to spread misinformation or mount attacks (see Post-Election Day: US on Guard for Hacking, Misinformation).
Social media companies also joined the election security fight, implementing new policies to label or delete content that sought to undermine confidence in voting.
On Thursday, CISA released a joint statement with other government agencies, non-government organizations and voting equipment vendors saying that the Nov. 3 election was “was the most secure in American history.”
“There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised,” the statement says.