Nov 17, 2020

Post-election purge hits cybersecurity

HTML EMBED:
COPY
The Cybersecurity and Infrastructure Security Agency has been battling election misinformation, including President Trump's false voter fraud claims.

Update (Nov. 17, 2020): President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency, after this story was published Tuesday.

The Cybersecurity and Infrastructure Security Agency, or CISA, was created two years ago within the Department of Homeland Security to shield America’s critical infrastructure from cyberattacks. Its mandate also includes election security, and lately it’s been debunking misinformation online, including false rumors of voter fraud that are being spread by President Donald Trump.

Last week, CISA’s assistant director was pushed out, and there have been reports that Director Chris Krebs expects to be fired. So what does this all mean for the other critical infrastructure? I spoke with Kim Zetter, a cybersecurity journalist and author. I asked her what else CISA works on. The following is an edited transcript of our conversation.

Kim Zetter: They do a lot of work with industrial control systems. Most of our critical infrastructure is privately owned, so we’re talking water treatment plans, the electric grid, chemical treatment plants. CISA also has on-the-ground teams that will come out and do risk assessments of a network. And CISA also, prior to the election, was working on getting sensors on election networks to monitor malicious attacks that might be coming into those networks. That has been sort of DHS’ mandate, to try and bring those networks up to more secure level.

Molly Wood: What are the national security implications of turnover in the leadership of the agency?

Zetter: First of all, it’s just very disruptive, especially right now when there’s already a lot of chaos and uncertainty and fear around the rising rate of COVID-19 infections, and then also a lot of chaos around the election itself and the unsupported claims of voter fraud. So at a time when the government should have a united front in its response to the health crisis, and also for a smooth and peaceful transition to a new administration, this, of course, creates unnecessary upheaval and vulnerability, particularly in the eyes of adversaries who might want to take advantage of it. But I should emphasize that even if a figurehead like Chris Krebs is removed, the people on the ground will continue to do that work. It’s really more of a political issue here now, and then also the perception from outside by adversaries.

Wood: I mean, it is really interesting that this agency ended up working on misinformation and disinformation, which would seem to brand disinformation as a national security threat, right?

Zetter: Yes. It definitely is a concern when you’ve got this schism between the White House administration and even some top-level DHS officials. And then you’ve got the schism with the people on the ground within CISA, who are actually actively trying to fight the misinformation and secure networks. There’s always a threat of someone coming in, being appointed, who undoes some of that good work. I don’t have big concerns about that. I think the people at DHS and at CISA in particular are good at their jobs in securing networks and in helping critical infrastructure, and I don’t really see that changing.

Wood: Generally, it seems like cybersecurity has been a relatively bright spot, right, within the Trump DHS?

Zetter: Definitely, with credit to CISA. The Trump administration has been at odds with the work that CISA has been trying to do with misinformation that they have put out. And so CISA has been battling that directly through a rumor control website. CISA director Chris Krebs has in his own personal Twitter account has been at odds with that. Yes, they’ve been a definite bright spot, in terms of trying to get critical infrastructure more secure, trying to share information with the private sector about vulnerabilities and especially with election officials.

Wood: Do you feel like this is an agency that will remain empowered under a Biden administration, just looking forward?

Zetter: Yes, definitely. I mean, under the Obama administration, Obama’s was the first administration that really made cybersecurity a top-level national security concern. And that got strengthened with the creation of CISA. Under the Trump administration, CISA was stood up by Congress as a standalone agency, signaling the importance of cybersecurity, and that won’t change under Biden at all.

Related links: More insight from Molly Wood

Reuters reported last week the White House had asked CISA to stop aggressively debunking election disinformation.

The Washington Post has a piece from last week about how the Biden administration is likely to make funding for election security a priority. Those efforts were consistently blocked over the last four years by Senate Majority Leader Mitch McConnell, but the Post argues that auditable voting machines with paper trails might be more necessary and palatable to Republicans now that Trump has created so much doubt about voting systems. I mean, election security experts have been calling for those measures for years, too. So win-win? That story has more reading about Biden’s likely cybersecurity priorities.

There’s also a story at The Wall Street Journal about how, evidently, a deadly pandemic is an opportunity that draws out the worst people in the world. First, malicious hackers who are attacking school districts, demanding ransom and posting sensitive information about children online when they don’t get it. So that’s a special-place-in-hell kind of story.

And last week, Microsoft put up a blog post warning again about attacks on companies that are working on vaccines and treatments for COVID-19 that appear to be coming from Russia and North Korea, and which the Microsoft executive who wrote the blog post called unconscionable and said should be condemned by all civilized society. The post also pointed to ransomware attacks on hospitals and health care companies. In September, a woman in Germany died at a hospital that was under cyberattack because her treatment was delayed. Officials say it’s likely the first known death resulting from a ransomware attack.

Listening makes you smarter…
donating makes it all possible.

Our mission is to raise the economic intelligence of the country, exploring the intersection of the economy, tech, and our daily lives. As a nonprofit news organization, we count on your support – now more than ever before.

Secure the future of public service journalism today when you become a Marketplace Investor.

The team

Molly Wood Host
Michael Lipkin Senior Producer
Stephanie Hughes Producer
Jesus Alvarado Assistant Producer