Tue, Nov 17, 2020

FAST THINKING: Trump fires top DHS cybersecurity official over election protection

Fast Thinking by Atlantic Council

Related Experts: Thomas S. Warrick, Graham Brookie, Trey Herr,

Cybersecurity Disinformation Elections Politics & Diplomacy United States and Canada

US Department of Homeland Security Under Secretary Chris Krebs speaks to reporters at the DHS Election Operations Center and National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Virginia, U.S. November 6, 2018. REUTERS/Jonathan Ernst/File Photo

Just in

Donald Trump escalated his attacks on the integrity of the US election process Tuesday night, firing a top Department of Homeland Security cybersecurity official who spent the last weeks debunking many of the president’s false claims about election fraud. Trump announced on Twitter that Christopher Krebs, who led DHS’s Cybersecurity and Infrastructure Security Agency (CISA), was relieved of his position because the president felt Krebs made “highly inaccurate” statements about the 2020 election that rebutted Trump’s unsubstantiated allegations of large-scale election fraud. What does Krebs’s refusal to back up Trump’s claims mean for US democracy? And now that he’s gone, what legacy will Krebs leave behind?

Today’s expert reaction courtesy of

  • Tom Warrick: Former Department of Homeland Security official and Atlantic Council nonresident senior fellow
  • Trey Herr: Cybersecurity strategist and director of the Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative
  • Graham Brookie: White House and National Security Council veteran and director of the Digital Forensic Research Lab

A remarkable record of success in 2020, now hanging in the balance

  • Tom thinks Krebs and his colleagues deserve a “modern-day cyber equivalent” of a victory parade for helping secure this year’s contest: “All signs are that foreign adversaries failed to disrupt the 2020 election” by hacking election infrastructure or engaging in disinformation campaigns. That said, he adds, “it could also be that foreign efforts got overwhelmed by what Americans were doing to each other.”
  • “The United States needs a serious after-action report and a ‘lessons learned’ study of the 2020 election,” Tom adds, but now Krebs and colleagues such as Bryan Ware, who just stepped down from his position at CISA, won’t be around to lead it. That effort, he notes, may now be led by the Biden administration or Congress. And that effort is urgent, he stresses: “The United States need look only to Russian interference in the elections of Europe and Iran’s influence operations in the Gulf to understand that the United States has won a major battle, but the war is not over.”
  • Here’s what has to happen next, Tom says: “The Biden administration should be planning now for the emergency supplemental appropriation it will take in the first half of 2021 to secure the November 2022 midterm elections. It will take more than a year for federal appropriation dollars to get to state and local elections officials to make vital upgrades to protect the 2022 election. Just as our defenses were better in 2020 than in 2016, thanks to a lot of hard work across the government and private sector, we can expect our adversaries will also be better in two years.”

Subscribe to Atlantic Council’s Fast Thinking news alerts

Sign up to receive rapid insight in your inbox from Atlantic Council experts on global events as they unfold.

The legacy Krebs leaves behind

  • Trey has helpful background here, noting that CISA plays a big role not just in securing US elections but also in “cybersecurity across the federal government as well as state and local agencies”—on issues ranging from cloud security to technology supply chains. Krebs was the first director of CISA, which was created in 2018, and helped make “the agency a significantly more collaborative and active partner with state election authorities, researchers, and myriad civil-society groups.”
  • Then there was the cool factor, Trey adds: Krebs helped “give CISA its groove back”—whether by “granting the former National Protection and Programs Directorate (NPPD) an air of hip engagement” or “making Nantucket red pants cool (briefly) again.” (Visual here.)
  • While coverage of his dismissal will focus on election security, Trey notes, Krebs’s “lasting achievement may well be the creation of a cluster of cybersecurity researchers inside of CISA,” drawn from the practitioner community.

Prescience about our political moment

  • Graham recalls that during a 2018 appearance at the Atlantic Council’s StratCom conference, Krebs explained, “The overall purpose of an election is to convince the loser they lost…so this peaceful transition of power” can occur.
  • Those “remarks were extremely prescient given the situation we currently face in the United States,” Graham notes. Krebs “stayed true to facts and his mandate to secure elections, and he was ultimately fired by Donald Trump for refuting Trump’s own disinformation about the results of the election. History won’t forget the irony, if we can keep democracy.”

Elsewhere in Fast Thinking today: Check out Graham Brookie and Alyssa Kann diving into what we know about how disinformation and interference played out in the 2020 US election

Further reading