Chris Krebs, the director of the US Cybersecurity and Infrastructure Security Agency (CISA) – America’s equivalent of the UK’s National Cyber Security Centre (NCSC) – has been dismissed by outgoing president Donald Trump, after his agency’s analysis of the 3 November presidential election determined it to be “the most secure in American history”.
Last week, CISA said there was “no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised.”
This contradicts Trump’s baseless claims of widespread voter fraud as his embattled administration continues to attempt to change the results of the election with a series of frivolous lawsuits. Almost a fortnight has now passed since Democrat challenger Joe Biden emerged as the clear winner of the 2020 US election, with leads of thousands of votes in key battleground states and over five million votes nationwide. Trump, whose administration has become a byword for criminality and corruption, continues to refuse to concede.
In a series of Tweets, Trump said: “The recent statement by Chris Krebs on the security of the 2020 Election was highly inaccurate, in that there were massive improprieties and fraud – including dead people voting, Poll Watchers not allowed into polling locations, ‘glitches’ in the voting machines which changed... votes from Trump to Biden, late voting, and many more. Therefore, effective immediately, Chris Krebs has been terminated as director of the Cybersecurity and Infrastructure Security Agency.”
Again, there is absolutely no evidence for any of these claims and Trump’s tweets have been labelled as disputed by Twitter.
Krebs, a former Microsoft man who was appointed by Trump himself to lead CISA on the agency’s founding in 2018, played a key role in leading the agency’s efforts to combat cyber threats to and misinformation around the 2020 elections, establishing the CISA’s Rumour Control website, among other things.
However, instead of fighting a repeat of the 2016 election, when Russian state-backed actors conducted widespread interference in the US elections and may even have played a role in Trump’s election, Krebs and the CISA found themselves battling Trump himself, who continues to spew a stream of lies and disinformation in a desperate attempt to cling to power.
Read more about US election security
- SearchSecurity’s Risk & Repeat podcast looks back at the 2020 election, which was free of major cyber attacks or hacks but has seen a rise in disinformation campaigns online.
- Election Day in the US occurred with no evidence of cyber attacks or voting machine hacks, but CISA has its hands full with disinformation and conspiracy theories.
- Biometric voter registration systems could play a role in the future of election security, if developers and governments can address concerns about security and hacking.
Chloé Messdaghi, vice-president of strategy at Point3 Security, described Krebs’ dismissal as political, surreal and disheartening.
“We in the cyber security community are deeply committed to identifying and preventing or blocking all threats to the best of our ability, including misinformation and disinformation. Chris Krebs and the CISA team have done a singularly brilliant job, and done it transparently, under what has been one of the most divisive and fraught election cycles in our country’s history,” she said
“CISA’s role was to be the organisation that works closely with all stakeholders – industry, public sector and the American people – and to help keep the US ahead of cyber security threats, both those in the form of attacks and of misinformation campaigns. Chris and the team have done a brilliant job in protecting this country, and fully realised that their jobs were at potential risk for doing so.
“Many in the cyber security community are deeply disappointed and more than a bit nervous,” she added.
Others in the security community also rallied around. Krebs’ former colleague, Microsoft Cybersecurity Solutions Group CVP Ann Johnson, took to Twitter to describe him as a “highly competent professional” who was in many ways “above reproach”.
Jonathan Reiber, senior director for cyber security strategy and policy at AttackIQ, added: “Chris Krebs worked tirelessly and in a bipartisan fashion with state, local, and federal leaders on both sides of the aisle to improve election security across the country. The 2020 election saw no major cyber attack take place, and the Election Infrastructure Government Coordinating Council and the National Secretaries of State called it the most secure in US history.
“Given the Russian government's intrusion into the US presidential election of 2016 and the risks facing the election this year, that is a big achievement, and it is due in large part to the leadership of Chris Krebs’ and general Paul Nakasone of US Cyber Command and their organisations' hard work.”