cyber-defenders-react-to-trumps-attack-on-former-boss

Cyber Defenders React to Trump’s Attack on Former Boss

The recent actions taken by President Donald Trump against Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), have caused a stir within the agency, with employees feeling like they are under attack from their own administration. Trump’s order for a Justice Department investigation into Krebs, coupled with the downsizing of the agency, has left many employees feeling unsettled and distracted from their critical mission of safeguarding the nation’s digital infrastructure.

Krebs, who was appointed by Trump as CISA’s inaugural director, quickly established the agency as a key defender of critical systems in the face of mounting cybersecurity challenges, particularly from foreign adversaries like China and for-profit hackers engaging in ransomware attacks. However, his public stance against Trump’s false claims of election fraud led to his termination by the president.

The order signed by Trump, which questions Krebs’ activities and revokes his security clearance, has been met with criticism from employees who believe it is politically motivated. Many view it as an abuse of power and a personal vendetta against Krebs, rather than a legitimate security concern. The move has raised concerns about the politicization of cybersecurity efforts and the potential impact on national security.

Staff Reductions and Agency Purge

In addition to targeting Krebs, the Trump administration has initiated a purge of CISA’s workforce, offering early retirement and buyout packages to employees. This latest round of cuts follows a previous reduction of more than 130 employees deemed “non-mission critical.” These actions have raised alarms about the agency’s ability to defend critical infrastructure and respond effectively to cybersecurity threats.

The repeated staff reductions have already had a significant impact on CISA’s capacity to protect critical systems, with employees expressing concerns about further degradation of their ability to fulfill their mission. The cuts have hampered the agency’s ability to retain specialized experts familiar with complex computer programs and operating systems essential for securing critical infrastructure.

Implications for National Security

The implications of Trump’s actions go beyond internal agency politics, potentially affecting national security and the safety of the American people. Jen Easterly, who succeeded Krebs as CISA’s director under President Joe Biden, warned that cuts to the federal cyber ecosystem could make Americans less safe and more vulnerable to adversaries. The removal of highly talented cyber professionals and principled leadership could weaken the nation’s defenses against cyber threats.

The suspension of security clearances for employees at SentinelOne, the cybersecurity company where Krebs now works, has also raised concerns about potential chilling effects on security research and vulnerability disclosure. Employees fear being pressured to downplay or ignore software vulnerabilities that could upset the president, mirroring past intelligence failures like the Iraq war. This could have far-reaching consequences for national cybersecurity and public safety.

In conclusion, the ongoing turmoil within CISA and the targeting of key cybersecurity officials by the Trump administration have sparked concerns about the politicization of cybersecurity efforts and the impact on national security. The actions taken against Chris Krebs and other cybersecurity professionals raise questions about the future of digital defense in the face of evolving cyber threats. As the Biden administration takes office, the cybersecurity community will be closely watching to see how these challenges are addressed and how the nation’s defenses are strengthened in the coming months.

Kevin Collier, a seasoned reporter covering cybersecurity, privacy, and technology policy for NBC News, aptly captures the gravity of the situation: “The cuts that may come — I don’t know what the numbers are going to look like — but they without a doubt will further degrade our ability to defend critical infrastructure.” The stakes are high, and the future of cybersecurity in America hangs in the balance.