Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management
Analysis: Does Krebs' Firing Leave US Vulnerable to Attack?
Experts Have Short-Term Worries, But Expect Sustained Long-Term SecurityWatch for updates on this developing story.
See Also: The State of OT Security: A Comprehensive Guide to Trends, Risks, and Cyber Resilience
Some security experts say the United States' cybersecurity and overall defense posture are likely temporarily weaker because President Donald Trump fired the leaders at the Cybersecurity and Infrastructure Security Agency and the Defense Department. But many remain confident defenses will be strong in the long run.
On Tuesday, after President Donald Trump fired CISA Director Christopher Krebs over Twitter, Deputy Director Matt Travis resigned (see: InfoSec Community Supports Krebs After Ouster From CISA.
Earlier this month, the president fired Defense Secretary Mark Esper. Meanwhile federal CISO Camilo Sandoval has reportedly taken a leave of absence to work for an organization investigating voter fraud in the recent election (see: Federal CISO Criticized for Investigating Voter Fraud).
Exploiting the Gap
Art Coviello, a senior adviser for the cybersecurity intelligence firm ClearSky and the former CEO of RSA, says nation-state and cybercriminal threat actors are always trying to take advantage of uncertainty and change.
"The National Security Agency is the primary cyber defense arm, and it works under the Department of Defense, so any time you swap out leaders it creates a gap in leadership that can be exploited," he says.
Coviello calls Krebs' removal from office a "vindictive" move and a "totally irresponsible act."
President Trump, who is refusing to concede the election and is alleging widespread fraud, fired Krebs after CISA determined that the 2020 election was the "safest in history."
Retired Air Force Brigadier Gen. Gregory Touhill, who served as CISO of the United States under President Obama and is currently CEO of Appgate Federal, also says the firing of Krebs weakens the nation's ability to defend itself.
"Our country remains beleaguered by significant cyberattacks on multiple fronts,” he says. “Removing leaders like Chris Krebs … in the midst of a cyber 'firefight' diminishes our country's ability to defend itself and increases our cyber risk."
A Vote of Confidence
Some security experts, however, are confident that those who work on cybersecurity at the federal level will be able to continue to adequately protect the nation from attacks.
"While it [the firing of Krebs] is not good for morale, I'm not concerned that suddenly the wheels will fall off the bus at a general level," says Megan Stifel, the executive director of the Americas for the Global Cyber Alliance and a former director of cyber policy at the National Security Council during the Obama administration.
But other security experts argue that continued post-election disputes could signal to overseas hacking groups that the U.S. is vulnerable.
"With the dramatic firings of [Krebs] and the secretary of defense, America is extremely vulnerable to cyberattack,” says Tom Kellermann, who served as a cybersecurity adviser to former President Barack Obama and is now the head of cybersecurity strategy at VMware. “Cyber is not a partisan issue; rather, it is a patriotic imperative."
A Big Signal?
Jake Williams, president of cybersecurity consultancy Rendition Infosec and a former member of the U.S. National Security Agency's elite hacking team, says the impact of Krebs' departure “is going to be more short-term than long-term.”
On the other hand, the firing of the secretary of defense, he says, was a “big signal for the majority of the foreign attackers to say, 'OK … time to move; we've got an opportunity here.’”
Stifel, however, says the biggest national security concern for the coming weeks is disinformation campaigns.
"In Homeland Security, they need to continue to execute the mission and continue to get factual information out there to counter false narratives," Stifel stresses.
Reasons for Optimism
Stifel and Coviello say that while the removal of Krebs, Esper and others will create challenges in the coming weeks, the nation’s federal workforce will be able to take steps to maintain defenses.
"We have a tremendous reservoir of talent in federal service, and my hope and belief is they will step up," Coviello says, adding that Krebs left CISA in good shape.
The foundation Krebs constructed for CISA by instilling trust and elevating staff members who are now in charge will help the agency continue with its mission, Stifel adds.
Krebs Tweets
In a tweet Thursday, Krebs called a press conference conducted by Trump lawyer and former New York City Mayor Rudy Guiliani "The most dangerous 1 hr 45 minutes of television in American history."
That press conference was the most dangerous 1hr 45 minutes of television in American history. And possibly the craziest. If you don’t know what I’m talking about, you’re lucky.
— Chris Krebs (@C_C_Krebs) November 19, 2020
Guiliani and other Republicans held the press conference to give an update on the president's legal challenges to various state's voting results.
Managing Editor Scott Ferguson and Executive News Editor Tony Morbin contributed to this report.