Cybersecurity chief who oversaw ‘most secure election’ fired by Trump

Christopher Krebs won bipartisan praise from state elections managers and technology experts, and used innovative methods

Christopher Krebs, director of the Homeland Security Department's Cybersecurity and Infrastructure Security Agency, speaks before the Senate Judiciary Committee in 2019. (Getty Images)
Christopher Krebs, director of the Homeland Security Department's Cybersecurity and Infrastructure Security Agency, speaks before the Senate Judiciary Committee in 2019. (Getty Images)
Posted November 17, 2020 at 8:37pm

Christopher Krebs, the top U.S. cybersecurity official who helped oversee what outside experts have been calling one of the most secure U.S. elections ever, was fired late Tuesday by President Donald Trump in his customary fashion: in a pair of tweets.

The firing came exactly two weeks after the Nov. 3 elections and five days after a large group of federal and state officials as well as watchdog groups and makers of election equipment issued a statement declaring that “the November 3rd election was the most secure in American history.”

Krebs, director of the two-year old Cybersecurity and Infrastructure Security Agency, had helped boost cybersecurity in computer networks in all 50 states, and contrary to fears, managed to pull off an election free of cyberattacks and large-scale technical failures, even with the new wrinkle of millions of mail-in ballots.

Trump said in his tweet that the recent statement by CISA that the election was held securely was “highly inaccurate.” Citing no evidence, Trump claimed that there were improprieties and fraud, and that Republican poll watchers were not allowed in counting places — all assertions that have been rejected in multiple states by judges hearing challenges to the election.

Trump and leading Republican lawmakers as well as party operatives have refused to acknowledge President-elect Joe Biden’s victory in the Nov. 3 election. Instead they and their lawyers have pursued litigation arguing about voter fraud involving mailed ballots, and glitches in voting machines that apparently switched votes to Biden. Judges have dismissed almost all those claims.

On Monday, a group of 59 computer scientists and election security experts said in a statement that Trump’s claims about voter fraud and technical glitches in voting machines were “unsubstantiated or are technically incoherent.”

Just hours before Krebs was fired, the agency alerted reporters to two public events Krebs had planned to appear at on Wednesday. One was the Global Security Forum organized by the Soufan Group, and the other was the CyberNext DC, an event hosted by the Cyber Threat Alliance.

Firing brings condemnation

Krebs’s firing drew condemnation from lawmakers and state election officials who worked with him.

Sen. Angus King, I-Maine, who co-chaired the congressional Cyberspace Solarium Commission, said Trump was firing Krebs for “simply doing his job.”

King said Krebs “is an incredibly bright, high-performing, and dedicated public servant, who has helped build up new cyber capabilities in the face of swiftly-evolving dangers.”

King echoed the assessment of other experts to say that “this year’s robust election security and public awareness campaign exceeded our expectations, especially given the unique political and technological challenges.”

Sen. Ben Sasse, R-Neb., said in a statement: “Chris Krebs did a really good job — as state election officials all across the nation will tell you — and he obviously should not be fired. I’m particularly grateful for the work he did on the Cyber Solarium Commission to help the nation prepare for the future of war.”

Trump, instead of rewarding Krebs for a job well done, “is retaliating against Director Krebs and other officials who did their duty,” said Rep. Adam B. Schiff, D-Calif., chairman of the House Intelligence Committee. “It’s pathetic, but sadly predictable that upholding and protecting our democratic processes would be cause for firing.”

President-elect Joe Biden should consider consulting with Krebs in charting the future course of CISA, King said.

“The ongoing purge of respected, competent leaders who refuse to perpetuate Trump’s delusional conspiracy theories about the election is a disturbing sign for American government. It’s an assault on reality,” said Alex Padilla, California’s secretary of state.

The firing wasn’t unexpected, and Krebs had told colleagues at the agency that he expected to be fired any time. Late last week some news reports suggested that Chad Wolf, the acting secretary of the Department of Homeland Security, where CISA is based, had refused to oblige the White House and fire Krebs.

Krebs is the second CISA official to be forced out. Bryan Ware, an assistant director at the agency, resigned last week.

Bipartisan praise

Krebs emerged as a nonpartisan professional who managed to navigate a thicket of partisan politics to get state and local officials from both Republican- and Democratic-led states to boost cybersecurity surrounding their election infrastructure and to cooperate with one another and the federal government.

A former Microsoft cybersecurity executive, Krebs also turned CISA into a lone federal government outpost combating online disinformation, swatting down rumors and using novel ways to get Americans to tell the difference between fact and fiction.

CISA was established by an act of Congress two years ago. While the need to establish the agency was outlined by the Obama administration, dozens of congressional committees that oversee the Department of Homeland Security meant that lawmakers didn’t act until November 2018, when the agency was created by an act of Congress.

The agency took over the functions of safeguarding U.S. infrastructure from physical and cybersecurity threats, and Krebs became the first director.

But Krebs was at the helm of CISA’s predecessor, known as the National Protection and Programs Directorate, when he began his stint at the department in March 2017.

He set out to focus on the 2018 midterm elections after the disastrous 2016 election when not only Russian hacking but widespread distrust between Republican state election officials and federal officials had reached a high point.

Obama administration officials including then Secretary of Homeland Security Jeh Johnson had declared the country’s election machinery as critical infrastructure after discovering Russian interference. That sparked outrage among Republican officials in states who feared a federal takeover of the elections.

Trust between federal and state officials was further eroded when DHS and the FBI failed to tell state officials in as many as two dozen states that their election websites had been accessed by Russian spies.

Krebs helped restore trust while also encouraging states to collaborate with federal agencies to tighten cybersecurity around voting systems and databases, Ben Hovland, chairman of the U.S. Election Assistance Commission, said in an interview before Krebs was fired.

Krebs has “focused on how CISA can assist state and local election officials,” Hovland said. Because the U.S. Constitution gives states the right to manage elections, CISA’s role is “non-regulatory, and it’s supportive, so figuring out how to be a resource for local election officials” was key, he said.

Krebs approached the job with a “sort of good governance and customer service mindset,” Hovland said.

Unlike the 2016 election, the 2018 midterm elections took place under greater congressional and federal scrutiny. Congress authorized the U.S. Cyber Command to play offense against Russian and other foreign actors who may try to sabotage the voting.

Under Krebs’s leadership, CISA ran an operational control room at a classified facility in Arlington, Va., and brought together election equipment vendors, U.S. intelligence officials, the FBI and other private companies, all of whom connected with state officials to quickly spot and plug any breakdowns stemming from hacks, disinformation and other foreign adversaries’ tactics.

Wolf told lawmakers in March that the 2018 midterm elections “was one of the most secure elections I believe we have had and we are continuing to build on that progress as we go into 2020.”

Wolf then credited Krebs for building relationships “that we have now in all 50 states,” noting that the difference “is really night and day to what we saw in 2016 where we had very few relationships.”

In the run-up to the 2020 elections, CISA launched several efforts to stem the flow of disinformation, even as the agency ramped up work to detect cybersecurity flaws in state election systems and installed sensors to detect unauthorized activity on state computer servers.