President Trump’s decision to fire top cybersecurity official Chris Krebs likely will not damage the nation’s cyberdefense as much as cybervillains might hope, according to leading cybersecurity experts.
Mr. Trump fired the Cybersecurity and Infrastructure Security Agency director after taking issue with Mr. Krebs’ comments asserting the security of the 2020 election.
Opposition to Mr. Trump’s decision was widespread among cybersecurity professionals, but even the president’s most strident critics think America’s cyberdefense was not compromised because of the firing.
Jamil N. Jaffer, founder of George Mason University Scalia Law School’s National Security Institute, tweeted that Mr. Trump’s decision was embarrassing and cowardly. But Mr. Jaffer said he thinks the consequences are political.
“Of course no one individual or organization — particularly in the government — is so critical that we can’t survive without it, including in the cybersecurity arena,” Mr. Jaffer said. “However, that being said, Chris Krebs is the kind of inspirational leader with strong trust and credibility in both the public and private sectors that is able to get things done and move them forward aggressively, so losing someone like him can be particularly problematic, especially since he is the first leader of a new agency in the case of CISA.”
Mr. Jaffer, who also worked in President George W. Bush’s White House, said there is zero question that Mr. Trump can make the personnel decision to fire Mr. Krebs, but he said he thought the move exposed a political motivation that was mistaken.
Brett Callow, threat analyst at software company Emsisoft, said the potential impact of the Krebs firing on cybersecurity is impossible to say but the federal government likely had a contingency plan as the firing was not unexpected. In the week before his firing, Mr. Krebs was reported to be anticipating that the president would get rid of him.
“Chris Krebs appeared to do an excellent job, and I suspect state election officials would agree with that sentiment. I’ve no doubt he’ll be missed,” Mr. Callow said in an email. “Who’s likely to be the next director of CISA? I hope it’ll be Chris Krebs again, brought back by the next administration.”
As part of the government’s contingency planning, Mr. Krebs created a third-in-command at CISA in case the top leadership of the agency were let go, according to the Wall Street Journal. CISA operates under the purview of the Department of Homeland Security.
In the aftermath of his firing, Mr. Krebs has sought to clarify his comments on election integrity, which have become a political football in Washington.
“Rumor Control: I never claimed there wasn’t fraud in the election, bc that’s not CISA’s job — it’s a law enforcement matter,” Mr. Krebs tweeted from his personal account Wednesday. “We did provide info on measures elec officials use to prevent and detect dead voters, tho. Don’t buy it. And think 2x before sharing.”
Last week, CISA issued a statement that said no evidence exists that any votes were changed, compromised, deleted, or lost in the November election. The statement called the 2020 election “the most secure in American history.”
On Tuesday, Mr. Krebs said on Twitter, “On allegations that election systems were manipulated, 59 election security experts all agree, ‘in every case of which we are aware, these claims either have been unsubstantiated or are technically incoherent.’ #Protect2020.”
A DHS official said Wednesday that Mr. Krebs had clearly stepped out of his lane in his public comments and that CISA has no first-hand information on allegations of voter fraud. The official noted that election fraud is different from election interference and is outside the scope of CISA’s authority.
Mr. Trump announced Mr. Krebs’ firing Tuesday evening on Twitter and said Mr. Krebs had stated “highly inaccurate” information about the security of the 2020 election.