Trump fires CISA Director Christopher Krebs by tweet
President Donald Trump this week fired Cybersecurity and Infrastructure Security Agency Director Christopher Krebs via Twitter, following CISA's assurances that the presidential election was "the most secure in American history."
The firing comes on the heels of a joint warning this past month from CISA, the U.S. Department of Health and Human Services, and the Federal Bureau of Investigations of an "increased and imminent" cyber threat to hospitals.
"The president’s decision to fire Director Krebs makes America less safe," said U.S. House Committee on Homeland Security Chair Rep. Bennie G. Thompson, D-Miss., and Rep. Lauren Underwood, D-Ill., who chairs the Subcommittee on Cybersecurity, Infrastructure Protection and Innovation, in a joint statement on Tuesday.
"The president’s unsubstantiated tweets this evening do nothing to defend our state and local governments and critical infrastructure against malicious cyber campaigns," they said.
"Anytime the government loses well-respected cyber professionals like Chris Krebs, especially under these political circumstances, there’s bound to be at least a momentary downside impact on CISA’s morale," said Drex DeFord, healthcare executive strategist for CI Security, to Healthcare IT News.
DeFord continued, "Healthcare clearly leans on CISA to provide insights to cybersecurity threats, and given the multiple stressors on healthcare organizations today, we can ill-afford any glitches in the capabilities of CISA, or their ability to quickly and effectively coordinate with valued cyber-partners like the FBI, HHS, and Homeland Security.
"Chris has, by all reports, done a great job building his team at CISA, and I continue to feel hopeful that, while he’ll be missed, his crew will deliver on the same high-quality security mission that healthcare has come to rely on," DeFord added.
WHY IT MATTERS
CISA Assistant Director Bryan S. Ware, who helped spearhead the agency's initiatives to protect the health industry from both criminal and state-sponsored hacking, is also out at the U.S. Department of Homeland Security.
As CyberScoop reported last week, Ware declined to comment on whether his resignation was prompted by a request from the Trump administration.
Ware had been focused on the dangers of ransomware, the vulnerabilities of telehealth and hospital remote-work technology, and the risks that nation-state bad actors posed to life sciences organizations as they worked on a COVID-19 vaccine.
"This year, right there with elections infrastructure, healthcare infrastructure is a major priority and a really new priority for us," he said earlier this year.
THE LARGER TREND
Cyber threats have taken on new danger in the COVID-19 era, with the rapid scale-up of telehealth, a shift to working from home, and a stretched-thin workforce combining to make hospitals and other health systems especially vulnerable.
Several health systems have reported being hit with cyberattacks this fall – most notably Universal Health Services, which experienced a network shutdown throughout its U.S. facilities after an apparent ransomware incident in September.
ON THE RECORD
"We commend Chris Krebs for refusing to cave to political pressure from the White House and instead choosing to uphold his obligations to the American people as director of the Cybersecurity and Infrastructure Security Agency," said Thompson and Underwood in their statement.