SolarWinds Attack Is the First Major Test for CISA Under Biden Administration (Opinion)
Christopher Krebs was the first ever Director for the Cybersecurity and Infrastructure Security Agency (CISA), the sub-division within the Department of Homeland Security (DHS). As a result of his comments regarding the Security of the 2020 Election, he was fired in November.
The firing occurred just as President Trump’s legal team’s attempt to overturn the 2020 Election was just getting started. Despite Team Trump’s early efforts in collecting affidavits claiming fraud and playing the public relations game on political talk shows, a mid-November Joint statement from the Elections Infrastructure Government Coordinating Council and the Election Infrastructure Sector Coordinating Executive Committees, contradicted the Rudy Giuliani led legal “Dream Team” in saying, “The November 3rd election was the most secure in American history. Right now, across the country, election officials are reviewing and double checking the entire election process prior to finalizing the result.”
The statement also denied many of the fraud claims that had already begun to sprout up in the days following the election and declared in bold lettering that, “There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised.”
Krebs ousting also created speculation there more high-profile dismissals in the administration that were related to the election may be on the horizon. Among the others that were speculated to be in hot water were Trump’s 2nd and final Attorney General, Bill Barr, who would wind up resigning last month.
Barr drew the ire of Trump supporters when the DOJ echoed the response coming from CISA, that there wasn’t evidence to back up the President’s claims of voter fraud. In an interview with the Associated Press, Barr claimed that Justice Department attorneys that assisted in the FBI investigation of the election had failed to see “fraud on a scale that could have effected a different outcome in the election.”
Since election day, the incoming Biden administration has dealt with roadblocks related to the transfer of power and the job of several agencies, including CISA, has been complicated by the confusion and disorder associated with the already contentious transition.
Krebs was replaced, at least on an interim basis by Brandon Wales. President Trump appointed Wales as Acting Director for CISA on November 17th, 2020. Wales was formally CISA’s first Executive Director, and previously served DHS from August 2017 to December 2019 as Senior Counselor to the Secretary for Cyber and Resilience and Director of the DHS Office of Cyber and Infrastructure Analysis (OCIA).
Perhaps the biggest issue facing CISA today is the fallout from the SolarWinds hacking attack that struck at least 2000 networks belonging to as many as 100 governmental and non-governmental agencies globally. The attack was discovered in the weeks following the firing of Krebs.
Thus far, government officials and other experts have pinned the attack on APT29 (Advanced Persistent Threat) which originated from Russia. The group is also known as Cozy Bear, Cozy Duke, and the Office Monkeys. The hackers used a new malware strain known as SUNBURST malware in the attack.
In an interview last week with website cyberscoop, CISA’s Wales said, “The number [of federal victims] is likely to grow with further investigation.”
So far, we know that the departments of Commerce, Energy, and Justice were affected by the attack which is though to have began in March of 2020. The attack, and the response to it will likely help to shape the early foreign policy of the Biden administration.
CISA will be playing an important role in helping civilian agencies better secure their networks in the aftermath of the SolarWinds attack. The National Defense Authorization Act, which went into effect on Jan. 1, gives CISA new and increased authority to proactively hunt for vulnerabilities and breaches on other government agencies’ networks.
Wales has also said that CISA has identified “where we think that the fundamental structure” of data protection on civilian and federal networks needs to “evolve.” That includes adaptation in how CISA draws on IT security services to defend networks.
Whether or not Wales will be allowed to continue his early and valuable work remains to be seen. He may stay in what would be a early showing of goodwill towards a solid employee of DHS that has a respectable track record, or he may wind up being one of many casualties of a new administration whose political party has shown a propensity to attack anyone appointed or associated with the Trump administration. Time will tell.
Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by websites including The Hill, Newsmax, The Washington Times, Real Clear Politics, Townhall, American Thinker and many others.
