Recently, news emerged of a widespread Russian hacking operation targeting high-profile interests in the United States, including federal government systems. After days of silence on the issue, President Donald Trump finally spoke out about the problem… and provided cover for Putin, downplaying the seriousness of the situation and insisting that Russia’s responsibility for the hacking operation isn’t even certain. During an appearance on CNN’s State of the Union over the weekend, ex-Department of Homeland Security official Chris Krebs bluntly fact-checked the president’s claims.
On CNN, Krebs commented as follows:
‘Everything I’ve heard, whether it’s from private sector cybersecurity threat and intelligence experts, things I have heard out of Congress and the intelligence community: it’s Russia. They are exceptionally good at this, particularly the foreign intelligence service, the SVR — they’re good, they’re quiet, they’re deliberate, they’re patient, and they’re careful.’
Secretary of State Mike Pompeo, a top Trump appointee, already offered his own assessment contrary to the president’s claims, insisting that Russia was “pretty clearly” behind the hack. Krebs’s own experience includes a stint as leader of the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security, a post that Trump abruptly fired him from after the agency produced a statement bluntly refuting the president’s claims of widespread election fraud.
While on CNN, Krebs also contradicted the president’s claims about the severity of the hacking operation. On Twitter, Trump petulantly claimed that the “Cyber Hack is far greater in the Fake News Media than in actuality.” In contrast, Krebs commented as follows:
‘I think we’re just getting our arms around the scope of this cyber compromise. There has been a lot of conversation about one company, SolarWinds, but I think it’s probably more broad than that. This Russian intelligence service, the SVR — they’re really the best of the best out there. I would suspect that there are probably other software companies that have been compromised.’
Krebs also offered observations about the path forward for the United States. Rather than implementing serious responses to the hacking operation, Trump and his top political allies have seemed more concerned with pushing nonsensical lies about the election. In contrast, Krebs commented as follows:
‘The federal civilian agencies — the 101 civilian agencies — are not really optimized for defense right now, and what that means is there’s a lot of old, antiquated, legacy IT systems that are hard to defend, plus the authorities are not in place for teams like CISA to really get out there and aggressively root out adversaries. Now, there is a provision in the National Defense Authorization Act… that would give CISA, my old agency, the authorities to go out and really aggressively hunt and look for these adversaries, and that’s what we’re going to have to do to get certainty and to the other side of this.’
Check out Krebs’s comments below:
Fmr. CISA Director Chris Krebs says he believes the massive cyberattack is linked to Russia.
“Everything I've heard, whether it's from private sector cybersecurity threat and intelligence experts, things I have heard out of Congress … it's Russia.” #CNNSOTU pic.twitter.com/OruAoCFwIC
— State of the Union (@CNNSotu) December 20, 2020
Trump has openly insisted that he will veto the National Defense Authorization Act, which covers defense spending for the upcoming year, because he wants lawmakers to include an undoing of legal liability protections for social media companies — although the legislation, as-is, already passed both chambers of Congress with enough support to override a presidential veto.
Separately on Twitter, Krebs has also debunked Trump’s attempt to use the reported hacking operation as supposed evidence for his idea that election management machines were also compromised. Referring to a company that was targeted in the hacking operation in question, Krebs commented as follows:
‘Do not conflate voting system security and SolarWinds. The proof is in the paper. You can audit or recount again to confirm the outcome. Like they did in Georgia. And Michigan. And Wisconsin. And Arizona. Can’t hack paper.’
Do not conflate voting system security and SolarWinds. The proof is in the paper. You can audit or recount again to confirm the outcome. Like they did in Georgia. And Michigan. And Wisconsin. And Arizona. Can't hack paper.
— Chris Krebs (@C_C_Krebs) December 19, 2020