Trump’s Retaliatory Tour Targets Leaders in Technology and Election Authorities
Former President Trump recently rescinded security clearances for Chris Krebs, the ex-chief of the Cybersecurity and Infrastructure Security Agency (CISA) who was terminated by Trump for affirming the 2020 election as the most safeguarded in American history. The directive from the White House, which also halted clearances for other security professionals at Krebs’s organization SentinelOne, coincides with CISA grappling with significant reductions in funding and personnel.
Chris Krebs. Image: Getty Images.
The memo of April 9 prompts the attorney general to probe Chris Krebs (unrelated), branding him as “a significant malevolent actor who exploited and misused his governmental power.”
The memo mentioned that the investigation will encompass “a thorough assessment of all CISA’s undertakings over the past six years and will pinpoint any occurrences where Krebs’s or CISA’s behavior seems to contradict the administration’s stance on freedom of speech and the termination of governmental censorship, including whether Krebs’s actions breached the adequacy criteria for federal workers or involved the unauthorized divulging of classified data.”
CISA was established in 2018 during Trump’s initial tenure, with Krebs appointed as its inaugural chief. In 2020, CISA introduced Rumor Control, a platform designed to counteract misinformation encircling the 2020 election.
This initiative directly opposed Trump’s assertions that he lost the election due to tampering and theft. Trump’s campaign and supporters lodged over 60 legal complaints contesting the election, vote counting, and vote confirmation across nine states, and nearly all of them were dismissed or dropped due to lack of substantiation or legitimacy.
When the Justice Department commenced prosecuting individuals involved in the violent insurrection at the U.S. Capitol on January 6, 2021, Former President Trump and Republican figures shifted the narrative, alleging that Trump’s defeat stemmed from the prior administration suppressing conservative voices on social networks.
Peculiarly, the president’s directive to isolate Krebs defies reality, accusing Krebs of fostering the suppression of election information, “including recognizable hazards linked to specific electoral practices.” Trump further claimed that Krebs “distorted and unfoundedly refuted that the 2020 election was manipulated and filched, including through the improper and sweeping denial of extensive electoral misconduct and grave weaknesses with voting systems” [emphasis added].
Krebs did not provide a response upon request. SentinelOne released a declaration pledging cooperation in any examination of the security clearances of its workforce, currently totaling fewer than ten employees.
Krebs’s prior agency now confronts substantial reductions in finances and personnel. Source details that CISA plans to shed approximately 1,300 staff members by downsizing around half of its permanent staff and about 40% of its contractors.
“The National Risk Management Center of the organization, which acts as a core for analyzing dangers to cyberspace and critical infrastructure, anticipates substantial reductions,” noted two insiders familiar with the schemes, as cited by Suzanne Smalley from Source. “Certain risk responsibilities of the division may moreover be transferred to the Cybersecurity Division within the agency according to one of the informants.”
CNN reveals that the Trump administration also progresses with proposals to strip away civil service protections from 80% of the residual CISA staff, potentially empowering their termination on political grounds.
The Electronic Frontier Foundation (EFF) urged cybersecurity professionals to stand in solidarity with Krebs and SentinelOne, underscoring the probability that other cybersecurity corporations and experts might be targeted next in Trump’s endeavors to politicize cybersecurity.
“It is essential that the cybersecurity sector unites to denounce this menacing assault on freedom of speech and rally around Krebs and SentinelOne rather than shrinking in fear anticipating they may be the next targets,” the EFF communicated.
However, Reuters reports scant evidence of industry endorsement for Krebs or SentinelOne, with numerous security specialists anxious about potential targeting if they voice their opinions.
“Reuters reached out to 33 of the most prominent U.S. cybersecurity establishments, encompassing technology companies and firms with sizable cybersecurity divisions, and three industry associations, for feedback concerning Trump’s actions against SentinelOne,” relayed Raphael Satter and A.J. Vicens. “Only one facility furnished insights on Trump’s moves. The others either refused, remained unresponsive, or evaded inquiries.”
ENTANGLEMENTS AT CYBERCOM
On April 3, Former President Trump dismissed Gen. Timothy Haugh, the leader of the National Security Agency (NSA) and the U.S. Cyber Command, alongside Haugh’s assistant, Wendy Noble. Trump took this action immediately after a meeting in the Oval Office with far-right conspiracy theorist Laura Loomer, who purportedly advocated for their termination. Trump, speaking to journalists on Air Force One subsequent to news of the firings, cast uncertainty on Haugh’s allegiance.
Gen. Timothy Haugh. Image: C-SPAN.
Senator Mark Warner of Virginia, the principal Democrat on the Senate Intelligence Committee, labeled it as unfathomable that the administration would oust the senior figures of NSA-CYBERCOM without reason or prior notice, jeopardizing critical existing intelligence missions.
“It is bewildering that President Trump would dismiss the nonpartisan, seasoned chief of the National Security Agency while failing to hold any of his team accountable for classified data leaks”on a business communication app – while seemingly following personnel instructions on national security from a debunked conspiracy theorist in the Oval Office,” Warner expressed in a release.
On February 28, The Record’s Martin Matishak referenced three informants indicating Defense Secretary Pete Hegseth directed U.S. Cyber Command to cease all preparations against Russia, including aggressive digital maneuvers. The next day, The Guardian published that analysts at CISA were verbally told not to track or disclose Russian threats, despite this being a primary focus for the agency previously.
A follow-up article from The Washington Post mentioned officials asserting that Cyber Command was instructed to halt ongoing actions against Russia, but the cessation was anticipated to last only during ongoing negotiations with Russia.
The Department of Defense replied on Twitter/X that Hegseth had “neither annulled nor postponed any cyber activities aimed at harmful Russian targets and there has been no order to stand down from that priority whatsoever.”
However, on March 19, Reuters stated multiple U.S. national security organizations had suspended work on a joint initiative to counter Russian subversion, misinformation, and cyber intrusions.
“Regular engagements between the National Security Council and European national security representatives have ceased, and the NSC has likewise discontinued formal coordination endeavors across U.S. agencies, including with the FBI, the Department of Homeland Security, and the State Department,” Reuters reported, citing existing and former officials.
TARIFFS CONTRASTED WITH TYPHOONS
The application of 125% tariffs on products from China by President Trump led to Beijing retaliating with 84 percent tariffs on U.S. imports. Now, certain security professionals caution that the trade dispute might overflow into a cyber confrontation, given China’s effective penetration of America’s crucial infrastructure networks.
During the previous year, various Chinese government-supported digital infiltrations have been highlighted, including a widespread espionage operation involving the breach of at least nine U.S. telecommunications providers. Named “Salt Typhoon” by Microsoft, these telecom infiltrations were extensive enough for CISA and the FBI in December 2024 to caution Americans against sharing sensitive information over telephone networks, instead urging the use of encrypted messaging applications (such as Signal).
The other comprehensive China-supported operation is labeled “Volt Typhoon,” described by CISA as “state-backed cyber actors positioning themselves on IT networks for disruptive or damaging cyber assaults on U.S. crucial infrastructure in the event of a significant crisis or conflict with the United States.”
The task of determining the causes of the Salt Typhoon security dilemma fell to the Cyber Safety Review Board (CSRB), a bipartisan governmental entity established in February 2022 with the duty to probe the security lapses behind major cybersecurity incidents. However, on his first complete day back in the White House, President Trump dismissed all 15 CSRB advisory committee members — probably due to the inclusion of Chris Krebs among those advisors.
Last week, Sen. Ron Wyden (D-Ore.) imposed a hold on Trump’s nominee to lead CISA, stating that the hold would persist unless the agency released a report on the hacks in the telecom industry, as pledged.
“CISA’s years-long concealing of the phone companies’ negligent cybersecurity has tangible repercussions,” Wyden stated in a public declaration. “Congress and the American populace are entitled to view this report.”
The Wall Street Journal disclosed last week that Chinese authorities admitted in a confidential meeting from December that Beijing was responsible for the widespread security breaches in the telecom industry.
“The remarks of the Chinese official during the December meeting were indirect and somewhat unclear, yet most of the American delegation present interpreted it as an implicit acknowledgment and a caution to the U.S. concerning Taiwan,” The Journal’s Dustin Volz drafted, citing a former U.S. official familiar with the discussion.
Meanwhile, China remains capitalizing on the mass terminations of federal employees. On April 9, the National Counterintelligence and Security Center alerted (PDF) that Chinese intelligence bodies are engaging in an online drive to recruit recently discharged U.S. personnel.
“Foreign intelligence entities, particularly those in China, are targeting current and former U.S. government (USG) employees for recruitment by posing as consulting firms, corporate headhunters, think tanks, and other entities on social and professional networking sites,” the alert cautions. “Their deceptive online job offers, and other virtual approaches, have become more sophisticated in targeting unsuspecting individuals with USG backgrounds pursuing new employment.”
Image: Dni.gov
ELECTION RISKS
As ReutersObservations indicate that the FBI ceased a program last month aimed at countering foreign interference in U.S. elections, including activities by Russia, and suspended the employees dealing with the matter at the Department of Homeland Security.
At this moment, the U.S. Senate is evaluating a legislation passed by the House known as the “Protect American Voter Qualification (SAVE) Act,” which would mandate states to acquire evidence of citizenship, such as a passport or a birth certificate, in person from individuals wishing to register for voting.
Opponents argue that the SAVE Act may disenfranchise a large number of voters and dissuade eligible individuals from registering to cast their votes. Furthermore, instances of documented voter fraud are few and uncommon, as are instances of non-citizens voting. Even the conservative organization Heritage Foundation acknowledges this: A live “election fraud map” created by Heritage lists only 1,576 convictions or findings of voter fraud between 1982 and the present.
Despite criticism, the SAVE Act was approved by the GOP-led House with bipartisan support from four Democrats. To pass in the Senate, at least seven Democrats would need to extend their backing, as reported by Newsweek in an article.
In February, approximately 130 employees were laid off by CISA, including their advisers on election security. The agency was also compelled to halt all election security operations pending an internal audit. Although the audit was reportedly finished in March, the Trump administration declared that the results would not be disclosed publicly, and there is no sign that any cybersecurity support has been reinstated.
A number of state leaders have expressed concern over the reductions in CISA programs by the administration that offer aid and intelligence on threats to election security. Iowa Secretary of State Paul Pate recently shared his views on the PBS program Iowa Press, stating that he hopes these programs do not disappear.
“The disappearance of these systems would have severe consequences,” Pate explained. “We rely heavily on these cybersecurity measures.”
Secretary of the Commonwealth Al Schmidt of Pennsylvania cautioned that the cuts to CISA election security would reduce the security of elections and emphasized that no individual state could replace the federal election cybersecurity resources.
Based on a report by the Pennsylvania Capital-Star, numerous local election offices received threats of violence around the time the polls closed on November 5, and in the week leading up to the election, a fabricated video showing mail-in ballots marked for Trump and Sen. Dave McCormick (R-Pa.) being destroyed and discarded was linked to a disinformation campaign originated from Russia.
“CISA promptly identified the misinformation and its source, allowing us to inform the counties and the public so that the trust in the election process was not undermined,” Schmidt added.
According to CNN, the steps taken by the administration have deeply unsettled state officials, who caution that the upcoming national elections could be severely affected by these cutbacks. A nonpartisan group representing 46 secretaries of state, alongside several top state election officials, have urged the White House for clarification on how vital election security functions will be carried out in the future. Nevertheless, CNN notes that clear responses have yet to be provided.
Trump is facing a lawsuit from Nevada and 18 other states regarding a directive he issued on March 25 claiming expansive executive authority over state election procedures.
“None of the president’s powers authorize him to alter election regulations,” stated Nevada Secretary of State Cisco Aguilar in an op-ed on April 11. “This is a deliberate feature of our Constitution, included by the Founding Fathers to ensure the integrity of elections. Nevertheless, Trump seeks to disrupt voter registration processes; impose arbitrary vote counting deadlines; enable an unelected and unaccountable billionaire to intrude on state voter lists; and withhold congressionally approved funding for election security.”
The directive instructs the U.S. Election Assistance Commission to promptly modify the optional federal guidelines for voting machines without following the procedures outlined by federal law. It also proposes granting the head of the purported Department of Government Efficiency (DOGE), in conjunction with DHS, authority to scrutinize state voter registries and other records to detect non-citizen individuals.
Paul Rosenzweig from The Atlantic points out that the chief executive, a position that the Founding Fathers were most cautious about granting unilateral authority, holds no role in the federal election system.
“Trump’s executive order on elections disregards this established design,” as Rosenzweig explained in an article. “He is asserting executive branch control over the mechanics of federal elections, a power never before claimed by a president. The legal basis for this assertion — that the president’s enforcement power grants him control over state election activities — is as broad as it is concerning.”
About Author
