Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Former DHS Head Took up Cyber Despite White House Aversion

A top White House official told Kirstjen Nielsen, then Homeland Security secretary, not to bring up election security with President Donald Trump, steering her away from discussing a critical national security threat with a president who bristles at suggestions that Russian interference contributed to his 2016 victory, according to two people familiar with the matter.

A top White House official told Kirstjen Nielsen, then Homeland Security secretary, not to bring up election security with President Donald Trump, steering her away from discussing a critical national security threat with a president who bristles at suggestions that Russian interference contributed to his 2016 victory, according to two people familiar with the matter.

One official said the guidance from acting chief of staff Mick Mulvaney wasn’t related to the sensitivity of the election interference issue, but to keep the White House meetings concentrated on border security, the most visible part of Nielsen’s sprawling portfolio and the top item on Trump’s political agenda.

But it suggests a lack of White House focus on preventing cyberattacks, which Nielsen described during her tenure as a bigger terrorism threat to the United States than planes or bombs. The potential for foreign cyberattacks to shape U.S. elections has been in the spotlight as special counsel Robert Mueller’s report outlined efforts made by Russia to steal thousands of emails and internal documents from the Democratic Party and the Clinton campaign in 2016.

Despite the lack of White House coordination, Nielsen continued to work on election and cybersecurity with other administration officials, according to people familiar with the matter. They spoke on condition of anonymity because they were not authorized to discuss private meetings.

The New York Times was the first to report that Nielsen had been told not to talk about the topic.

Mulvaney said in a statement he did not recall any meetings in which he told Nielsen not to bring up election security, and stressed the topic was very important. Trump signed an executive order last fall authorizing sanctions against foreigners who meddle in U.S. elections and requested $17.6 billion for federal cybersecurity efforts next year in his budget. Mulvaney added that federal, state and local governments are now sharing intelligence and federal authorities are conducting security breach training drills.

“The Trump administration will not tolerate foreign interference in our elections, and we’ve already taken many steps to prevent it in the future,” he said.

Still, Trump and his aides have said Russia’s 2016 interference was exaggerated. Jared Kushner, the president’s son-in-law and senior adviser, on Tuesday during an interview at the Time 100 Summit in New York minimized Russia’s involvement by describing it as “buying some Facebook ads to try to sow dissent.”

Advertisement. Scroll to continue reading.

“But I think the investigations, and all of the speculation that’s happened for the last two years, has had a much harsher impact on our democracy than a couple of Facebook ads,” he said.

Nielsen resigned April 7 after a rocky 16-month tenure and amid a staff shake-up at her department orchestrated by the White House frustrated by the surging number of Central American migrants crossing the U.S.-Mexico. Trump named as acting secretary Kevin McAleenan, the head of U.S. Customs and Border Protection, who has little cyber experience. He has since attended meetings on cybersecurity and is working to get up to speed on the topic, aides said.

Nielsen, in meetings with Trump, would attempt to explain to the president that her department was responsible for much more than immigration, according to two people familiar with the matter. But Trump’s staff, dealing with a president with a short attention span and a focus on border security, would push her to stay on topic.

Another person said Nielsen took the issue up herself, convening classified meetings with agency heads and Cabinet secretaries, and cross-government strategy sessions with FBI, Justice Department and intelligence officials to chart a path forward on cybersecurity and election security.

Garrett Marquis, spokesman for the White House’s National Security Council, said any suggestion that the administration is giving less than a “than a full-throated effort to secure America’s elections” was patently false.

“National Security Council staff leads the regular and continuous coordination of the whole-of-government approach to addressing foreign malign influence and ensuing election security,” he said.

The 2018 midterm elections passed with no major disruptions to election infrastructure, though thousands of emails were stolen from aides to the National Republican Congressional Committee by an “unknown entity,” federal officials said.

And intelligence agencies constantly warn about the potential for foreign interference.

Chris Krebs, the head of cybersecurity and infrastructure security agency at Homeland Security, has said he thought it possible that the 2018 elections were largely spared in part so foreign agents could save their gunpowder for 2020. Speaking to the Atlantic Council’s International Conference on Tuesday, Krebs said the most active cyber threats come from Russia and China, while on the lower end are Iran, North Korea and “then the extremists pace.”

He said the U.S. has made progress, especially on information sharing, but that’s the “minimum bar.”

“We have to get beyond information sharing … to operationalizing information security,” he said.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...