ITP Techblog

Joe Biden has been confirmed as the winner of the US presidential election but the man who was responsible for the security of that election, Chris Krebs, has paid the ultimate price for his integrity.

Krebs was fired by President Trump, via Twitter, on November 17 after the government body he led, the Cybersecurity and Infrastructure Security Agency, issued a statement rejecting Trump's claims that election ballot machines had manipulated the vote in Biden's favour.

Over the weekend, Krebs gave this first interview on being fired, to 60 Minutes, reflecting on going up against an administration that spread misinformation and outright lies to undermine the election result.

Krebs had ultimate responsibility for US Government efforts to secure critical infrastructure, including nuclear power plants and the entire federal and state election system. A life-long Republican, Krebs was appointed to head CISA in 2017 with the unanimous support of the US Senate after working on cybersecurity in the Bush administration and serving a stint as Microsoft's director of cybersecurity policy.

He told 60 Minutes that from the very start of his time at CISA, the agency's priority was to prevent efforts to hack election vote-counting machines.

The agency ran "countless gaming scenarios" to prepare their defences. So when Krebs and his team gathered at their command centre on election day to monitor the voting, it was no surprise that the day progressed as expected - with the election officials and the hardware they used doing their intended jobs.

"It was quiet," says Krebs. 

Chris Krebs (left) terminated for doing his job

No indication of hacking

"There was no indication or evidence that there was any sort of hacking or compromise of election systems."

Then the vote turned against Trump and he and his legal team put the misinformation machine into action. In a tweet, flagged for containing misinformation, President Trump claimed that vote-counting machines run by the Dominion Voting Systems company had "deleted 2.7 million Trump votes".

In a press conference on November 5th, Trump told reporters that "this is a case where they are trying to steal an election. They are trying to rig an election."

Krebs was incredulous. 

"The proof is in the ballots," he told 60 Minutes. 

"The recounts are consistent with the initial count. If there was an algorithm that was flipping votes, it didn't work."

He points to states like Georgia, which completed a hand recount of five million ballots, which confirmed the results recorded by the voting machines. 

"That gives you the ability to prove there was no malicious algorithm or hacked software that adjusted the tally of the vote," he says.

"That pretty thoroughly, in my opinion, debunks some of the sensationalist claims out there that there is some hacking of these election vendors and their software and their systems across the country," he adds.

John Poulos, the founder of Denver-based Dominion Voting Systems wrote a piece on Sunday in the Wall Street Journal calling the Trump legal team's claims of voter machine tampering "bizarre".

"There is no secret 'vote flipping' algorithm. Third-party test labs, chosen by the bipartisan Election Assistance Commission and accredited by the National Institute of Standards and Technology, perform complete source-code reviews on every federally certified tabulation system. States replicate this process for their own certification," he wrote. 

"These attacks undermine the tens of thousands of state and local officials who run our elections." he added. 

CISA: Most secure election - ever

CISA responded to the claims in its statement claiming the election was the "most secure in American history". In doing so, Krebs sealed his own fate, at odds with a president desperate to stay in power and willing to undermine the integrity of the country's electoral system to do so.

Krebs did the right thing and helped secure an election which saw a record turnout of voters. But he was immediately removed from his position.

"It's not how I wanted to go out," he says.

"The thing that upsets me about that is that I didn't get a chance to say goodbye to my team. 

Last year I spoke to Krebs' predecessor, Greg Touhill, who served as President Obama's chief information security officer. Touhill abruptly left the CISO role in the US Government with the arrival of Donald Trump in the White House. Did he quit, unwilling to work for Trump?

"Cybersecurity is a non-political issue and so am I," Touhill told me.

"I have served every president of the United States since Jimmy Carter, but our officers take an oath to the constitution, not to a person. I left the campsite a lot better than I found it, but there's still a lot of work to be done."

Krebs' Republican leanings didn't do him any favours in the end as he chose to do his job rather than enable one of the most cynical efforts to manipulate an election, one that came not from foreign actors, but from the White House itself.

"I did it right, we did it right," says Krebs. 

"It was a secure election."