Chris Krebs is the Department of Homeland Security’s top official in charge of critical infrastructure, and election systems are front-and-center in that work ahead of the midterm elections. He walks us through a typical day at his division, outlines how DHS is working with the NSA to boost election security, and contrasts the 2018 election-security posture with that of 2016.
CyberScoop: DHS is charged with helping 16 different critical infrastructure sectors, including election infrastructure, defend themselves from cyberthreats. In the run-up to the midterm elections, what does your typical day look like in balancing all of these issues and prioritizing the most important?
Chris Krebs: I do spend a good chunk of … the beginning part of the day looking at where we are on certain projects in support of state and local [election officials]. What the path forward looks like in the runup to [the midterms]. We’ve done a number of exercises both externally and internal to government with interagency partners. I’m making sure that I’m getting everything I can from the IC [intelligence community], and that they’re getting everything from me that I can provide them.
So we spend a lot of time in the morning on elections and then just as things come in over the course of the day.
Every day is going to be different, but if I had themes it would be a good chunk of the morning is on elections, and then the balance of the day … sitting down with the team and really getting updates on where we are on the [National Risk Management Center] sprints, where we are on supply-chain risk management, where we are on industrial control systems, and where we need to take that line of engagement with industry.
CS: You said you’re making sure you’re getting all of the election-security information you can from the IC. Elaborate on how you’re doing that and why it’s important.
CK: Across the leadership ranks, as I see it, in the federal government — particularly DHS and the NSA and the Department of Defense — there is a common understanding that we all have to do what we can to defend democracy, whether it’s the actual technical election hacking or these information and interference operations. So as intelligence comes through, we are seeing the NSA flag for us — I’m not saying that there’s this treasure trove of intelligence — but when things come through that are related to us, they do prioritize and flag (it) for us. And then we can work through the declassification process. We can put the request in.
Across the board, the IC is much more responsive than I think they were probably before we had a real appreciation of what 2016 was all about.
We do work really closely with the NSA right now; we work very closely with the Department of Justice and FBI and DOD, but also the sector-specific agencies [SSAs]. Honestly, for as far as I can remember back — 10 years — there’s always been tension between DHS and the SSAs. But now … I think our interests are so clearly aligned that we have a common adversary that is a nation-state that is very capable, and if we don’t work together then we’re toast, and we’re not going to be able to help out our stakeholders, whether they’re state and local [officials] or hard infrastructure.
CS: Are you concerned at all by a shortage of security clearances for state and local officials? Are they getting the threat intelligence they need to defend their networks?
CK: This does not keep me up at night, let’s put it that way. … We are at 100 security clearances issued [to state and local officials]. That’s just a process; that’s just a mechanism. If I need to get a piece of intelligence to a senior official in a state, I’ll either be able to do a one-time read-in to that official, or I’m going to go talk to their homeland security adviser, or their adjutant general for the National Guard, or the governor. We will get that information to them.
The difference right now between this time two years ago, was when DHS or the intelligence community or the FBI showed up and said, “Hey, I need you to go do something but I can’t tell you why,” a secretary of state, who had never been a stakeholder before in this homeland security process, kind of said, “I don’t know who you are. I don’t know why you’re telling me to do this … I don’t trust you.”
So what we’ve done over the last year alone in addition to the security clearances, which is kind of a red herring more than anything, is develop relationships, put a lot of effort into delivering value — whether it’s technical services, information-sharing mechanisms, other avenues of support. … And we have built, through those relationships, we’ve built trust. So even if there is someone out there who doesn’t have a security clearance and I called him up — or [senior DHS cybersecurity adviser] Matt Masterson called him up, and said, “Hey, I need you to do something. We’re working on getting the downgrade and the declassification, but it’s really important that you go block this port or you go take this machine offline,” I am extremely confident that we’ll see follow-through there because we’ve built trust and trust is what matters right now.
CS: Does President Trump’s history of public equivocation on the intelligence community’s conclusion that Russia meddled in the 2016 presidential election undercut DHS’s message on the importance of bolstering election security at the state and local level?
CK: I think the discourse in general at the [news] headline level has been conflated. I think there’s this issue — the special counsel’s office and the prosecutions and the indictments and the investigation of collusion — everything has gotten kind of conflated. But I’ll tell you from a White House perspective and the meetings that I’ve been in with the president, and that I’ve been in with the national security adviser, on election hacking, there’s no ambiguity. The president completely supports the intelligence community assessment on the Russian efforts to hack into state and local election networks. So we run with that, we’ve got what we need, we communicate that.
I think when we talk about the state and local engagements, those that we have in the Government Coordinating Council in particular, [the state and local officials are] not focused on the headlines. They’re focused on their constituents. They’re focused on … administering their elections.