Trump Attacks Leave U.S. Cybersecurity Agencies Hollowed Out And Managed By Useless Zealots

from the spray-tanned-self-sabotage dept

We’ve noted time and time again that Trump’s attack on U.S. cybersecurity defenses and oversight are utterly indistinguishable from a foreign attack. Perhaps with the exception of more lip filler, spray tans, diabetes, bogus efficiency, and fake piety.

That’s been particularly true for Trump’s attack on the Cybersecurity and Infrastructure Security Agency (CISA), which has done a lot of heavy lifting in recent years when it comes to thwarting security threats, maintaining election cybersecurity, providing useful threat assessments for orgs that can’t afford to do their own, and even deterring the spread of misinformation about government security.

The Trump administration has requested CISA’s $3 billion budget be slashed by nearly half a million dollars and cut a reported third of its workforce. The organization has had to freeze most of its cybersecurity election protection work. Folks who worked on protecting the country from foreign cybersecurity threats have been redirected toward harassing minorities.

The Verge has a good read on how important key spots in DHS and CISA have been filled by weird and incompetent Trump-loyal zealots, causing chains of failures across U.S. cybersecurity defenses. So when things happen, like Iranian government-linked hackers accessing and modifying Arizona election websites, people can no longer trust CISA to competently lend a hand:

“It was late June, and something strange was happening on Arizona’s online portal for political candidates. Images of the candidates were disappearing. Photos of the Iranian Ayatollah Ruhollah Khomeini were popping up in their place. The state would later come to believe it was an attack from an Iranian government-affiliated group. When they first discovered the threat, though, they were in the dark — and they needed help.

Arizona Secretary of State Adrian Fontes’ office took action to contain the threat, which he says did not impact personal voter information. But one thing he didn’t do was contact the federal agency that would have once been among Fontes’ first calls: CISA.”

Experts are already seeing an increase in scams, ransomware attacks, and foreign government probes of key U.S. systems. And Trump’s incompetence and sabotage extends way beyond CISA.

The Trump administration has also gutted government cybersecurity programs (including a board investigating Salt Typhoon, the biggest Chinese hack of U.S. telecom networks in history), and dismantled the Cyber Safety Review Board (CSRB) (responsible for investigating significant cybersecurity incidents).

Over at the FCC, Trump’s hand-picked earlobe nibbler Brendan Carr has been derailing agency plans to impose some baseline cybersecurity standards on “smart” home devices (because hardware vendors don’t want oversight). Carr is also killing new FCC rules requiring telecoms do a better, more transparent job securing their networks from foreign attacks (because again, AT&T and Comcast don’t want oversight). And he’s making it easier for robocalling scammers to abuse U.S. voice and data networks (because, yep, U.S. marketing companies don’t want oversight).

This will harm, and even kill, a lot of people.

MAGA loyalists don’t care because they aren’t interested in leadership and governance, they’re interested in scrapping the country for parts and selling it off the back loading dock. Whether or not that lines up with foreign governments and criminal organizations keen on undermining national security isn’t something they’re bright enough to understand or ethical enough to care about.

Filed Under: cisa, cybersecurity, donald trump, fraud, privacy, security, telecom