Exactly a year after U.S. intelligence issued a stern warning about Russian interference in the 2016 presidential election, the Trump administration has failed to fill key homeland security posts responsible for preventing another Kremlin assault on the voting system.
Not only that, the White House hasn’t even nominated someone to replace now-White House chief of staff John Kelly as secretary of the Department of Homeland Security (DHS), or someone to run its units responsible for protecting the nation’s strategic infrastructure, which includes federal, state and local voting systems. Both are in the hands of “acting” officials.
“The administration is having a hard time finding individuals that want to do the job, could do a good job, and could pass Senate confirmation,” a congressional expert tells Newsweek, speaking candidly only on the basis he not be quoted by name.
“The second thing is, the administration doesn't seem to want to have anybody head up to the Hill and testify on issues that would be hot-button issues, namely anything to do with election security, cyber security, or the Russian acts from last year.”
Unless the administration puts its own political appointees in place at DHS, analysts say, the department will struggle to get protective systems up and running in time for the 2017 primaries and state and local races, let alone the 2018 elections. Acting department heads just don’t have the same powers of persuasion as people appointed by the president.
DHS‘s National Protection and Programs Directorate, or NPPD, responsible for thwarting foreign cyberattacks on the nation’s infrastructure, is currently being run by Acting Undersecretary Christopher C. Krebs, a former Microsoft lobbyist and cybersecurity policy chief.
“It being vacant hurts,” Erik Rasmussen, a former U.S. Secret Service prosecutor and special agent, tells Newsweek. “The head of that unit has deep cyber operational control and has a critical role to play in any critical infrastructure decision.”
Nor were several congressional officials responsible for homeland security oversight able to identify anyone in charge of the Election Infrastructure Cybersecurity Working Group, which, according to an NPPD announcement in July, was embarking on an ambitious program to integrate DHS with “not only state and local election officials, but also other federal agencies.”
DHS is also launching a Government Coordinating Council to liaise with the bipartisan U.S. Election Assistance Commission and 25 state and local officials, but “the membership and structure is still being finalized,” a department official tells Newsweek.
Three months later, the elections unit, “has not gone out and talked with state election officials to determine what exactly [they] need to increase their own cybersecurity defenses, and what kind of authorities the federal government might need to be able to help provide that assistance,” the congressional expert said. They are “just starting to look at it right now.”
At a press conference last week, Senator Richard Burr of North Carolina, chairman of the Senate Intelligence Committee, said that members of the panel shared a “general consensus” of agreement on the conclusions of last January’s intelligence community assessment that the Kremlin’s effort to interfere in the 2016 presidential campaign was directed by Russian President Vladimir Putin. “The overall theme of their involvement in the U.S. election was to create chaos at every level,” Burr said, declining to share another conclusion of the intelligence agencies that Putin’s aim was to tilt voters away from Hillary Clinton and toward Donald Trump.
Burr also said he was, “pleased with the progress” the homeland security department was making to prevent further election interference. But Democrats on Capitol Hill unanimously disagreed with that statement.
In a statement to Newsweek, Rep. Bennie Thompson of Mississippi, ranking Democrat on the House Homeland Security Committee, called Trump “irresponsible and reckless” for “leaving leadership positions at our cybersecurity agencies unfilled...almost ten months into this administration.”
Likewise, New Hampshire Sen. Maggie Hassan, a member of the Senate Homeland Security and Governmental Affairs Committee, told Newsweek, “what we urgently need is a genuine effort from congressional Republicans and the Trump administration to work with us...especially given the fast-approaching 2017 election…” On Thursday, the committee approved a bill introduced jointly by Hassan and Republican Sen. Rob Portman of Ohio that would enlist “‘white-hat’—that is, ethical—hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and information technology.”
Three weeks ago, DHS surprised election officials in 21 states with the news that Russian hackers had tried to access their voter information. On September 28, according to The Huffington Post, election officials in Wisconsin and California said DHS had “provided them with additional information showing that Russian hackers actually scanned networks at other state agencies unconnected to voter data.”
At a September 27 hearing of the Senate Homeland Security and Government Affairs Committee, the panel’s top Democrat, Missouri Senator Claire McCaskill, said she was "worried about how long it’s taken us to notify the states about the potential efforts to scan voter registration files in their states…” And she asked Trump administration officials, including acting DHS secretary Elaine Duke, "what is our strategy going forward? How are we going to do what needs to be done to notify the American public if this is going on, and prevent it from actually happening in all of these various ways that Russia played around in our democracy?”
Duke responded that DHS had learned to "notify the right senior [state] official” about Russian election intrusions.
Christopher Wray, who Trump appointed to replace James Comey as FBI Director, told McCaskill that, "We are surging more resources specifically focused on the upcoming elections…"
When they issued their joint statement on Russian election meddling last October 7, DHS Secretary Jeh Johnson and Director of National Intelligence James Clapper claimed that DHS was “providing several services to state and local election officials to assist in their cybersecurity,” including, “‘hygiene’ scans of Internet-facing systems, risk and vulnerability assessments, information sharing about cyber incidents, and best practices for securing voter registration databases and addressing potential cyber threats.”
Rasmussen, now a top cyber official with the global investigations firm Kroll, called the hygiene scan “a really good program,” but said, “I’m not sure how many entities actually use it.” In any event, he said, ”there are still too many voting platforms—vote by mail, paper vote, online vote, machine vote at a polling station—that are really vulnerable to outside sabotage or manipulation.”
DHS did not respond to several questions about its cybersecurity measures related to the elections.
“Overall,” says the congressional homeland security expert, “our assessment is that DHS is just really getting serious about this right now.”
How serious remains to be seen. As Laura Rosenberger, a senior former Obama administration national security official, puts it: “The person at the very top continues to deny that this is even an issue.” Last week, Trump tweeted that the Senate Intelligence Committee should be investigating “fake news,” not Russia’s election meddling and alleged collusion with him and his associates.
“I don't know where you go from there,” Rosenberger added. “We need a whole government strategy on this, and that requires White House leadership.”
It’s not likely to come, former Obama White House Counsel Bob Bauer wrote this week.
“A whole government approach would require an executive fully prepared to work with the Congress to meet this challenge,” Bauer said. “President Donald Trump has given no such indication: quite the opposite.”
More from Newsweek