MADISON, Wis. — Among the long list of uncertainties surrounding the presidential transition is how the nation weathers a growing cybersecurity storm over the coming months.

President Trump’s firing of Chris Krebs, the widely respected cybersecurity chief within the Department of Homeland Security, won’t help.

Krebs was fired because he made the mistake of calling the 2020 election “the most secure in American history,” which doesn’t fit Trump’s narrative to the contrary. Putting aside the election and any major security breaches, real or imagined, the U.S. business and healthcare communities are cringing over how the world’s crooked cyber-mice might play now that a trusted cat is away.

Republican members of Congress have been among those to praise Krebs, a former Microsoft executive who led that company’s cybersecurity policy team before joining the Trump administration in 2018. The list includes U.S. Rep. Mike Gallagher, the Green Bay Republican who serves on the House Homeland Security Committee and its Cybersecurity and Infrastructure Security Subcommittee. Gallagher has co-sponsored four cybersecurity bills.

“Chris Krebs did his job and he did it extremely well,” said Gallagher, something of a cyber-security hawk when it comes to foreign and domestic attacks on the nation’s digital infrastructure. “The country is safer and our elections more secure from foreign interference because of (Krebs’) leadership …”

Because the pandemic has forced organizations to make rapid changes to business structures, it can lead to gaps in information technology systems.

What is ransomware? In general, it’s a type of malicious software designed to block access to a computer system until a sum of money is paid. Experts say that if everyone who is subject to a ransomware attack attach refused to pay, it might simply go away.

Particularly vulnerable are health care systems. It was reported recently by xtelligent Healthcare Media that the FBI is investigating a wave of cyberattacks, including Ryuk ransomware and Trickbot malware, that are targeting American hospitals, health systems and other providers. Bring down a hospital’s electronic health records system and innocent people might die, which makes the trend that much more reprehensible.

Ransomware is not the only way cyber-crooks make their money.

“Microsoft Cloud accounts are a treasure trove for cybercriminals looking for sensitive organization data,” Aberdean’s Jim Blair wrote. “Attackers use email-based phishing or spear-phishing attacks, automated credential stuffing, or ‘brute force’ password guessing attacks. The dark web contains 9 billion compromised user passwords that hackers are using.”

Krebs once wrote a column that was headlined, “Turn on MFA Before Crooks Do It For You.”

Winter is coming, the COVID-19 pandemic is raging on and cyber-criminals are more focused on the United States than any other nation. It’s not that Chris Krebs would have been retained by the Biden administration, but was this a smart time to fire the guy at the head of the nation’s cybersecurity pyramid along with key members of his team? That answer is a resounding “no.”

Still is president of the Wisconsin Technology Council. He can be reached at tstill@wisconsintechnologycounil.com.

Load comments