The employees tasked with defending the United States from cyber threats now find themselves under attack—not from foreign hackers or cybercriminal gangs, but from their own government. The Trump administration’s recent actions against Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), have sent shockwaves through the agency.
On Wednesday, President Donald Trump signed an executive order calling for a Justice Department investigation into Krebs, a move that many employees view as politically motivated.
This order comes at a challenging time for CISA, which is already dealing with the fallout from repeated staff downsizing. In the past three months, the White House has cut back CISA’s workforce multiple times. Employees, speaking on the condition of anonymity, have expressed deep concern over the impact these actions are having on the agency’s ability to carry out its mission.
“It’s a really tough time for all of us right now,” one CISA employee shared. “Every day feels somehow more bizarre than the last. It is incredibly difficult to focus on our mission.”
Krebs, appointed by Trump as the inaugural head of CISA, played a critical role in building the agency into the U.S.’s primary defense against cyberattacks targeting critical infrastructure. Under his leadership, CISA became a trusted entity for safeguarding the country’s most vulnerable systems, from power grids to communications networks.
However, Krebs’ stance on the 2020 presidential election put him at odds with Trump. While Krebs dismissed the false claims of widespread election fraud that Trump promoted, this conflict escalated into a personal battle.
Trump’s executive order cites Krebs’ refusal to endorse claims of election fraud as one of the primary reasons for his investigation. The order, which was signed by both Trump and the Secretary of Homeland Security, directs the attorney general to “take all appropriate action to review” Krebs’ actions. As part of the fallout, Trump also revoked Krebs’ security clearance, further intensifying the controversy surrounding the former director. For many CISA employees, this action feels like an abuse of power aimed at silencing dissent.
One employee told NBC News, “I feel so sickened by this. It’s a shocking abuse of power.”
Krebs, who was dismissed by Trump two weeks after the 2020 election, was celebrated by many as a staunch advocate for secure elections and a defender of truth. He took a strong stand against the false claims of fraud that Trump and his allies used to justify efforts to overturn the election results. Krebs’ position was not just a disagreement with Trump but a crucial defense of the integrity of the electoral process.
The timing of Trump’s actions has raised alarms, especially as the country faces mounting cyber threats from both state actors and cybercriminal organizations. The most significant threat comes from China, which has demonstrated its ability to penetrate sensitive U.S. systems.
Meanwhile, ransomware attacks have grown into a multi-billion-dollar industry, targeting hospitals, schools, and businesses across the country. In the face of these ever-increasing threats, CISA’s role has never been more critical.
Yet, under the Trump administration, the agency’s ability to perform its duties is being undermined by the very people who should be supporting it. The political interference with CISA’s efforts to coordinate with technology companies to secure elections, defend against foreign propaganda, and protect critical infrastructure has intensified under Trump’s leadership. The president’s repeated attacks on Krebs and CISA have created a chilling atmosphere within the agency, where employees feel they must toe the line or risk retaliation.
“This EO targeting former director Krebs seems based in personal vendetta, and no American should be comfortable with that,” another CISA employee said.
The situation at CISA has grown increasingly dire. Emails obtained by NBC News reveal that the Department of Homeland Security (DHS), which oversees CISA, has been encouraging employees to take early retirement or accept buyout packages. These offers have sparked concern among employees about the agency’s future capabilities.
A second round of buyout offers was sent to staff, and Trump has nominated Sean Plankey as a permanent director of CISA. However, Plankey has yet to be confirmed by the Senate, and the agency remains uncertain.
According to a DHS spokesperson, “Every dollar spent and position filled at DHS should be focused on our core mission of securing our homeland and keeping the American people safe.” While this statement may sound reassuring, employees believe that these cuts are deeply damaging to the agency’s mission.
Jen Easterly, who succeeded Krebs as CISA’s director under President Joe Biden, has been outspoken about the potential risks posed by the repeated downsizing of CISA’s workforce. In a LinkedIn post, Easterly warned that weakening the U.S. government’s cyber defense capacity would leave the country more vulnerable to attacks.
“Degrading the capability and capacity of the federal cyber ecosystem—whether by laying off hundreds of highly talented cyber professionals at America’s cyber defense agency or by decapitating the highly effective, nonpartisan, and principled leadership of America’s most important technical intelligence agency—will only make Americans less safe and more vulnerable to our adversaries,” Easterly wrote.
The pressure on CISA employees is palpable. One employee expressed concern that the cuts would make it harder for the agency to secure critical infrastructure. “The cuts that happened initially have already severely degraded our capacity to defend critical infrastructure,” the employee explained. “The cuts that may come— I don’t know what the numbers are going to look like— but they without a doubt will further degrade our ability to defend critical infrastructure.”
As the situation at CISA deteriorates, the Trump administration has also targeted Krebs’s new employer, SentinelOne, a cybersecurity company. The executive order suspended the security clearances of employees working at SentinelOne, which responded by stating that it would “actively cooperate in any review of security clearances held by any of our personnel.” However, the company did not defend Krebs.
Employees within CISA are concerned that these actions could have a chilling effect on the cybersecurity community. One employee questioned whether there would be pressure to cover up vulnerabilities in software or systems that could upset the president.
They asked, “Will there be pressure to avoid public vulnerability if the CEO is close to the president?” This concern highlights the growing fear that political influence is interfering with the objective and critical work of securing the nation’s cyber defenses.
As the situation unfolds, the impact on CISA’s ability to protect the country from cyber threats remains uncertain. The agency’s future looks increasingly uncertain, and the ability to defend against foreign threats and criminal organizations may be compromised.
Disclaimer: This article has been meticulously fact-checked by our team to ensure accuracy and uphold transparency. We strive to deliver trustworthy and dependable content to our readers.
