Chris Krebs’ firing by President Trump puts the United States at greater risk for cyberattacks. It also damages the relationship between the cybersecurity industry and government.

That’s according to Joseph Carson, chief security scientist and advisory CISO at Thycotic. He’s among several cybersecurity experts who commented on the firing.

Krebs was director of the Cybersecurity and Infrastructure Security Agency (CISA). Trump fired him because he said there’s “no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised.”

Thycotic’s Joseph Carson

“Christopher Krebs is an exceptional leader who closed the gap between industry and government, bringing security experts together to protect the United States from cyberattacks,” Carson said.

Governments need leaders like Krebs to ask tough questions, speak the truth and be transparent with citizens, he said.

“The CISA has become an important cybersecurity intelligence source under Krebs’ leadership and went well beyond the requirements they set,” Carson said.

Krebs’ loss damages the relationship between industry experts and the government, he said. Krebs was bridging the gap that’s now void.

Damaged Credibility

Nigel Thorpe is technical director at SecureAge. He said damaged credibility is a major short-term consequence.

SecureAge’s Nigel Thorpe

“Every state official that’s seen their career cut short as a result of the president’s temperament is piling onto the potential for skepticism from the intelligence community and state partners, foreign and domestic, regarding future statements made by CISA about the election or any other pertinent matters,” he said.

There’s also the question of whether Krebs’ replacement will be trustworthy or a Trump loyalist, Thorpe said.

“Will they, too, undercut the validity of the election process?” he said. “These questions alone can erode trust in our cyber defense integrity around the world. And they’ll remain an unfortunate constant throughout the narrative in the Krebs firing fallout until the new administration takes hold.”

The message this move sends to the broader international collection of cybercriminals and advanced persistent threats (APTs) is very negative, Thorpe said. It says the United States is divided and distracted, and lacks a united defensive front against cyberattacks.

“We could very well see an uptick in continued activity from current threats, as bad actors may see this news as a rallying cry over the weeks ahead,” Thorpe said. “Disinformation campaigns regarding election results, COVID-19 themed phishing attacks and data theft attempts on our health care and vaccine research infrastructures were all already happening. Now they might happen a bit more often.”

Impacting CISA

Dirk Schrader is global vice president of New Net Technologies (NNT).

NNT’s Dirk Schrader

“In cybersecurity, the capability of an organization’s management to orchestrate and to steer initiatives is vital for the overall security status,” he said.

If management changes or disappears, the cybersecurity strategy is in jeopardy, Schrader said.

“That hampers an organization’s ability to respond the ever-changing environment,” he said. “It is not different for the CISA with the demise of two senior figures in the past 24 hours. It will impact the agency’s ability to steer, to orchestrate.”

Heather Paunet is senior vice president at Untangle. She said the firing once again …

… brings cybersecurity into the media spotlight.

Untangle’s Heather Paunet

“We continue to see an increase in malicious attempts this year as cybercriminals continue to take advantage of businesses transitioning to working from home quickly, overloaded hospitals, or school districts implementing distance learning,” she said. “Bringing cybersecurity to the spotlight again today will hopefully keep it as a focus for all business and organization leaders.”

Vaccine Makers Targeted

Also in the news, COVID-19 vaccine makers are facing Russian and North Korean cyberattacks. Microsoft said it’s detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19.

Quentin Rhoads-Herrera is CriticalStart‘s director of professional services. He said cybercriminals are leveraging various methods. Those include phishing, externally exposed vulnerabilities, weak passwords or zero-day attacks.

The attacks could have wider implications if successful, he said. Attackers could successfully delay research, or alter or destroy sensitive data and information.

These companies should ensure their user passwords are complex, Rhoads-Herrera said. They should leverage multifactor authentication and patch their systems. Furthermore, they should consult with external security experts for either penetration testing or other security work to evaluate their standing.

Tablets, Smartphones a Threat

Hank Schless is senior product marketing manager at Lookout. He said tablets and smartphones now have access to corporate infrastructure and sensitive intellectual property (IP). While this increases efficiency, it also exposes these organizations to new risks.

“In our latest industry threat report, we found that 77% of mobile phishing attempts on pharmaceutical organizations through the third quarter of 2020 intended on delivering malware,” he said. “This is an indication that cyberattackers are looking for ways outside of credential harvesting to compromise pharmaceutical organizations.”

Nation states and cybercriminals are seeking pharmaceutical IP, Schless said. In 2020, cybersecurity authorities in the United States and the United Kingdom warned pharma companies of potential attacks related to COVID-19 research.

Out-of-date operating systems, mobile app threats and network threats consistently target employees in every part of an organization, he said.