The U.S. government’s cybersecurity agency recently rejected requests from senior Department of Homeland Security officials to share private companies’ confidential information, two people familiar with the matter told POLITICO, in the latest dust-up between the cyber agency and Trump administration appointees.
The requests from DHS Assistant Secretary for Public Affairs Alexei Woltornist set off alarm bells inside the Cybersecurity and Infrastructure Security Agency, a component of DHS, because the agency sees protecting its partners’ information as key to maintaining productive relationships with them, one of the people said.
CISA has been helping to lead the investigation into the wide-ranging SolarWinds hacking campaign, which compromised numerous federal agencies and corporate networks. That campaign was "likely Russian in origin,” CISA said in a joint statement Tuesday with the FBI, the Office of the Director of National Intelligence and the NSA.
The cyber agency has also collided with President Donald Trump, who dismissed former CISA Director Chris Krebs after he debunked the president’s conspiracy theories about the election.
Woltornist wanted CISA to turn over information that businesses shared with the agency related to the SolarWinds campaign, according to the second person.
A DHS spokesperson confirmed that the department made the request but not that it involved SolarWinds.
“A request was made from DHS headquarters to CISA on all areas of critical infrastructure and the contractual steps taken by CISA to protect private sector information,” spokesperson Chase Jennings said. “With the scale of the recent cyber breach, information sharing on threats across the US government, while protecting contractual obligations, is a top priority of the department. DHS headquarters is responsible for overseeing operational functions of all its components, including CISA.”
Technical data about cyber intrusions sometimes reveals proprietary information about the organization sharing it. When CISA solicits this information from businesses as part of its effort to understand cyber threats, it typically promises not to share confidential data with other agencies.
A CISA spokesperson, who insisted on anonymity to discuss internal matters, said that “CISA regularly shares operational information with DHS leadership” but did not address this specific request.
The dispute, first reported by The Wall Street Journal, ramped up the tensions between Trump loyalists inside the government and CISA, which earned the president’s ire by debunking the false claims of election fraud that he and his conservative allies promoted to discredit President-elect Joe Biden’s victory.
In addition to firing Krebs, the White House also forced out his deputy and another top CISA official. On Tuesday, the White House dismissed Sara Sendek, CISA’s director of public affairs, who joined the government alongside Krebs and worked closely with him to promote CISA’s election security work.
One of the people familiar with the matter linked Woltornist’s requests for confidential data with the friction that prompted Sendek’s ouster.
“Political leaders at DHS were trying to interfere with [CISA’s] operational relationships with private-sector partners,” this person said, “and I think that was the final straw.”