In the 1,006 days since Donald Trump became president, his administration has shown little vigilance when it comes to its own security, and a new internal memo suggests the White House is working to weaken its own cybersecurity safeguards.
Axios has published a memo written by the White House computer network defense branch chief Dimitrios Vastakis that warns “the White House is posturing itself to be electronically compromised once again.”
The White House did not immediately respond to a Gizmodo request for comment.
Vastakis submitted the memo as a letter of resignation last Thursday. As Axios reports, the letter comes after at least twelve top officials were dismissed or resigned from a cybersecurity team that protected the White House from security threats from Russia and other entities. This team—the Office of the Chief Information Security Officer (OCISO)—was built after the Obama administration was attacked by Russian hackers in 2014. As the memo states, the OCISO “was established to take on the responsibility of securing the Presidential Information Technology Community (PITC) network.” Since then, the team has “significantly matured the security posture of PITC and no major compromise has occurred,” according to the memo.
However, in July the OCISO was folded into the Office of the Chief Information Officer (OCIO)—an entity that is not covered under the Presidential Records Act, which mandates all records be preserved.
“It is highly concerning that the entire cybersecurity apparatus is being handed over to non-PRA entities,” the memo reads. “This is a significant shift in the priorities of senior leadership, where business operations and quality of service take precedence over securing the President’s network. As a career cyber security professional, this is alarming.”
Vastakis adds that he believes OCISO staff are “systematically being targeted for removal from the Office of the Administration (OA) through various means,” including “revocation of incentives, reducing the scope of duties, reducing access to programs, revoking access to buildings, and revoking positions with strategic and tactic decision making authorities.”
The security professional concludes his memo by predicting that history will repeat itself. Of course, the biggest question is why? Why hide this group’s actions from official records? Why weaken White House cybersecurity and drive out professionals? Once again, the White House did not immediately respond to Gizmodo’s questions and we’ll update this post when it does.