The chief of the White House's computer network defense branch, Dimitrios Vastaki, in an October 17 memo published by Axios and doubling as his resignation letter, wrote: “Given all the changes I’ve seen in the last three months, I foresee the White House is posturing itself to be electronically compromised once again.”
According to Ars Technica, which also reported on the memo, the White House Office of the Chief Information Security Officer was established after a friendly foreign government revealed the 2014 breach of an unclassified White House network by Russian intelligence. But, in July the office was absorbed into the White House Office of the Chief Information Officer.
In August, according to Ars Technica, White House CISO Joe Schatz left the White House for a technology consulting firm. In the memo, Vastaki said that “hostile” behavior since then by the White House Office of Administration has caused most senior staffers in the Office of the Information Security Officer, including himself, to resign, and that there will be more resignations to come.
“It is my express opinion that the remaining incumbent OCISO staff is being systematically targeted for removal from the Office of Administration,” wrote Vastakis, citing revoked incentives, narrowing duties and reduced systems and facilities access. Vastakis warned that a planned transfer of the cybersecurity mission to the White House Communications Agency would be in “direct conflict” with the recommendations of the Office of Administration’s general counsel. That’s because it would put data required to be preserved under the Presidential Records Act outside the Executive Office of the President’s purview. “Considering the level of network access and privileged capabilities that cybersecurity staff had, it is highly concerning that the entire cybersecurity apparatus is being handed over to non-PRA entities,” Vastakis wrote.
“At least a dozen” senior officials have left the cybersecurity mission, reports Axios, citing “conversations with several current and former officials.”
A White House official familiar with the plans reportedly said: “You have an entire section who’s dedicated to providing counter threat intelligence information” and “if you remove that, it’s like the Wild West again.” A second White House cybersecurity memo published by Axios, dating to June 1, said that White House cybersecurity and information technology officials were tasked with “proactively identifying and investigating leaks of sensitive information, such as the President’s movements and schedule, which have a direct impact on his physical security.”
One source familiar with the situation told Axios that some White House cybersecurity officials faced a “turbulent” and “toxic environment.”
A TechRadar blog post opines: “While cleaning house may seem like the right move from President Trump’s position, dealing with staff hired under the Obama administration would likely be much easier than dealing with the cyberattacks their departure could end up leading to.”
The White House did not comment to Axios on either memo.