Cybersecurity

Lieu seeks answers from White House about cybersecurity purge

By Andrea Izzotti shutterstock id 147037244 

A member of Congress wants Acting White House Chief of Staff Mick Mulvaney to answer for recent reports that indicate the White House's cybersecurity team has been gutted.

In an Oct. 25 letter, Rep. Ted Lieu (D-Calif.) references an Oct. 17 memo from Dimitrios Vastakis, former Branch Chief of White House Computer Network titled "Cyber Security Personnel Leaving Office of the Administration at an Alarming Rate."

Vastakis, complains that his Office of the Chief Information Security Officer had been absorbed into the CIO office and claims officials White House have been "systematically" targeting security personnel with “hostile” actions meant to drive them out and objected to changes in organizational structure that would put the team’s actions under a White House entity not covered by the Presidential Records Act.

The memo, obtained and first reported on in Axios, claimed that these tactics included revoking incentives, reducing the scope of duties, reducing access to programs and buildings and revoking positions with strategic and tactical decision-making authorities. It notes that these tactics have "forced the majority of GS-14 and GS-15 OCISO staff to resign."

"While the immediate concern of a potential network breach is paramount, cyber infiltration can also result in a long-term serious threat to national security," Lieu wrote. "Additionally, the apparent effort to move cybersecurity operations into an office exempt from the Presidential Records Act fits the President’s history of obstructing and hiding transcripts and government business by manipulating internal bureaucratic procedures."

The memo has raised alarm in some quarters about whether the changes will make White House systems more vulnerable to compromise from foreign intelligence agencies and hacking groups. Those concerns are only heightened going into a 2020 Presidential election cycle that U.S. officials have said are already being targeted by Russia, Iran and others. Recently, Microsoft revealed that an Iranian group had targeted 241 Microsoft email accounts associated with U.S. government officials, journalists and a presidential campaign later identified as the Trump 2020 campaign.

Lieu, who sits on the House Foreign Affairs and Judiciary Committees, asks Mulvaney whether he is aware of efforts to oust White House cybersecurity officials, what steps he’s taking to find replacements, why an organizational change was made to put the team under an entity not covered by the Presidential Records Act, whether intelligence agencies have weighed in on the changes and if he will commit to provide Congress with documents related to the decision.

"A White House data breach would give our adversaries an untold advantage in almost every foreign policy and national security matter," he wrote.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • FCW Perspectives
    tech process (pkproject/Shutterstock.com)

    Understanding the obstacles to automation

    As RPA moves from buzzword to practical applications, agency leaders say it’s forcing broader discussions about business operations

  • Federal 100 Awards
    Federal 100 logo

    Fed 100 nominations are now open

    Help us identify this year's outstanding individuals in federal IT.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.