Photo: Saul Loeb/AFP via Getty Images

An internal memo on cybersecurity, obtained by Axios, warns that "the White House is posturing itself to be electronically compromised once again."

The state of play: That's after at least a dozen top- or high-level officials have resigned or been pushed out of a cybersecurity mission that was established under Barack Obama to protect the White House from Russian hacking and other threats, according to conversations with several current and former officials.

Why it matters: Warnings by officials from the former Office of the Chief Information Security Officer (OCISO) — which in July was folded into the Office of the Chief Information Officer (OCIO) — suggest new intelligence vulnerabilities. One White House official familiar with the developments said the consolidations could lead to a "Wild West" atmosphere.

Details: Many of the concerns are detailed in an Oct. 17 internal memo written by a senior White House cybersecurity director who is among the officials who have left the mission.

  • The memo doubled as a formal resignation letter by its author, Dimitrios Vastakis, who was the branch chief of the White House computer network defense. Vastakis did not respond to requests for comment.
  • Vastakis worked in the OCISO, established after Russian hackers breached some White House computers in 2014.
  • OCISO was created to "take on the responsibility of securing the Presidential Information Technology Community (PITC) network," per the internal memo.

The White House did not immediately respond to requests for comment.

  • A White House source familiar with the plans told me: "You have an entire section who’s dedicated to providing counter threat intelligence information" and "if you remove that, it’s like the Wild West again."

The president's team is trying to force out the career staff, especially the expert staff hired under Obama, according to another source familiar with the changes. They said the effects could leave the White House vulnerable to a "network compromise."

The organizational structure for the cybersecurity mission going forward also raises questions about the continuity, oversight and retention of records that had been covered by the Presidential Records Act (PRA).

  • "It is highly concerning that the entire cybersecurity apparatus is being handed over to non-PRA entities," the memo says.
  • "This is a significant shift in the priorities of senior leadership, where business operations and quality of service take precedence over securing the President's network," the memo says. "As a career cyber security professional, this is alarming."

Some cybersecurity officials feel they're being pushed out.

  • OCISO staff are "systematically being targeted for removal from the Office of the Administration (OA) through various means," the memo says. Those included "revocation of incentives, reducing the scope of duties, reducing access to programs, revoking access to buildings, and revoking positions with strategic and tactical decision making authorities."
  • Several sources described growing internal resentment after it was announced two months ago that staff would no longer be receiving their annual bonuses on Oct. 1.
  • Others have left voluntarily for different opportunities. Joe Schatz, the former White House Chief Information Security officer, left the team in August for a technology consulting firm, according to a news release.

Read the memo

Go deeper

The CIA's new license to cyberattack

Illustration: Aïda Amer/Axios

In 2018 President Trump granted the Central Intelligence Agency expansive legal authorities to carry out covert actions in cyberspace, providing the agency with powers it has sought since the George W. Bush administration, former U.S. officials directly familiar with the matter told Yahoo News.

Why it matters: The CIA has conducted disruptive covert cyber operations against Iran and Russia since the signing of this presidential finding, said former officials.

2 hours ago - Technology

Tech hits the brakes on office reopenings

Illustration: Annelise Capossela/Axios

Tech was the first industry to send its workers home when COVID-19 first hit the U.S., and it has been among the most cautious in bringing workers back. Even still, many companies are realizing that their reopening plans from as recently as a few weeks ago are now too optimistic.

Why it matters: Crafting reopening plans gave tech firms a chance to bolster their leadership and model the beginnings of a path back to normalcy for other office workers. Their decision to pause those plans is the latest sign that normalcy is likely to remain elusive in the U.S.

The existential threat to small business

Illustration: Eniola Odetunde/Axios

The coronavirus pandemic has changed the game for U.S. businesses, pushing forward years-long shifts in workplaces, technology and buying habits and forcing small businesses to fight just to survive.

Why it matters: These changes are providing an almost insurmountable advantage to big companies, which are positioned to come out of the recession stronger and with greater market share than ever.