© 2024 Connecticut Public

FCC Public Inspection Files:
WPKT · WRLI-FM · WEDW-FM · Public Files Contact
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

After Detailing Russian Hack, White House Cyber 'Czar' Announces Departure

The National Security Administration campus in Fort Meade, Md., where the U.S. Cyber Command is located. Acting Homeland Security Adviser Rob Joyce said Monday he would leave the White House to return to the NSA.
Patrick Semansky
The National Security Administration campus in Fort Meade, Md., where the U.S. Cyber Command is located. Acting Homeland Security Adviser Rob Joyce said Monday he would leave the White House to return to the NSA.

Updated at 6:55 a.m. ET

The Trump administration's cybersecurity coordinator, Rob Joyce, said Monday that he will leave his post — an announcement that comes just a week after the exit of his boss, Homeland Security Adviser Tom Bossert.

The announcement of the departure of Joyce — who is acting homeland security adviser after Bossert's departure — followed by hours a joint U.S., U.K. and Australia statement condemning Russia for a cyberattack last year that apparently targeted government and corporate networks for the purposes of economic and political espionage.

Joyce said he was leaving to return to the National Security Agency.

"Serving as the White House's cybersecurity coordinator for the last 14-months has been a tremendous opportunity to work on some of our nation's most important cyber challenges," Joyce said in a statement, according to The Washington Post. "I look forward to continuing to serve our nation at the agency I've called home for the last 27 years."

While Bossert's departure has been attributed to new National Security Adviser John Bolton, a White House official quoted by Reuters characterized Joyce's move as voluntary, saying he was "three months past his detail of a year."

The Post reports, "Joyce, a career federal employee, will stay on as needed to facilitate the transition to his eventual replacement, White House officials said. He is currently also serving as the acting deputy homeland security adviser, which includes coordinating responses to natural disasters and monitoring terrorism threats."

According to Wired, the loss of Bossert and Joyce in quick succession "will slow the ability of the US to think about big-picture cybersecurity concerns. And replacing them may not be easy."

Wired writes that "Bossert's purview extended beyond cybersecurity specifically, but America's security from digital threats has nonetheless been an area of particular focus for him since he served as deputy homeland security advisor in George W. Bush's second term." It says "Joyce, meanwhile, brought serious hacker bona fides to the White House earned after years of running the NSA's elite hacking team known as Tailored Access Operations."

In October, the White House declined to allow Joyce to testify before the Senate Armed Services Committee citing executive privilege and past precedent, briefly parking talk of a subpoena that never materialized.

Earlier Monday, the U.S. and Britain publicly blamed Russia for a global cyberattack last year that quietly hit government and corporate networks. Later, Australia joined in the statement.

The August 2017 attack reportedly involved planting malware on Cisco routers used by government agencies and companies to steal secrets and possibly "lay the foundation for future offensive cyberattacks," according to Reuters.

A joint statement by the U.S. Department of Homeland Security, the FBI and the U.K.'s National Cyber Security Centre, said the Russian attack targeted "government and private-sector organizations and infrastructure, and internet providers supports these sectors."

"Victims were identified through a coordinated series of actions between U.S. and international partners," according to an alert issued at the same time by the U.S. Computer Emergency Response Team (US-CERT).

"When we see malicious cyberactivity, whether Kremlin or other nation state actors, we are going to push back," Joyce said in a call with journalists hours before he announced his departure.

The joint statement said the Russian hack was specifically directed at "network infrastructure devices worldwide such as routers, switches, firewalls, network intrusion detection system."

"Russian state-sponsored actors are using compromised routers to conduct spoofing 'man-in-the-middle' attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations," the statement said.

Reuters reports that "The Kremlin on Tuesday said it did not understand the basis for British and U.S. allegations ..."

Copyright 2021 NPR. To see more, visit https://www.npr.org.

Scott Neuman is a reporter and editor, working mainly on breaking news for NPR's digital and radio platforms.

Stand up for civility

This news story is funded in large part by Connecticut Public’s Members — listeners, viewers, and readers like you who value fact-based journalism and trustworthy information.

We hope their support inspires you to donate so that we can continue telling stories that inform, educate, and inspire you and your neighbors. As a community-supported public media service, Connecticut Public has relied on donor support for more than 50 years.

Your donation today will allow us to continue this work on your behalf. Give today at any amount and join the 50,000 members who are building a better—and more civil—Connecticut to live, work, and play.

Related Content