Election officials should brace for direct attacks from the Trump administration and its state GOP allies on the integrity of U.S. elections — and plan for the possibility that federal agencies once charged with protecting elections will leverage their authorities to interfere in the process, a voting rights nonprofit warned.

In a report released Wednesday, researchers at the Brennan Center for Justice say the Trump administration’s actions suggest that the White House is preparing for an unprecedented federal intervention in the way elections are administered ahead of 2026 and 2028.

Those interventions include attempts to enact state-level bans or restrictions on mail-in voting, the use of lawsuits or criminal charges against election officials who don’t follow President Donald Trump’s orders, pushing mass state voter roll purges based on potentially inaccurate citizenship data, the deployment of the military in American cities and towns to  intimidate voters and state officials, and the potential decertification or seizure of voting machines.

The scenarios are all based on actions the administration has already taken this year or in its first term, statements made by Trump and his aides, lawsuits filed by the Department of Justice and supporting efforts from Republican-led state legislatures.

Lawrence Norden, vice president for the elections and government program at the Brennan Center and one of the report’s authors, told CyberScoop that the document is targeted at three audiences who will be on the front lines in Trump’s war for control over elections: state election officials, policymakers and the public at large.

In 2020, the public was subjected to a deluge of false and unproven claims around election fraud, dead voters and hacked voting machines. While those claims had limited effect influencing voters outside of Trump’s orbit, many federal officials — including Chris Krebs, his own nominee for cybersecurity and election security chief — contradicted his claims of mass fraud. This April, Trump ordered the Justice Department to investigate Krebs for his statements about the 2020 election.

This year, the Department of Homeland Security hired Marci McCarthy and Heather Honey, who both actively tried to overturn the results of the 2020 election. McCarthy is now the top public affairs official at CISA, while Honey was recently named to a position overseeing election security efforts at DHS. Other agencies, like the FBI and the DOJ, have shifted from supporting state elections to investigating and suing election offices over their voter registration practices.

Whatever the administration ends up doing, Norden said it would be wise to plan ahead for different possibilities.

“One of the most effective ways to defeat misleading or false information is to call it out ahead of time, so when it comes to [dubious] reports we might see from government agencies, better to call it out now and say that this is part of a concerted effort and there are reasons not to trust it,” Norden said.

Meanwhile, he said policymakers at the state level “need to be planning and preparing for the next steps” to protect their constitutional rights while running upcoming elections.

“So being ready to have the backs of their election officials, being ready for politicized investigations that may come, being ready for efforts to interfere in the ability of election officials to run their elections according to state law, they need to be preparing for that now,” Norden said.

Trump uses public doubt and skepticism as policy fuel

One possibility floated in the report is the administration moving to decertify voting machines used in some or most states through the Election Assistance Commission. Last week, Trump argued against mail-in ballots and “voting machines,” claiming an executive order that limited their use would soon be issued. The EAC is responsible for overseeing the labs that test and certify voting machines nationwide to ensure they are secure and meet the necessary standards.

While the White House later walked back the possibility of an executive order, the administration has already attempted to compel the EAC to alter voter registration forms to require proof of citizenship and withhold federal funding to states that do not cooperate with federal agencies on election-related matters. A federal judge has nullified parts of that order. 

Such certifications are technically voluntary on the part of voting machine manufacturers, but states and localities have overwhelmingly treated them as industry standard when purchasing their machines. Depending on the timing, the mass decertification of certain systems ahead of an election could inject chaos among states, which cannot easily or quickly buy, replace, and test new voting equipment.

For states that do count votes using decertified machines, it could lead the public and political leaders to question the legitimacy of future results. This may give the Trump administration more support to sow doubt and challenge how states run their elections, the type of ballots they accept and how they process vote counts.

The perception of voting impropriety in any future messaging from the Trump administration, even if it is false, is a key issue states will also have to contend with. All politicians use repetition in their political messaging, but for Trump, it is especially crucial to how he communicates, regardless of the actual facts.

Stacy Rosenberg, an associate teaching professor at Carnegie Mellon’s public policy school, told CyberScoop that Trump’s rhetorical style requires aggressive repetition around simple themes — like mass noncitizen voting and poorly maintained voter rolls —, because they help create the political will for the administration and its allies to take more extreme actions that couldn’t otherwise be justified based on law or precedent.

“The attempt to have federalized voting is not something we typically see in the United States, so when elections are questioned, there may be people who say, ‘well, it’s justified for the federal government to come in and make changes,’” Rosenberg said. “We’ll have to see how the courts handle that. It doesn’t really fall into the domain of an executive order, so I think the question is: what can they do that the courts will allow?” 

Norden said that while it’s clear the president doesn’t have the kind of direct authority over state-run elections he’s claiming, he does have the power to “both mislead and to intimidate people, whether it’s election officials or voters.”

“The good news is that if we see them for what they are, those are limited powers,” Norden said. “As long as the states step up and defend their elections, as long as voters come out and vote, that’s not enough to undermine elections. But we have to see what’s happening for [that defense] to be effective.”

In terms of counter messaging on the part of states, Rosenberg said much will rest on how courts respond to federal challenges, but from a strategy perspective “the number one thing [election officials] have to know is, you’re going to be called fake news.”

The Trump White House has “continued that line of attack through his first term to his present day. The way they want to control the message by saying everyone else’s message is false is a persistent strategy,” she said.

Pointing to the administration’s previous efforts to strong-arm universities and law firms, Rosenberg noted that while no one was left unscathed, those who fared best tended to confront Trump head-on rather than try to accommodate him.

“I think all you can do is stand your ground, file your lawsuits or counter lawsuits as you need to, but I think you need to continue to do the ethical hard work that you’ve done prior to the administration,” she said.

The post Trump administration setting the stage for elections power grab, voting rights group warns appeared first on CyberScoop.

President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances for other security professionals at Krebs’s employer SentinelOne, comes as CISA is facing huge funding and staffing cuts.

The extraordinary April 9 memo directs the attorney general to investigate Chris Krebs (no relation), calling him “a significant bad-faith actor who weaponized and abused his government authority.”

The memo said the inquiry will include “a comprehensive evaluation of all of CISA’s activities over the last 6 years and will identify any instances where Krebs’ or CISA’s conduct appears to be contrary to the administration’s commitment to free speech and ending federal censorship, including whether Krebs’ conduct was contrary to suitability standards for federal employees or involved the unauthorized dissemination of classified information.”

CISA was created in 2018 during Trump’s first term, with Krebs installed as its first director. In 2020, CISA launched Rumor Control, a website that sought to rebut disinformation swirling around the 2020 election.

That effort ran directly counter to Trump’s claims that he lost the election because it was somehow hacked and stolen. The Trump campaign and its supporters filed at least 62 lawsuits contesting the election, vote counting, and vote certification in nine states, and nearly all of those cases were dismissed or dropped for lack of evidence or standing.

When the Justice Department began prosecuting people who violently attacked the U.S. Capitol on January 6, 2021, President Trump and Republican leaders shifted the narrative, claiming that Trump lost the election because the previous administration had censored conservative voices on social media.

Incredibly, the president’s memo seeking to ostracize Krebs stands reality on its head, accusing Krebs of promoting the censorship of election information, “including known risks associated with certain voting practices.” Trump also alleged that Krebs “falsely and baselessly denied that the 2020 election was rigged and stolen, including by inappropriately and categorically dismissing widespread election malfeasance and serious vulnerabilities with voting machines” [emphasis added].

Krebs did not respond to a request for comment. SentinelOne issued a statement saying it would cooperate in any review of security clearances held by its personnel, which is currently fewer than 10 employees.

Krebs’s former agency is now facing steep budget and staff reductions. The Record reports that CISA is looking to remove some 1,300 people by cutting about half its full-time staff and another 40% of its contractors.

“The agency’s National Risk Management Center, which serves as a hub analyzing risks to cyber and critical infrastructure, is expected to see significant cuts, said two sources familiar with the plans,” The Record’s Suzanne Smalley wrote. “Some of the office’s systematic risk responsibilities will potentially be moved to the agency’s Cybersecurity Division, according to one of the sources.”

CNN reports the Trump administration is also advancing plans to strip civil service protections from 80% of the remaining CISA employees, potentially allowing them to be fired for political reasons.

The Electronic Frontier Foundation (EFF) urged professionals in the cybersecurity community to defend Krebs and SentinelOne, noting that other security companies and professionals could be the next victims of Trump’s efforts to politicize cybersecurity.

“The White House must not be given free reign to turn cybersecurity professionals into political scapegoats,” the EFF wrote. “It is critical that the cybersecurity community now join together to denounce this chilling attack on free speech and rally behind Krebs and SentinelOne rather than cowering because they fear they will be next.”

However, Reuters said it found little sign of industry support for Krebs or SentinelOne, and that many security professionals are concerned about potentially being targeted if they speak out.

“Reuters contacted 33 of the largest U.S. cybersecurity companies, including tech companies and professional services firms with large cybersecurity practices, and three industry groups, for comment on Trump’s action against SentinelOne,” wrote Raphael Satter and A.J. Vicens. “Only one offered comment on Trump’s action. The rest declined, did not respond or did not answer questions.”

CYBERCOM-PLICATIONS

On April 3, President Trump fired Gen. Timothy Haugh, the head of the National Security Agency (NSA) and the U.S. Cyber Command, as well as Haugh’s deputy, Wendy Noble. The president did so immediately after meeting in the Oval Office with far-right conspiracy theorist Laura Loomer, who reportedly urged their dismissal. Speaking to reporters on Air Force One after news of the firings broke, Trump questioned Haugh’s loyalty.

Virginia Senator Mark Warner, the top Democrat on the Senate Intelligence Committee, called it inexplicable that the administration would remove the senior leaders of NSA-CYBERCOM without cause or warning, and risk disrupting critical ongoing intelligence operations.

“It is astonishing, too, that President Trump would fire the nonpartisan, experienced leader of the National Security Agency while still failing to hold any member of his team accountable for leaking classified information on a commercial messaging app – even as he apparently takes staffing direction on national security from a discredited conspiracy theorist in the Oval Office,” Warner said in a statement.

On Feb. 28, The Record’s Martin Matishak cited three sources saying Defense Secretary Pete Hegseth ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions. The following day, The Guardian reported that analysts at CISA were verbally informed that they were not to follow or report on Russian threats, even though this had previously been a main focus for the agency.

A follow-up story from The Washington Post cited officials saying Cyber Command had received an order to halt active operations against Russia, but that the pause was intended to last only as long as negotiations with Russia continue.

The Department of Defense responded on Twitter/X that Hegseth had “neither canceled nor delayed any cyber operations directed against malicious Russian targets and there has been no stand-down order whatsoever from that priority.”

But on March 19, Reuters reported several U.S. national security agencies have halted work on a coordinated effort to counter Russian sabotage, disinformation and cyberattacks.

“Regular meetings between the National Security Council and European national security officials have gone unscheduled, and the NSC has also stopped formally coordinating efforts across U.S. agencies, including with the FBI, the Department of Homeland Security and the State Department,” Reuters reported, citing current and former officials.

TARIFFS VS TYPHOONS

President’s Trump’s institution of 125% tariffs on goods from China has seen Beijing strike back with 84 percent tariffs on U.S. imports. Now, some security experts are warning that the trade war could spill over into a cyber conflict, given China’s successful efforts to burrow into America’s critical infrastructure networks.

Over the past year, a number of Chinese government-backed digital intrusions have come into focus, including a sprawling espionage campaign involving the compromise of at least nine U.S. telecommunications providers. Dubbed “Salt Typhoon” by Microsoft, these telecom intrusions were pervasive enough that CISA and the FBI in December 2024 warned Americans against communicating sensitive information over phone networks, urging people instead to use encrypted messaging apps (like Signal).

The other broad ranging China-backed campaign is known as “Volt Typhoon,” which CISA described as “state-sponsored cyber actors seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.”

Responsibility for determining the root causes of the Salt Typhoon security debacle fell to the Cyber Safety Review Board (CSRB), a nonpartisan government entity established in February 2022 with a mandate to investigate the security failures behind major cybersecurity events. But on his first full day back in the White House, President Trump dismissed all 15 CSRB advisory committee members — likely because those advisers included Chris Krebs.

Last week, Sen. Ron Wyden (D-Ore.) placed a hold on Trump’s nominee to lead CISA, saying the hold would continue unless the agency published a report on the telecom industry hacks, as promised.