Established Fact
On November 13, 2020, CISA Director Christopher Krebs issued a joint statement, signed by election security officials, declaring the November 3 election “the most secure in American history.” This statement was widely cited by congressional actors during the January 6, 2021, joint session to dismiss objections. Yet CISA’s own classified TLP-AMBER Election Infrastructure Cyber Risk Assessment – covering the 12 months preceding Election Day – documented 319 critical-severity vulnerabilities and 1,820 high-severity vulnerabilities in election infrastructure, with approximately 47% of entities with critical vulnerabilities experiencing active exploitation during 2020. The public declaration of security thus directly contradicted a simultaneous classified assessment of widespread critical exploitation – meaning that Congress’s dependence on this declaration as a basis for dismissing objections rested on a public statement that CISA’s own classified record renders factually unsupportable.
Citations
The Election Infrastructure Sector Coordinating Council (SCC): https://www.cisa.gov/news-events/news/joint-statement-elections-infrastructure-government-coordinating-council-election | CISA
CONFIDENTIAL TLP-AMER EI Subsector Cyber Risk Summary: https://drive.google.com/file/d/1f4SOaerwuakGcx08L8LTuz74Laz7CQCj/view?usp=drive_link | CISA
Testimony of Chris Krebs: https://www.hsgac.senate.gov/wp-content/uploads/imo/media/doc/Testimony-Krebs-2020-12-16.pdf | U.S. Senate