The government has been shut down for over a month, making it the longest government shutdown in history. The longer the government remains shutdown, it raises the question: how is it affecting our national cybersecurity?
Approximately,800,000federal employees are on full or partial leave, while others are working unpaid. Employees in the Department of Homeland Security, which includes the Cybersecurity and Infrastructure Security Agency (CISA), arecurrently working with a skeleton staff.
With limitedmanpower, resources,and lack of funding, the governmentshutdown is negatively affectingnational cybersecurity. Here’s how.
Security Certificates Are Expiring
Security certificates(used to keep websites secure)are expiring, with130+ certificatesexpired so far. When asecurity certificate expires, a website is more susceptible to having encryption broken. Consequently, that opens the door for hackers to read sensitive information(e.g. SSN, financials, etc.) as well as set up fake links.
For instance, a scammer may deploy a “man in the middle attack,” setting up an encrypted website to look legitimate.Here, the victim presumes they’re logging into the IRS' website. However, they’reactually logginginto a fake site and giving the scammer their personal login information.
Also when a website is no longer secure (e.g. https), Google will downgrade that site's SEO score. This downgrade will effect a business' SEO rank and visibility, and in turn, web traffic to their site.
Routine Security Maintenance Is on Hold
Withcybersecurity employees furloughed, not only are security certificates expiring, but routine maintenance likewebsite security patching is being put on hold and threat alerts are gettingbacklogged.Meanwhile hackers are using this time to conductmalicious schemes and establish backdoors for future campaigns.
When the government is up and running again, it will take time to bring everything back up to speed. Even simple things like updating federal employees’ expired passwords will take time. And to reset passwords faster, it’s possible security policies may be relaxed, allowing employees to reuse passwords which further weakens security.
NIST Standards Aren’t Being Updated
The National Institute of Standards and Technology (NIST) is also taking a hit, with more than85%of their staff furloughed. NIST developsand updates documents that provide guidance for securing computer systems.
While these docs are predominantly used by government departments, other organizations also rely on them as a resource for how to properly store sensitive data, monitor and respond to security threats, and authenticate user accounts.
With the majority ofNIST’s website down, organizations don’t have access to documents that can help them with security and encryption. In turn, this leaves organizations vulnerable to hackers that are waiting in the wings.
Cyber Investigations Are Being Paused
Currently, the FBI istrying to meet their goal of “deterring, detecting, disrupting, and dismantling”8,400computer crimes in 2019. But the shutdown is slowing down operations in meeting that goal. Cyber investigations can bemore costly, since they rely on court-ordered digital evidence that must be retrieved from ISPs and tech companies. And the funding isn’t available right now.
In a world where internet crime is rampant, it isn’t easy prosecuting cybercriminals, and the current shutdown isn’t helping.
Retaining(andHiring)Cybersecurity PositionsWill Be Harder
We can expect the shutdownwill also have long-term consequencesfor retaining andhiring cybersecurity positions. The financial strain the shutdown has placed on federal cybersecurity employeesincreasesthe likelihood that some workers will decide to seek jobs that offer more stability.
Attempting to replace these positions will also be more difficult becausepotential employees will be gun shy about accepting a job thathas the high potential to be furloughed again in the future.
What Can We Do?
While we can’t prevent government shutdowns, we can make it a point to regularly check that our security protocols are always up-to-date. By staying on top of security patches and only using secure websites that begin with “https,” we can make it harder for scammers to take advantage.