The government has been shut down for over a month, making it the longest government shutdown in history. The longer the government remains shutdown, it raises the question: how is it affecting our national cybersecurity?
Approximately, 800,000 federal employees are on full or partial leave, while others are working unpaid. Employees in the Department of Homeland Security, which includes the Cybersecurity and Infrastructure Security Agency (CISA), are currently working with a skeleton staff.
With limited manpower, resources, and lack of funding, the government shutdown is negatively affecting national cybersecurity. Here’s how.
Security Certificates Are Expiring
Security certificates (used to keep websites secure) are expiring, with 130+ certificates expired so far. When a security certificate expires, a website is more susceptible to having encryption broken. Consequently, that opens the door for hackers to read sensitive information (e.g. SSN, financials, etc.) as well as set up fake links.
Related Post: Domain Spoofing: How It Hurts Your Brand
For instance, a scammer may deploy a “man in the middle attack,” setting up an encrypted website to look legitimate. Here, the victim presumes they’re logging into the IRS' website. However, they’re actually logging into a fake site and giving the scammer their personal login information.
Also when a website is no longer secure (e.g. https), Google will downgrade that site's SEO score. This downgrade will effect a business' SEO rank and visibility, and in turn, web traffic to their site.
Routine Security Maintenance Is on Hold
With cybersecurity employees furloughed, not only are security certificates expiring, but routine maintenance like website security patching is being put on hold and threat alerts are getting backlogged. Meanwhile hackers are using this time to conduct malicious schemes and establish backdoors for future campaigns.
When the government is up and running again, it will take time to bring everything back up to speed. Even simple things like updating federal employees’ expired passwords will take time. And to reset passwords faster, it’s possible security policies may be relaxed, allowing employees to reuse passwords which further weakens security.
NIST Standards Aren’t Being Updated
The National Institute of Standards and Technology (NIST) is also taking a hit, with more than 85% of their staff furloughed. NIST develops and updates documents that provide guidance for securing computer systems.
While these docs are predominantly used by government departments, other organizations also rely on them as a resource for how to properly store sensitive data, monitor and respond to security threats, and authenticate user accounts.
With the majority of NIST’s website down, organizations don’t have access to documents that can help them with security and encryption. In turn, this leaves organizations vulnerable to hackers that are waiting in the wings.
Cyber Investigations Are Being Paused
Currently, the FBI is trying to meet their goal of “deterring, detecting, disrupting, and dismantling” 8,400 computer crimes in 2019. But the shutdown is slowing down operations in meeting that goal. Cyber investigations can be more costly, since they rely on court-ordered digital evidence that must be retrieved from ISPs and tech companies. And the funding isn’t available right now.
Related Post: Why Aren’t There Laws to Stop Ad Fraud
In a world where internet crime is rampant, it isn’t easy prosecuting cybercriminals, and the current shutdown isn’t helping.
Retaining (and Hiring) Cybersecurity Positions Will Be Harder
We can expect the shutdown will also have long-term consequences for retaining and hiring cybersecurity positions. The financial strain the shutdown has placed on federal cybersecurity employees increases the likelihood that some workers will decide to seek jobs that offer more stability.
Attempting to replace these positions will also be more difficult because potential employees will be gun shy about accepting a job that has the high potential to be furloughed again in the future.
What Can We Do?
While we can’t prevent government shutdowns, we can make it a point to regularly check that our security protocols are always up-to-date. By staying on top of security patches and only using secure websites that begin with “https,” we can make it harder for scammers to take advantage.