The Government Shutdown’s Impact on Cybersecurity
The Federal Government shutdown put a halt to many government processes and threw the lives of many of its workers into turmoil. But it also had an effect on the nation’s cybersecurity, causing damage that could last well into the future.
Many national security employees were working without pay and other departments were operating with significant cuts to their workforces. While many of the organizations that normally battle cybercrime were operating at reduced capacities, the threat level remained just as high. This led to a number of potential cybersecurity issues.
Disruptions to Criminal Investigations
The government shutdown caused significant problems for federal cybercrime investigations, which could have long-term impacts. KrebsonSecurity quotes an anonymous federal source who said that the shutdown was “a giant distraction and people aren’t as focused.” The same source also said that there was no money for travel budgets and important meetings had been delayed, which prevented cases from moving forward.
The shutdown also cut off funding for confidential human source payments, which are payments to sources that provide intelligence which is used to protect the U.S.. Without these payments, the intelligence stopped coming in, putting the nation at risk. Similarly, the FBI could no longer make payments to informants for ongoing investigations, which was detrimental to its cases.
The shutdown also affected the Justice Department’s ability to hand out subpoenas and warrants. An article in Data Breach Today quoted an agent about how it impacted their work.
“As a result, only ’emergency’ subpoenas are being issued, and any ‘non-emergency’ subpoenas will not be processed until after the shutdown. This is causing affected [sic] investigations to be put on hold until the shutdown ends.”
Subpoenas and warrants are critical for many federal cybersecurity investigations. Without them, cases cannot proceed. Since many investigations are time sensitive, this interruption caused a series of problems
The Shutdown Makes Federal Work Less Appealing
Many people work for government agencies because they perceive the jobs to be more stable than the private sector. Frequent government shutdowns and the suspended payments that come with them begin to make federal employment seem far less appealing.
According to the anonymous source quoted in KrebsonSecurity, the shutdown has caused many individuals to either retire or seek other employment.
“The talent drain after this is finally resolved will cost us five years. Literally everyone I know who is able to retire or can find work in the private sector is actively looking, and the smart private companies are aware and actively recruiting. As a nation, we are much less safe from a cyber security posture than we were a month ago.”
Hiring new agents was not so simple, because the clearance process had also been interrupted by the shutdown. Even if they could have been hired, the shutdown has likely made government opportunities seem far less attractive, which could lead to less-skilled applicants in the future.
NIST & CISA Operated at Minimal Capacity
Most of the National Institute of Standards and Technology’s (NIST) workforce was furloughed, meaning that the agency was no longer making progress on its documentation and other initiatives. During this period, its website was no longer being updated, preventing the latest developments from reaching security professionals.
The Cybersecurity and Infrastructure Security Agency (CISA) had its staff reduced from 3,431 employees to 2,008. CISA is responsible for securing the nation’s critical infrastructure, so such a dramatic cut represented a significant vulnerability in the nation’s overall security.
Security Certificates Expired on Government Websites
The shutdown also led to the expiration of many government website security certificates. According to Netcraft, the number was up to at least 130 by January 16, but it could have been higher.
This was an issue because many browsers discourage users from visiting sites that have expired certificates. This could prevent many people from accessing government information and services
Who Was Monitoring & Maintaining Government Systems?
With such huge proportions of the federal workforce furloughed, it is likely that many essential monitoring and maintenance processes were being overlooked or performed poorly. If there were fewer workers to analyze logs and alerts, then its possible that serious threats may have been missed. There is also a chance that the backlog of alerts could cause some critical events to be overlooked.
The shutdown could also have prevented regular maintenance from taking place. Unless auto-updates were in place, these systems would have been vulnerable to the latest flaws.
Online threats stay just as high even when these agencies are operating at a limited capacity. Because of this, it’s likely that such a long shutdown could have caused long-lasting damage to the nation’s cyber health.
- None Found