Federal shutdown inviting major cyberattack in U.S., experts say

Photo: Pexels.com

Jan. 18 (UPI) — Experts are concerned that the ongoing partial government shutdown is leaving the United States wide open to risk of major cyberattacks, because those manning U.S. security systems aren’t working.

Thousands of employees at two government agencies that monitor national cybersecurity haven’t worked in nearly a month, risking hacks and data theft.

The Massachusetts Institute of Technology’s Technology Review said 45 percent of employees at the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency and 85 percent of staff at the National Institute of Standards and Technology have been furloughed.

A spokesman for the Cybersecurity and Infrastructure Security Agency told Business Insider officials have “ceased a variety of critical cybersecurity and infrastructure protection capabilities.”

Employees considered essential are still required to work through the shutdown, but the reduced number of staff still creates situations where departments aren’t operating at full strength to guard against threats.

“Monitoring is probably not happening at 100 percent of usual operations, which means that there is an increased chance that malicious activity may not be spotted,” Bryson Bort, CEO of cyberdefense firm SCYTHE, told CBS News.

Mike O’Malley, VP of strategy at cloud defense firm Radware, said the U.S. government has basically “laid out the welcome mat to any and all nefarious actors.”

“Unfortunately, we know all too well from experience that hackers, especially nation-state sponsored, have a high level of patience and are willing to lie in wait for the most opportune moment to strike,” he said.

Bort noted the shortage makes the United States most vulnerable to nation states like China, Iran, Russia and North Korea.

“I don’t think they will ‘attack.’ I do think this is a good opportunity to step up iterative campaigns to compromise, gather intelligence, and place something quiet for the future,” he said.

O’Malley said DHS, the State Department and all U.S. intelligence services could be at the greatest risk.

“Any department that has sensitive information that can be used in espionage or fraud would be hit hardest by an attack.”

In the immediate future, for-profit hackers could also look to sell data to nation states or access personal identity records for fraud and identity theft. Short term vulnerabilities at the IRS could prevent millions from receiving their tax refunds on time, Bort said.

Many government websites have also had their HTTPS encryption certificates expire, meaning they could be exposed to impersonator sites. A lack of IT staff means software patches and upgrades at government agencies aren’t being updated regularly, leaving them susceptible to malware.

The increased vulnerability comes as researchers this week uncovered a new type of malware that can remove security features on Linux cloud servers without detection.

Rocke, a group of hackers who infiltrate servers and use them to mine cryptocurrency is linked to the malware, which serves the purpose of gaining access to computing without being detected.

Damage to U.S. cybersecurity could also extend beyond the end of the shutdown.

When a shutdown occurred in 2013, workers began to seek corporate jobs with greater job security, and the drain on talent entering government jobs persisted for years.

The present shutdown has also resulted in the Department of Homeland Security’s annual Cybersecurity and Innovation Showcase — an event where the government observes new advancements in critical next-generation security technologies — being postponed indefinitely.


Please enter your comment!
Please enter your name here