The war over how best to protect the US-Mexico border is severely impacting the nation’s cybersecurity and with the longest federal government shutdown in the history of this country underway, our cyber defense capabilities have taken a massive blow.
While the short-term impact is severe, the long-term effects could prove even more catastrophic. According to several recent reports, with every passing day, we have started to rely on something similar to ‘luck’ than ‘strategy or systems’ to keep our cyber ecosystem secure.
Several federal agencies including the Department of State, Homeland Security, Department of Agriculture, Department of Commerce and Department of Housing and Urban Development, The Environmental Protection Agency, Internal Revenue Service, The National Institute of Standards and Technology and the National Park Service have lost funding due to the shutdown. According to Tom Gann, chief of public policy at security research firm McAfee, “Many of these agencies are on the hit-list for hackers, organizations that specialize in high-end security intrusions and nation-state actors.”
“Cybersecurity at these agencies and departments could be degraded because lower-level government employees who bear the brunt of the shutdown often are on the front lines of basic computer security monitoring work,” Gann said. “A major part of cybersecurity work at these agencies is performed by contracted employees who are also not available, as they are not getting paid during the government shut down,” Gann said.
Former Federal Chief Information Security Officer, Gregory Touhill, said that during the closure, “skilled people qualified to respond to the alerts/alarms may not be in place or even available due to the shutdown.”
Another notable point is that during the shutdown, it will be easy for hackers to define what the United States considers to be its critical systems. They will be looking at detailed activities in our cybersecurity ecosystem.
By current estimates, roughly 800,000 federal workers are currently unavailable including
– 45% of the staff from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, which is responsible for defending critical infrastructure from cyber and physical threats.
– 80% of the National Protection and Programs Directorate, which controls the Office of Cyber and Infrastructure Analysis and the Office of Cybersecurity and Communications.
– 85% of the National Institute of Standards and Technology(NIST), which designs the Cybersecurity Framework of private and public sector security standards.
Currently, several of NIST weblinks effectively lead you to a dead end.
There is a growing concern among government’s cybersecurity professionals that hackers will indeed take advantage of the partial shutdown, tampering with sensitive government data or stealing citizen’s information. Cybersecurity is hard enough job with a full crew. It’s a battle just to keep up with emerging cyber threat. Working with less than half strength means that we are at significant risk; The impact on our nation’s security grows with each passing day. While there is no doubt that all the agencies and departments have a good plan in place to keep essential systems and functions running, but with bare-bones staff there is only so much that can be done.
“Cyber threats don’t operate on Washington’s political timetable, and they don’t stop because of a shutdown,” Lisa Monaco, former assistant to the president for homeland security and counterterrorism, told Axios.
