The government shutdown is dramatically impacting the world’s cybersecurity. No doubt there are major corporate and government breaches taking place now which could have been prevented if things were operating normally. Here are the top problems the shutdown is causing for the cybersecurity industry:
- 85 percent of the National Institute of Standards and Technology’s staff members are furloughed during the shutdown, a terrifying number given the central importance of NIST security and privacy standards for not just government agencies but also many private companies. Here is the scary message at the top of their site (see graphic above): Due to a lapse in government funding, the majority of this website is not being updated until further notice. Learn more. NIST websites for programs using non-appropriated funds (NVLAP and PSCR) or those that are excepted from the shutdown (such as NVD) will continue to be available and updated.
- Hackers and especially those with significant resources such as nation-states like Russia China, Iran and North Korea know their time is now. With the government running on fewer cylinders – with about half its cybersecurity workers, they realize they may never have the U.S. as vulnerable as they are right now.
- Poaching is a major problem for all organizations but with the shutdown in place – IT workers are increasingly being targeted by companies and especially big tech such as Google, Amazon and Facebook. It is tough to say no to a new job when you have a mortgage to pay and are furloughed or if you see your coworkers not getting paid.
- Hackers can use fake TLS certificates to intercept connections to government sites. As a resulut of the shutdown, over 80 government sites did not get their certificates renewed.
- With a significant reduction in IT staff, many computers and servers needing software updates may not get them, leaving them vulnerable to an array of attacks from hackers scanning government networks looking for weak points.
- The impossibility of dealing with the huge backlog of log files in anything near a timely manner. Hackers could be roaming government networks right now and no one may ever realize it because even when the government opens, IT workers may not have the time and resources to catch up.
- When the government opens, we can expect a flood of requests for password resets as users may forget them after not logging in for so long. IT workers will be under the gun to keep up with it all and could relax password policies. More importantly, as many workers use the same or similar passwords for work and personal use, the recent news of 21 million new leaked passwords should push all organizations to change vulnerable passwords. With government running on short staff, it is difficult to see how this is being done properly across all agencies.
- Insider threats are very real and less likely to be detected without a full IT and cybersecurity staff. Just recently, Baltimore experienced an insider threat and had to fire an IT worker as a result.
- The shutdown is hampering the FBI’s ability to investigate and prosecute cyber criminals and to combat digital national security threats, current and former agents said Tuesday. In one case, an FBI cyber agent didn’t have money to pay two confidential informants who provide intelligence about cyber assaults by U.S. adversaries, according to a report released Tuesday by the FBI Agents Association.
- The U.S. is falling behind its allies who are taking a more hawkish stance on cybersecurity and warning hostile actors. Yesterday, France’s defence secretary Florence Parly declared: “Cyber war has begun.”And she said the Euro nation’s military will use its “cyber arms as all other traditional weapons… to respond and attack,” as well as setting up a military bug bounty program.
Parly made her pledges during a speech to the Forum International de Cybersecurite (FIC) in the northern French town of Lille. Her speech was on a topic that most Western countries shy away from addressing directly in public.
“The cyber weapon is not only for our enemies,” said France’s defence secretary this afternoon, speaking through a translator. “No. It’s also, in France, a tool to defend ourselves. To respond and attack.”
With less help from the U.S. government, in order to stay secure, companies must ensure they vet vendors carefully, run security audits on their networks, encrypt data at rest, perform penetration testing, run phishing simulation and training on their employees, educate line managers on security issues to be aware of and instill a cybersecurity culture in their organization.
This is a starting point. Bring in cybersecurity experts to assist. There are many companies out there with the knowledge to ensure your organization is secure. Check references. Meet the management – see who they are and what their backgrounds are.
Cybersecurity is not a commoditized market yet companies often hire an MSP or MSSP like they buy paper cups. The difference is, substandard IT support and cybersecurity can destroy the reputation of an organization and this and lawsuits can put it out of business. You can always return cups or buy new ones. If you leak customer data or get breached, you may never be able to recover and if you do, your cyberinsurance rates could skyrocket.
Cybersecurity is one area to not skimp. Former Intel CEO Andy Grove famously wrote Only the Paranoid Survive and in the world of cybersecurity, this is more true than ever