Shut­down may make cy­ber­se­cu­rity at­tacks eas­ier for hack­ers

Lodi News-Sentinel - - NATION - By Gopal Rat­nam

WASH­ING­TON — The par­tial gov­ern­ment shut­down may be mak­ing some key fed­eral de­part­ments and agen­cies run­ning with skele­tal staffs more vul­ner­a­ble to cy­ber­se­cu­rity breaches, ex­perts said.

Mean­while, the House Home­land Se­cu­rity Com­mit­tee, which over­sees the De­part­ment of Home­land Se­cu­rity, said it re­mains in the dark about how the shut­down has af­fected the de­part­ment’s mis­sion to safe­guard crit­i­cal in­fra­struc­ture from cy­ber­at­tacks.

“With so many cy­ber ac­tiv­i­ties re­liant on highly skilled con­trac­tors re­quired to aug­ment gov­ern­ment per­son­nel, gov­ern­ment shut­downs sig­nif­i­cantly de­grade the abil­ity of the gov­ern­ment func­tion to meet all of their cy­ber mis­sion re­quire­ments,” said Greg Touhill, pres­i­dent of Cyx­tera Fed­eral, a com­pany that pro­vides cy­ber­se­cu­rity ser­vices to the fed­eral gov­ern­ment.

He cited se­cu­rity op­er­a­tions, soft­ware patch­ing and pen­e­tra­tion test­ing as “es­sen­tial func­tions” de­ferred be­cause of the shut­down.

Even when fed­eral de­part­ments des­ig­nate se­cu­rity op­er­a­tions cen­ters as crit­i­cal dur­ing a shut­down, “they still have gaps cov­er­ing mis­sionessen­tial tasks, and many of the smaller agen­cies af­fected by the shut­down are un­able to main­tain the full 24x7 watch cov­er­age,” said Touhill, a re­tired U.S. Air Force of­fi­cer who served as the first U.S. fed­eral chief in­for­ma­tion se­cu­rity of­fi­cer in 2016.

De­part­ments and agen­cies af­fected by the shut­down in­clude the de­part­ments of State, Home­land Se­cu­rity, Agri­cul­ture, Com­merce, and Hous­ing and Ur­ban De­vel­op­ment, as well as the En­vi­ron­men­tal Pro­tec­tion Agency, the In­ter­nal Rev­enue Ser­vice, the Na­tional In­sti­tute of Stan­dards and Tech­nol­ogy, and the Na­tional Park Ser­vice.

Many of those are on the “hit-list for hack­ers, or­ga­ni­za­tions that spe­cial­ize in high­end se­cu­rity in­tru­sions, and na­tion-state ac­tors,” said Tom Gann, chief of pub­lic pol­icy at se­cu­rity re­search firm McAfee.

Cy­ber­se­cu­rity at these agen­cies and de­part­ments could be de­graded be­cause lower-level gov­ern­ment em­ploy­ees who bear the brunt of the shut­down often are on the front lines of ba­sic com­puter se­cu­rity mon­i­tor­ing work, Gann said. A sig­nif­i­cant part of cy­ber­se­cu­rity work at agen­cies is per­formed by con­trac­tor em­ploy­ees who are also off be­cause they are not get­ting paid while the gov­ern­ment is shut down, Gann said.

Ab­sent em­ploy­ees could mean that agency com­put­ers go with­out needed se­cu­rity up­dates and lack the abil­ity to de­tect net­work in­tru­sions in a timely man­ner. “The first 24 hours be­tween a hack and de­tec­tion is vi­tal,” Gann said. The sooner a hack is dis­cov­ered, the eas­ier it is to pre­vent dam­age from spread­ing, whereas “the longer a hack per­sists, the deeper it can in­fect,” he said.

Cyx­tera’s Touhill said that dur­ing the clo­sure, “skilled peo­ple qual­i­fied to re­spond to the alerts/alarms may not be in place or even avail­able due to the shut­down.”

Na­tion-state hack­ers could also gain in­sight into which U.S. com­puter net­works are con­sid­ered vi­tal and there­fore func­tion­ing dur­ing the shut­down by com­par­ing that pic­ture with all the net­works that are seen to be work­ing dur­ing nor­mal times, Gann said. “A for­eign in­tel­li­gence or­ga­ni­za­tion can de­duce from that who mat­ters and who doesn’t,” he said.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.