Nixon Peabody LLP

Trending Topics

    Practices

    View All

    Industries

    View All

    Value-Added Services

    View All

    Article

    Ongoing government shutdown places U.S. cybersecurity in peril

    Jan 17, 2019

    Share
    As the partial government shutdown nears the one-month mark, there is increasing concern that hackers may use the shutdown as an opportunity to infiltrate U.S. government networks.

    As the partial government shutdown nears the one-month mark, there is increasing concern that hackers may use the shutdown as an opportunity to infiltrate U.S. government networks.

    Last November, President Trump launched the Department of Homeland Security’s new Cybersecurity and Infrastructure Security Agency (CISA). CISA’s purpose is to defend the federal government’s computer systems from potential cyberattacks. However, less than two months after its creation, nearly 45% of the agency’s staff has been furloughed due to the shutdown. While some cybersecurity processes can be automated, many others require analysts to evaluate threat reports and determine the appropriate course of action. And even “essential” cybersecurity functions have been hampered by the shutdown, due to a lack of incoming information from other government agencies.

    At the National Institute of Standards and Technology (NIST), which sets and updates security and privacy standards for the government and private sector, nearly 85% of employees are furloughed. The Computer Security Resource Center, where NIST posts its comprehensive guidelines for network and account security, is another casualty of the shutdownthe website is currently unavailable.

    Routine maintenance and security patching of federal websites has also come to a halt, creating opportunities for malicious actors to break a website’s encryption and insert malware. Since the start of the shutdown in December, HTTPS security certificates for over 80 government websites have expired, including pages maintained by the Department of Justice and NASA.

    Aside from direct hacking of federal computer systems, the government shutdown creates an opportunity for hackers to examine network activity and determine which are considered “essential,” in preparation for a future attack. Moreover, the rapidly increasing backlog of unassessed threats and system maintenance has the potential to hinder cybersecurity agencies far into the future, even after this record-setting shutdown finally comes to an end.

     

     

     

     

     

    The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe