Top 3 areas shutdown is hitting security the hardest
By Ginger Hill
Updated Wed January 16, 2019
Day number 26 — it's the longest shutdown in U.S. history, and with approximately 800,000 federal employees out of work or working without pay, and three or more hours of wait time to clear security in some of America's busiest airports—Atlanta, Houston, Miami and Washington—security-related vulnerabilities linger. Just by saying the U.S. is “shutdown” seems to give hackers, terrorists, criminals and such the impression that the whole country is weak and now is the time to strike.
Here's some specific areas the shutdown is hitting security the hardest, and please click here to comment on the topic in our News Poll:
Government payment portals and remote access services: Sites such as NASA, the U.S. Department of Justice and the Court of Appeals, among others, are insecure or inaccessible, due to more than 80 expired TLS certificates used on .gov domains. What's more, only 1 in 20 HTTPS servers implement the security feature that prevents visitors from making unencrypted HTTP connections to a server.
As more security certificates expire during the shutdown and with furloughed IT employees not renewing them, opportunities for a security hack increase.
Click the following links to see examples of expired .gov certificates as of January 16, 2019:
https://ows2.usdoj.gov/
https://rockettest.nasa.gov/
National cybersecurity: It seems “everyone” is furloughed—approximately half of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), the employees who protect critical infrastructure, such as banking, water, energy and nuclear; 85 percent of the National Institute of Standards and Technology (NIST) employees and other IT professionals knowledgeable about the latest cyberattacks and how to deal with them most appropriately, according to CNBC.
Security operations, software patching and penetration testing are among the activities not getting done for government sites including but not limited to:
• Departments of State;
• Homeland Security;
• Agriculture, Commerce and Housing and Urban Development;
• Environmental Protection Agency;
• Internal Revenue Service (IRS);
• National Institute of Standards and Technology; and
• National Park Service.
Weakened airport security: Not only is wait time increasing for passengers to get through security, but personal safety is quickly becoming an issue. On January 2, 2019, a Delta passenger successfully deceived TSA, sneaking a gun past agents and onto a flight headed to Tokyo from Atlanta Hartsfield-Jackson International Airport.
According to USA Today, TSA said they would “hold those responsible appropriately accountable,” as they rejected the assumption that low staffing was to blame. Either way, carelessness or low staffing, security was breached and could have led to dire consequences.
As we see the deterioration of security right before our eyes, what are you most concerned about when it comes to the partial government shutdown and security?
Let's discuss! Looking forward to your responses.
Comments