The ongoing US government shutdown is putting the nation at serious risk of cyber attack, since as thousands of employees that monitor the nation’s defense systems are not at work.
Experts warn that the country is at greater risk of falling victim to a major attack and falling behind in the cyber arms race, as the shutdown gives those who want to target the US an advantage.
“Unfortunately, we know all too well from experience that hackers, especially nation-state sponsored, have a high level of patience and are willing to lie in wait for the most opportune moment to strike,” he said.
The US has identified Russia, China, Iran, and North Korea as the nations that pose the biggest cybersecurity threats.
MIT’s Technology Review, citing a report from Duo Security, said that nearly 45% of employees at the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security, have been furloughed.
It said 85% of staff at the National Institute of Standards and Technology (NIST) are in the same position.
“In a stalemate over how best to secure America’s southern border, the Trump administration has endangered the integrity of one of the country’s even more important frontiers,” MIT’s Technology Review said.
The shutdown is now the longest in US history. Thursday is day 27.
It began on December 22 after Democrats refused President Donald Trump’s demand that a spending bill to keep the government open includes billions of dollars in funding for a wall along the southern US border.
O’Malley told CBS that this had created the perfect situation for hackers.
“Any department that has sensitive information that can be used in espionage or fraud would be hit hardest by an attack, such as the Department of Homeland Security, State Department, and all of the intelligence services. The risk is not only for short-term data theft but also injection of longer-term persistent attacks.”
Essential staff still have to come to work. However, experts still believe the loss of so many staff members creates a risk.
Andrew Grotto, a former White House cybersecurity adviser for Presidents Obama and Trump and a current employee of Stanford’s Hoover Institution, told Axios that there were already staff shortages when it came to maintaining the security of government networks.
“Defending federal networks is already an act of triage, due to personnel shortages, legacy IT overhang, uneven risk management practices and a hostile threat environment. Furloughs make a hard job even harder,” he said.
Bryson Bort, CEO of cyberdefense firm SCYTHE and a fellow at the National Security Institute, also told CBS that the reduced staff in the US’s cyber defense institutions left the country at greater risk.
“Monitoring is probably not happening at 100% of usual operations, which means that there is an increased chance that malicious activity may not be spotted.”
In a 2018 report, the Trump administration estimated that malicious cyber activity cost the US economy between $57 billion and $109 billion in 2016. It said cyber attacks against critical infrastructure sectors could be “highly damaging” to the US economy.
The shutdown will also hinder the US’s ability to upgrade and repair its existing defense systems, former Pentagon official Dave Mihelcic told CBS. He is now the chief technology and strategy officer for Juniper Networks, and used to be chief technology officer of the Pentagon’s Defense Information Systems Agency.
MIT’s Technology Review also noted that workers could seek out more stability, and probably more pay, by quitting for the private sector.
This happened after the 2013 shutdown, the Review said, noting that “the drain on talent was felt for years.”
Business Insider has contacted the Department of Homeland Security for comment.