Government shutdown threatens U.S. cyber security

Abstract image of lock against blue background

Patra Kongsirimongkolchai Getty Images

Among the agencies whose websites are affected are NASA, the US Department of Justice, and the Court of Appeals.

Cybersecurity experts are concerned that the shutdown could leave government websites vulnerable to hackers.

The shutdown, over a funding dispute for President Trump's Mexican wall, means 400,000 federal employees are now not being paid.

The problem affects dozens of certificates relating to.gov domains, and the failure to renew them means that visitors - depending on the browser they are using - may be blocked from accessing the sites completely, or could be met by security messages warning about visiting an insecure, potentially risky site.

Digital certificates ensure that communications between devices and websites are sent in an encrypted, secure manner and are an essential part of keeping IT infrastructure up and running. But, when issued, they are given an expiration date of anything between a few months and several years. Meanwhile, our adversaries are not missing a beat and the daily attacks on our systems continue.

It is not clear when the certificates will be renewed and, unless the shutdown comes to an end soon, it's likely we'll see more problems with other government websites. "Operating at less than half strength means we are losing ground against our adversaries".

In a blog for Netcraft, security consultant Patty Mutton said that the risks grow far more extensive the longer the shutdown goes.

With President Donald Trump and Democrats at a government funding impasse over the proposed border wall, it's unclear when furloughed federal IT employees will return and renew the TLS certificates.

A number of government websites are now inaccessible after 80 TLS certificates used by the U.S. government have expired and with no staff on hand to renew them as a result of the government shutdown.

Latest News