From: Federal Times
By NICOLE BLAKE JOHNSON
With fewer eyeballs monitoring the government’s networks for malicious activities and an increasing number of federal systems sitting idle during the shutdown, security experts fear it could create a perfect storm for insiders and hackers looking to do agencies harm.
“The longer this goes on, the more the likelihood that the government becomes a target, a target of opportunity,” said a federal chief information security officer, who asked not to be named because he was not authorized to speak to the media.
Agencies don’t have as many people around to detect obscure events that may signal a larger problem, the chief information security officer (CISO) said. They only have the capacity to respond to big things, such as restoring essential online services that may have been knocked offline.
The CISO and his staff have been on furlough since the partial government shutdown began on Oct. 1. “We manage contract services, and we direct responses, so we can be called in to react to an event,” he said. An on-call status requires him to report to the office within two hours if any major decisions need to be made.
The agency didn’t shut down any of its IT systems, he said — that would have introduced more risk in trying to reboot the system later on and ensuring no data were lost or corrupted.
While his agency has capabilities to detect incidents, despite having fewer employees on hand, the capacity to respond is slower than normal, he said. “I think that’s true across the board.”
The government’s network and security operations centers, including those operated by the Department of Homeland Security, will remain staffed to provide incident monitoring and detection services. This includes oversight of the government’s external network traffic to ensure agencies’ connections to the Internet are secure.
“That would be suicide to turn that stuff off,” the CISO said. “We can go to bare bones because the big wall is still up.”
But even the government’s lead defender of civilian computer networks is operating with fewer resources during the shutdown. DHS’ National Protection and Programs Directorate (NPPD), which contains many of the department’s cybersecurity personnel, is operating with nearly half of its staff gone, according to the agency’s Sept. 27 shutdown plan.
NPPD estimates 1,617, or 57 percent, of its 2,835 employees will continue working through a shutdown because they are either presidential appointees, law enforcement officers, paid with funds other than annual appropriations or needed to protect life and property.
Leave a Reply