Government Shutdown - Turn off computer systems and go home

Published in News on 2/11/2018

Does Cyber-security stop if the government shuts down? Hackers don't shut down. Cyber-security is a major concern at all government facilities. Thousands of hacking attempts are thwarted monthly against many Department of Energy/National Nuclear Security Administration facilities...

Tagged Under: Emergency Systems, Emergency Technology, Readiness Assurance, Emergency Facillities, Emergency Response

​​Cybersecurity is a major concern at all government facilities.  Thousands of hacking attempts are thwarted monthly against many Department of Energy/National Nuclear Security Administration facilities.  Without constant vigilance by cybersecurity personnel, preventing outsider and insider attacks would be impossible. So what happens during a government shut-down? Are your cybersecurity personnel on the essential personnel list? If not, should they be?

The following article gives insightful knowledge and understanding of how cybersecurity is affected by a shut-down – What has been learned from past shut-downs and what has been done to help alleviate the issue.  It also reveals lingering concerns that every government office, lab, plant or facility management team should be aware of and consider when faced with the possibility of a government shut-down and who is essential to operations.

During a government shutdown, U.S. cybersecurity workers stay active

Grant Gross February 2, 2018

Last month, as the federal government halted operations for the second time in five years, you may have wondered whether federal cybersecurity workers tasked with fighting global computer threats like WannaCry, NotPetya, and Mirai were told to stay home.

Many certainly were in 2013, when the government closed shop for 17 days. Fortunately, globally destructive hacks also took a vacation during that shutdown, a period attackers may have seen as an opportune time to probe government networks, says Gregory Touhill, a former Air Force general and federal chief information security officer late in President Barack Obama’s administration.

“[Cybersecurity] folks were furloughed or sent home, and that was unacceptable, because it’s the equivalent of leaving your gates wide open,” Touhill says. “When you know that you’re not at full strength, that’s when potential adversaries will test you the most.” Touhill, now president of the federal group at secure-infrastructure specialist Cyxtera Technologies, became determined to take a “risk-based approach” during the next shutdown. He and other government officials used the 2013 shutdown as “teachable moment” in developing contingency plans outlining which federal programs and workers are essential during an official government shutdown. They successfully pushed for cybersecurity employees and contractors to be included in the list. Those plans were put in place this January, just in time for the shutdown. And with a hyperpartisan Congress currently operating the government on short-term funding bills, they might come into play again this monthThe cybersecurity programs of federal agencies today are exempt from a shutdown, “as these functions are necessary to avoid imminent threat to federal property,” the U.S. Office of Management and Budget said in an advisory it issued January 19, a day before the recent shutdown started. “Agencies must also ensure the preservation of agency information, including electronic records, and maintain the security, confidentiality, and integrity of such information.” It’s unclear whether all agencies followed the OMB guidelines. The Department of Homeland Security, the agency focused on bolstering cybersecurity for civilian agencies, didn’t respond to requests asking how agencies responded during the recent shutdown. In some cases, cybersecurity contractors may still be sent home during a shutdown, says Don Maclean, chief cybersecurity technologist at DLT Solutions, a technology reseller focused on government markets. And he says a lot of “little things” can keep them from working, regardless, such as security guards not knowing who’s allowed in the building during the shutdown.

In past shutdowns, some agencies turned off some of their IT systems as a precaution, Maclean says. “It’s kind of hard to attack a system when the machines are all turned off.” Cybersecurity response teams at the FBI, DHS, Department of Defense, and intelligence agencies remained at work during January’s shutdown, but some support staff and cybersecurity researchers may have been furloughed, says Suzanne Magee, CEO of Bandura Systems, a cybersecurity vendor with several government customers. There are “people in chairs” who will respond, if there’s a cyberattack during a government shutdown, she says. But the prospect of repeated shutdowns and furloughs could impact workplace morale among—and retention of—government cybersecurity workers“It’s hard enough to find good cyber talent,” she says. Cybersecurity researchers who are furloughed may think they can “go to a Silicon Valley company and make a lot more money.” John Lainhart, who as a federal employee for 30 years experienced “several” government shutdown, agrees. Cybersecurity workers “can easily leave the madness of government, and work for a company that values what they do and is funded with a steady stream of cash,” says Lainhart, now senior cybersecurity strategist for the public sector at auditing firm Grant Thornton, a federal-government vendor. “They will let their feet do the talking as they walk out.” Poor employee morale can also hurt security, Lainhart adds. “I can tell you that morale decreases at the threat of a government shutdown and during an actual government shutdown,” he says. “As a result, the insider threat is increased—people are upset and may want to get back at the system that has let them down.” And the prospect of government shutdowns also impacts cybersecurity research, Lainhart and Magee say. By running the government on short-term budgets, “we are prohibiting the investment in new cybersecurity programs,” Lainhart says. “While cybersecurity adversaries are constantly innovating and developing new methods of attack, running a government under a [short-term budget] prevents our ability to innovate and fight against cyberattacks.”​

Want to join the Discussion? Click below and log in to discuss:

How does a government shutdown affect your site?​​