Risk
10/3/2013
02:00 PM
50%
50%

Shutdown Heightens Cybersecurity Risks, Feds Warn

Federal officials say shutdown is invitation to hackers and puts nation at risk.

Senior federal officials are voicing concern that the partial shutdown of federal operations and the furlough of thousands of cybersecurity and intelligence specialists are an open invitation to hackers to exploit security vulnerabilities.

Federal CIO Steven VanRoekel says he fears the reduced number of cybersecurity professionals on active duty across federal agencies gives hackers greater opportunities to move about within agency IT networks and heightens the risks agencies already face that their systems could be compromised.

"If I was a wrongdoer looking for an opportunity, I'd contemplate poking at infrastructure when there are fewer people looking at it," VanRoekel said in remarks to the The Wall Street Journal.

[ For more on how the federal government shutdown is affecting national security, see Government Shutdown Stalls Cybersecurity Legislation. ]

VanRoekel explained that while government shutdown plans exempt workers critical to national security, cybersecurity teams had been reduced to a skeleton crew. If agencies came under cyberattack specialists could be called in, but the loss of real-time response was a real concern, he told the Journal. "I have fewer eyes out there," he added.

VanRoekel, who oversees but has limited direct control over the $82 billion agencies spend on IT and cybersecurity annually, said he isn't able to assess what portion of the government's cybersecurity or IT workers overall have been furloughed. The decision of which employees have been exempted from the current shutdown is made on an agency-by-agency basis.

"The people I would have do that assessment are currently not working," he said, noting one of the many consequences of the government shutdown and its impact on the White House Office of Management and Budget, where VanRoekel works.

Meanwhile, director of national intelligence James R. Clapper, Jr. warned senators Wednesday that the government shutdown, coming on the heels of this year's sequestration cuts, will "further damage our ability to protect the safety and security of this nation and its citizens." Clapper made the remarks during testimony at a previously scheduled hearing on domestic surveillance before the Senate Judiciary Committee, where Chairman Patrick J. Leahy (D-Vt.) asked intelligence leaders to address the effects of the shutdown.

"I've been in the intelligence business for about 50 years. I've never seen anything like this," Clapper told the senators, according to Roll Call. Clapper said 70% of the intelligence community's employees had been deemed non-essential to their agencies' missions and subject to furloughs.

"Our nation needs people like this, and the way we treat them is to tell them, 'You need to go home because we can't afford to pay you,'" National Security agency director Gen. Keith B. Alexander told the lawmaker. "From my perspective, it has had a huge impact on morale." Sen. Lindsey Graham, (R-S.C.), noting that this is the first government shutdown since the terrorist attacks of Sept. 11, 2001, said the comments of Clapper and Alexander "scared the hell out of all of us," according to Roll Call's account.

"The government shutdown in a post-9/11 world is making this nation less safe," Graham said.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PatrickB222
50%
50%
PatrickB222,
User Rank: Apprentice
10/10/2013 | 5:00:23 PM
re: Shutdown Heightens Cybersecurity Risks, Feds Warn
I am contractor for a Federal Agency employed as a cyber security incident responder. During this shutdown, I am going without pay, and unlike Civil Service employees, there has been no bill passed by the House to reimburse contractors for their lost wages.

This situation creates a very serious danger for our nation caused by a convergence of factors:

1)The information systems of the United States Government are under continual attack from sophisticated and well-funded foreign governments. At this moment, practically no one is working to repel those attacks. We are in fact engaged in a cyber war right now with several nations. And at this moment G«Ű no one is guarding the fort.

2)Under normal circumstances, the US Government has a serious shortage of trained personnel to maintain countermeasures to those cyber attacks. Most of the personnel that do exist are now furloughed contractors, who have no hope of reimbursement once they return to work.

3) Since the private sector has a similar shortage of trained cyber security personnel, it behooves those of us who are employed as Federal contractors to seek more reliable employment elsewhere. This will only increase the personnel shortage and exacerbate the risks to the information systems that are an essential part of Federal Government operations.

I have no doubt that several hostile foreign governments are currently celebrating their unfettered freedom to compromise the security and operational integrity of the Federal GovernmentG«÷s computers and networks. And I am challenged to express in words how demoralizing it is to be considered G«£non-essentialG«• and to be summarily tossed off our jobs and told to eek out an existence without pay.

Those of us who work as cyber security contractors for the Federal Government are generally paid less than our counterparts in the private sector. Patriotism and pride in our mission is a large part of our compensation. But pride and patriotism wonG«÷t pay our bills, feed our children, or compensate for the lost wages caused by unreliable employment.
WKash
50%
50%
WKash,
User Rank: Apprentice
10/3/2013 | 7:58:57 PM
re: Shutdown Heightens Cybersecurity Risks, Feds Warn
A neighbor of mine is the lead certified security executive responsible for network and cyber security at an agency that supports first responders. He is among those furloughed this week. From what I can tell, the skeletal crew left in charge lacks the depth or detail to know how to deal with a security breach. My neighbor, being the public servant he is, is always close to his phones (plural). But that doesn't give him -- or me -- a lot of assurance.

Just think: two Marine generals were just sacked for neglecting their base from attack. Who gets sacked IF/when federal agencies get attacked? Sadly, it won't likely be anyone in Congress.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5208
Published: 2014-12-22
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbit...

CVE-2014-7286
Published: 2014-12-22
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.

CVE-2014-8015
Published: 2014-12-22
The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

CVE-2014-8017
Published: 2014-12-22
The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.

CVE-2014-8018
Published: 2014-12-22
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur1...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.