The looming US federal government shutdown is raising concerns among experts who warn that it could put the nation’s cybersecurity apparatus at risk. If Congress does not pass a budget by the Oct. 1 deadline, there is an increased likelihood of cyberattacks across the country’s entire software supply chain.
The US Department of Homeland Security (DHS) has updated its plan to respond to the “lapse in appropriations” that will be triggered if a compromise is not reached. The government shutdown plan includes the indefinite furlough of more than 80% of the Cybersecurity and Infrastructure Security Agency (CISA) workforce.
The mass furloughs resulting from a government shutdown would degrade the cybersecurity of critical infrastructure, transportation, healthcare, and energy, according to Justin Williams, managing partner at Optiv. This would leave the nation’s software supply chain vulnerable to threat actor campaigns and supply chain cyberattacks that could go unnoticed and spread unchecked.
Williams highlights the critical linkages that CISA provides between commercial organizations and the government. Without this support, organizations dealing with a cyber event or incident could be at risk, as indicators of compromise may not be shared among the proper groups to stop the movement of adversaries.
While skeleton crews would be left working under intense conditions, including government cybersecurity posts beyond CISA, the strain on these individuals would be significant. Roselle Safran, founder and CEO of KeyCaliber, recalls her experience during the 2013 government shutdown when she had to work the night shift due to staff shortages. This type of environment brings stress to those who are working and uncertainty to those who aren’t sure if they will receive pay.
Enterprise security teams should also be concerned about the prospect of a government shutdown, according to Jeffrey Wells, a former cyber czar for Maryland. In addition to potential limitations on incident response support, the shutdown could attract the attention of threat actors who may take advantage of the situation.
Wells advises enterprise security teams to remain vigilant about monitoring and threat detection measures. He also recommends establishing alternative channels for reporting incidents and seeking assistance, as government contractors will be affected by furloughs, further adding to potential risks in the software supply chain.
The longer the shutdown persists, the greater the risk to the nation’s cybersecurity posture, warns MITRE, an organization that offers tools and support for cyber defenders. MITRE suggests that contractors continue working under federal contracts until they receive a “stop work order”. Additionally, state and local governments may step in to provide reinforcements to federal efforts.
In the meantime, MITRE assures that its open frameworks and knowledge bases will remain active and available to help cyber defenders stay informed and address possible threats and vulnerabilities.
As the deadline for passing a budget approaches, the cybersecurity community remains on alert, emphasizing the potential consequences that a government shutdown could have on national security. It is in the best interest of Congress to reach a compromise and ensure the continued protection of the nation’s software supply chain and critical infrastructure.