It has been reported that following a partial U.S. government shutdown caused by a deadlock on the issue of the Mexican border wall between the Democratic Party and Donald Trump, tens of government websites can no longer be accessed or have been marked as using insecure connections because their TLS certificates have not been renewed. The websites of the U.S. Department of Justice, NASA, and the Court of Appeals are some of the ones hit by the government’s failure to extend around 80 TLS certificates used on .gov domains. Expired TLS Certificates can make individuals more susceptible to fraud and Identity theft.
Experts comments below:
Suzanne Spaulding, Former DHS Under Secretary and Nozomi Networks Adviser:
“With each passing day, the impact of the government shutdown on our nation’s security grows. Meanwhile, our adversaries are not missing a beat and the daily attacks on our systems continue. Cybersecurity is hard enough with a full team. Operating at less than half strength means we are losing ground against our adversaries.
And the timing couldn’t be worse, with Congress just having established the new Cybersecurity and Infrastructure Security Agency (CISA) at DHS. Getting this agency fully operational requires a lot of work and it’s like repairing an airplane while you’re flying it. You try to avoid disrupting the critical operational activity even while you make changes to improve the organisation. This shutdown is a disruption CISA can ill afford.”
“Information security isn’t a one-time event. There’s no ‘set it and forget it’ option for keeping systems and assets secure. When the people who perform the day-to-day tasks that keep things running securely aren’t around, we’re bound to see a slow, unavoidable march towards entropy.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.