02/11/2019

Cybersecurity Workers Scramble to Fix a Post-shutdown Mess

Network activity attacks likely went unanswered

Two weeks out from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high.

Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The job was already hard enough without having to play catch-up.

"There's tension in the air," says Christopher Kennedy, chief information security officer at the network security firm AttackIQ who spent more than 10 years as a federal security contractor for agencies like the Treasury, Department of Commerce and US Marines Corps. "As an incident responder, you just found activity that took place three weeks ago, and now you have to quarantine and clean up and fix it when three weeks of damage has already been done. The work is harder and more chaotic and maybe your toolset doesn’t work because a license is expired plus maybe people's security clearances have expired. All of those things are adding together."

Please select this link to read the complete article from WIRED.