23
Jan 19

How the U.S. Govt. Shutdown Harms Security

The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. Even if lawmakers move forward on new proposals to reopen the government, sources say the standoff is likely to have serious repercussions for federal law enforcement agencies for years to come.

One federal agent with more than 20 years on the job told KrebsOnSecurity the shutdown “is crushing our ability to take the fight to cyber criminals.”

“The talent drain after this is finally resolved will cost us five years,” said the source, who asked to remain anonymous because he was not authorized to speak to the news media. “Literally everyone I know who is able to retire or can find work in the private sector is actively looking, and the smart private companies are aware and actively recruiting. As a nation, we are much less safe from a cyber security posture than we were a month ago.”

The source said his agency can’t even get agents and analysts the higher clearances needed for sensitive cases because everyone who does the clearance processing is furloughed.

“Investigators who are eligible to retire or who simply wish to walk away from their job aren’t retiring or quitting now because they can’t even be processed out due to furlough of the organization’s human resources people,” the source said. “These are criminal investigations involving national security. It’s also a giant distraction and people aren’t as focused.”

The source’s comments echoed some of the points made in a 72-page report (PDF) released this week by the FBI Agents Association, a group that advocates on behalf of active and retired FBI special agents.

“Today we have no funds for making Confidential Human Source payments,” reads a quote from the FBIAA report, attributed to an agent in the FBI’s northeast region. “In my situation, I have two sources that support our national security cyber mission that no longer have funding. They are critical sources providing tripwires and intelligence that protect the United States against our foreign adversaries. The loss in productivity and pertinent intelligence is immeasurable.”

My federal law enforcement source mentioned his agency also was unable to pay confidential informants for their help with ongoing investigations.

“We are having the same problems like not being able to pay informants, no travel, critical case coordination meetings postponed, and no procurements to further the mission,” the source said.

The extended shutdown directly affects more than 800,000 workers, many of them furloughed or required to work without pay. Some federal employees, now missing at least two back-to-back paychecks, are having trouble keeping food on the table. CNN reports that FBI field offices across the country are opening food banks to help support special agents and staff struggling without pay.

An extended lack of pay is forcing many agents to seek side hustles and jobs, despite rules that seek to restrict such activity, according to media reports. Missing multiple paychecks also can force investigators to take on additional debt. This is potentially troublesome because excess debt down the road can lead to problems keeping one’s security clearances.

Excessive debt is a threat to clearances because it can make people more susceptible to being drawn into illegal activities or taking bribes for money, which in turn may leave them vulnerable to extortion. Indeed, this story from Clearancejobs.com observes that the shutdown may be inadvertently creating new recruiting opportunities for foreign intelligence operatives.

“If you are a hostile intelligence service human intelligence (HUMINT) targeting officer you are hoping this situation lasts a long time and has a multitude of unintended consequences affecting the cleared government employee population,” writes Christopher Burgess.

The shutdown may impact government and civilian cybersecurity efforts in other ways. As Brian Fung reported last week at The Washington Post, a rising number of federal Web sites are falling into disrepair, making it harder for Americans to access online services.

“In the past week, the number of outdated Web security certificates held by U.S. government agencies has exploded from about 80 to more than 130, according to Netcraft, an Internet security firm based in Britain,” Fung wrote.

Alex Stamos, former chief security officer at Facebook, said this creates problems for people trying to access key documents at government Web sites because the world’s dominant browser — Google Chrome — heavily discourages users from even visiting sites with expired security certificates.

But Stamos says he’s far more concerned about who’s maintaining, monitoring and safeguarding the countless Internet servers and other government online assets during the shutdown.

“What worries me more is what this indicates for the fact that there’s not standard maintenance going on,” Stamos said in this week’s episode of security journalist Patrick Gray‘s “Risky Business” podcast. “We’ve gone through a Patch Tuesday since the government shut down. Who is actually maintaining the systems, who is sitting in the SOCs [security operations centers], who’s looking at the logs? Even if you have critical cybersecurity people at NSA or Cyber Command working, there’s a lot of importance in having people show up for their jobs.”

U.S. Senate leaders are now planning to hold competing votes on Thursday in a bid to end the shutdown, but a story Wednesday in The New York Times reckons that neither measure is expected to draw the 60 votes required to advance.

“You hear [New England Patriots football coach Bill] Belichick and other coaches constantly preaching about leaving distractions outside the locker room,” said the federal law enforcement source who spoke with this author. “Can’t think of many bigger distractions like not getting paid, damaging credit scores, not being able to pay bills, and losing supplemental insurance. We just wish our national leaders would listen to another Belichick gem: ‘Do Your Job.'”

Tags: , , , , , , ,

99 comments

  1. Seem an easy test is available to see if fences or walls work and as California now is a sanctuary state lets remove all barriers in San Diego, I would think a few days would settle the question.

    • Oh, you mean the location of the largest smuggling operation along the border… or is that the Larado truck crossing? You obviously don’t know.

      If that wall works so damn well, why are you complaining? Oh, because you hate America. I get it.

  2. Leaving aside the national security implications of this, it’s somewhat astounding to me that relatively well paid government employees would be facing a food crisis and unable to pay bills because of a couple of missed paychecks. More sad evidence that too many people are either unable or more likely unwilling to save rather than forego spending on non-essentials. Maintain a rainy day fund of six months expenses as a minimum and your not sweating this(yet). That is called “individual security”.

    • Agreed. If you can’t support yourself for at least a couple of months without pay, you’re living your life wrong.

    • I agree with your assessment.

      */begin snark

      It might just be that working for a government without control of its own spending has rubbed off on its workers.

      */ end snark

  3. Sounds like the perfect time to start new botnet.

  4. Reason and Logic

    Yep, seems likely that not paying people tasked with providing security would impact their effectiveness.

    Regardless of if you want a wall or don’t want a wall. This shutdown is really stupid.

    The problem is that so is the person that shut the government down and continues to keep the government shut down, the President of the United States.

    The democrats are not demanding anything to open the government. They’re not saying there has to be Medicare for all or amnesty for 11 million people. They’re not demanding there has to be a more progressive tax rate or stronger laws that protect workers’ rights to organize. They’re simply saying let’s open the government.

    It’s only the President that’s saying “give me a wall” or else I will take my ball and go home. He’s a moron, and the people that voted for him may not fully embody all of his traits, but they voted for a racist fool that will eventually ruin this country one tweet at a time.

    America was already great. Unfortunately those stupid red hats are going to start making more sense the longer this idiot stays in office.

    • What is the reason for the shutdown?
      Border insecurity.
      What the president and the party supporting want? To protect the border.
      What is the proposed solution? Complete the Wall.
      What others say? No completion of the Wall.

      How to solve the problem? Declare a 1 km band along the border and put the military personal a long all the border, with the exception of official border control points of entry where civilian forces will stay doing the control.

      More (useful) jobs. The border is protected. Americans are more protect from drugs and people not welcomed into the country. The animals can steel travel trough the two country’s. Every one is happy (except those that are not welcomed in EUA anyway). The government can work again.
      Done.

    • Yikes, “Reason and Logic.” Your bias level is over 9000.

      The federal agent is correct: our federal government should do their job, which is negotiating an end to the shutdown.

      It seems obvious to me that “blaming the other guy” is ineffective, since supporters of the President will blame the House Speaker for the shutdown for not budging on wall funding while supporters of the House Speaker will blame the President for the shutdown for not budging on the wall funding.

      Each side could be making concessions to open the government, but is choosing not to re-open the government in pursuit of their political agenda, regardless of the content of said political agenda.

      It’s depressing how partisans like “Logic and Reason” have been so thoroughly brainwashed by media that they are unable to see that both sides are ultimately to blame or that they are simply pawns in the game of attaining public support as leverage for negotiation.

  5. Captain Midnight

    Disappointing these comments turned political.

    • +1. I debated whether to even write about this because even stories that have nothing to do with politics get hijacked by the vitriol from both sides. You’ll notice my story actually doesn’t even touch on the reasons for the shutdown.

      • Comments to this blog are not protected by the First Amendment. It would certainly be within your purview as its moderator to decide that if a comment is not related to the story content or to the general topic of cybersecurity, it is gone.

        • Says the lib ‘Stractocaster’- Freedeom of speech allows Brian to delete comments?! So your advocating the censor and blocking of freedom of speech. That’s exactly why the only news site still allowing comments is Fox, none of the other news outlets even have adversaries on the air to have a real discussion or debate, they would rarely, if ever, hold up to scrutiny and facts so they just flat out ban debate, just like stratocastrator is suggestion here. He wants to castrate discussion.

      • There’s no getting around it, Brian. Fox and CNN and social media bought propoganda has hypnotized the nation into further tribal beliefs that one political party is better than the other and therefore the ideals that follow their tribalism are superior.

      • Thank you for a well written article pointing out some of the nonobvious side effects of the shutdown. The true cost of the shutdown won’t be known until well after the shutdown ends. Right now it does not matter who started the shutdown or why. It needs to be eneded. This means active negotiations in Congress. A good compromise typivally means neither side is happy with the outcome.

      • I am with Larry. Thank you for the article, and the identification for the need for improved certificate practices.

        DHS issued this alert a week after FireEye identification, on the first day of normal operations:
        https://threatpost.com/gov-warning-dns-hijacking/141088/

        The days that this was known and Federal agencies could not respond could be included in the security risks created by the shutdown.

      • It’s good that you did write about it, though. The concerns about this sort of thing have been discussed, *authoritatively*, buy Tainter, Diamond, Chomsky, and others, so ignore the riff-raff. But computer security is an extremely important pillar of any modern nation, and so must be discussed objectively, sans politics. Thank you.

  6. well United States is Not a Country but corporation owned by Federal reserve.
    Federal reserve guys Will Say When who and how.

    we Don’t need to use Word corrupted, but Right Word is owned!
    You as Common People Think its corrupted.. but I Tell You They are the owners.

    a LOT of things happening in USA Right Now!

    im sure we Will see More God bless me I Don’t live in usa.

    uk is falled.. Canada too but When the USA Will Come Down it Will be biggest fall USA debt Will be biggest.

    • @sbo

      You aPPeaR To HaVe a BeauTiFuL MiND.

      some have a way with numbers, you with letters and words.

      perhaps you are the new e e cummings ?

  7. Immediate concern for me is how the shutdown affects our ability to address the last CISA Emergency Directive 19-01 (https://cyber.dhs.gov/ed/19-01/)…

    We can’t be left vulnerable…

    My $0.02

  8. I noticed that the day after you posted this article, ISMG runs their own article on the same topic…
    http://links.ismgcorp.com/dd0pT9ekMh0Im00X4ta00Z0

    Not the first time they have followed your lead, I think.

    Well done, and thank you!

  9. While there is a partial shutdown, yes there will be problems. Once the shutdown is over, things will return to normal within a few months. If people left the company, new people will be hired. If nobody wants the new jobs because its not a nice place to work, the wage offer will be increased. In other words, all vacant positions will be filled quickly with the sharpest people on the planet. It only takes money.

    • Ermm…

      Filling cybersecurity positions is nowhere near that easy. They will be trying for 12 months or more to fill positions lost because of the shutdown. The damage to their “brand” is even worse. One of the largest draws of government service is it’s security for the employee (financial security, not cybersecurity).

  10. This comment is unavoidably political, but it’s offered in a nonpartisan manner (I personally have no respect for either party).

    Shutdowns happen. They happen regardless of which party is in power in Congress or the White House. In a sense, they’re like a hurricane – highly disruptive, but shouldn’t be the end of the world if you’re well-prepared for them. The disruptions caused by the shutdown are strictly cash-flow issues. There is no reason that agencies cannot anticipate and prepare for this. The rest of us plebs keep some money set aside (or at least we should!) for emergencies. It’s part of what we call “adulting.” That these government agencies refuse to do so suggests that maybe they’re not competent enough to be in charge of whatever the heck they’re doing. Leaving critical tasks to a bunch of people who can’t even perform the most elementary fiscal management strikes me as a bit insane. But whatever.

    • Erasmus B Dragon

      No, shutdowns don’t just happen unless one side is trying to pull a fast one on the funding process.

      Let me ask you this: do you think any business person shuts the business down for 35 days because he or she can’t have his/her way about something?

      No. Sure don’t.

      But your solution is for individual departments to hold cash on hand to maintain operations in case the prez shuts er down?

      Did you ever take and pass civics 101 in your education career?

    • Actually there is a reason: it’s the law.

      https://www.nber.org/digest/mar14/w19481.html

      For decades some small number of people (including the heads of agencies) have made arguments against “use it or lose it” laws & policies but the practice remains.

      Why? Well it might be that we taxpayers are the voters and we taxpayers always want our money back – we don’t want it sitting in the coffers of others even if that might (as you argue here – and I agree with you) make more sense.

      Added to the fact that thrift cannot be bankrolled is that thrift proves that an agency does not need as much money next year so if you don’t use it this year you lose it going forwards as well.

      I want to point out that this is not a problem unique to the US. And I want to point out that there are good arguments for why agencies should not be incentivized to fill their coffers and invest (in contrast to my earlier comment about taxpayers).
      As examples first, an incentive for thrift also may wind up diverting money from projects which need the funds for a variety of reasons and second, arguably we don’t want agencies acting like funds or banks.

      This is a little-known fact (why is left as an exercise for the reader) and I hope I have presented it as non-partisanly as possible.

    • You don’t have much insight into how Federal government budgeting and spending works. Congress passes a budget for a set period of time and then allocates money for that budget. Federal departments are then required to spend their allocated money within that time period, or lose it. With very few exceptions, it is illegal to keep money between budget periods, it is illegal to move money between “pots” to which it has been allocated, and it is illegal to spend money that Congress has not allocated. I suppose Congress could create an emergency savings account, but that would require a wholescale overhaul of the budgeting process. And if they’re going to do that to avoid a shutdown (funding stop), then why wouldn’t they just pass a budget? An emergency savings account removes the political leverage of a shutdown.
      I’m a federal government employee who has lived through a few shutdowns and furloughs and who has a hand in the budgeting process, so I have a pretty good idea of how all this works.

  11. True or not true?

    “The Mother Of All Government Data Breaches Is Happening Right Now”

    Brian please confirm this story.

    https://www.sovereignman.com/trends/the-mother-of-all-government-data-breaches-is-happening-right-now-24461/

  12. @BrianKrebs
    I would like to understand the relationship between the duration of the shutdown and the assessed loss of 5 years. Are you able to elaborate on the mentioned talent drain and the assessed loss of time in the beginning of the article a bit more?

  13. Erasmus B Dragon

    But shutdown’s worth it because afterwards we’ll have a nice shiny wall to protect us from all the bad guys

    /s

  14. I find it interesting that the Bureaucracy deems IT non-essential.

  15. I agree with Kent Brockman and his individual security comment. I suspect the news is embellishing the number of federal employees in soup kitchen lines.

    With all the noise about DNS hijacking going on, rather surprised this made the cut.

  16. As a wise man once said, it’s a sad day when it’s more profitable for a young man to go to work for the government than to go to work.

Leave a comment