GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Government shutdown affects more than workers

U.S. Government

As the government shutdown enters its fourth (4th) week, which marks the longest of its kind in U.S. history, the list of ill effects left in its wake now includes IT security. Yay! Like the impasse between the Trump administration and Democrats that’s at the heart of the shutdown—the border wall—this aftershock also includes a wall. This one (1), however, comes in the form of a digitally-encrypted wall—TLS (Transport Layer Security) certificates.

TLS certificates, like SSL certificates, are utilized by websites to secure connections between users accessing them. For all intents and purposes, TLS is basically the 2.0 version of SSL. Web servers that have installed TLS certificates display their web address with that all important “S” after “HTTP”. Yes, the “S” stands for secure; it means a cryptographic key has been binded to the website, so communications between it and users are encrypted.

So, what does this have to do with the government shutdown?

It’s reported that as many as eighty (80) government websites—those with a .gov domain name—are no longer TLS-protected. Their certificates have expired. And furloughed government IT workers means there’s nobody to renew the certificates. So, trying to access one (1) of these unprotected websites will net you this message—Your connection is not private. As a result, users won’t be able to enter the site. Frustrating, yes, but at least they’ll be kept safe by being prevented from entering. However, in several browsers the warning can be bypassed, which means any sensitive information entered, such as social security numbers, won’t be encrypted. If more advanced and adventurous users decide to take this route, they could open themselves up to man-in-the-middle attacks, in which cyber criminals eavesdrop on conversations in the name of ill-gotten gains.

Naturally, the longer the shutdown, the more sites will be affected. In just over three (3) weeks, eighty (80) certificates have expired. And those eighty (80) sites represent only two percent (2%) of all federal .gov sites. Yikes.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Author

Share this article

You might also like:

As a global IT solutions provider, we understand that technology partnerships are absolutely crucial in our line of business. It’s fair to say that without great partners to work with, we couldn’t do what we do. It’s also fair to say that without the expertise the GDT team brings to

If you’re wondering if your organization’s ransomware defense strategy is as strong as it could be, you’re not alone. Ransomware has emerged as one of the top cybersecurity threats of 2024, impacting nearly three-quarters of organizations last year with an average cost of $4.45 million.i According to Verizon, about a

Mergers, acquisitions, and divestitures (M&A/D) offer opportunities for businesses to grow, streamline operations, and enter new markets. However, strategic planning and financial negotiations can overshadow a crucial element: information security.   This blog post dives into the critical security considerations for M&A/D activities, exploring the importance of information security, potential risks,