Solutions Blog

Government shutdown affects more than workers

As the government shutdown enters its fourth (4th) week, which marks the longest of its kind in U.S. history, the list of ill effects left in its wake now includes IT security. Yay! Like the impasse between the Trump administration and Democrats that’s at the heart of the shutdown—the border wall—this aftershock also includes a wall. This one (1), however, comes in the form of a digitally-encrypted wall—TLS (Transport Layer Security) certificates.

TLS certificates, like SSL certificates, are utilized by websites to secure connections between users accessing them. For all intents and purposes, TLS is basically the 2.0 version of SSL. Web servers that have installed TLS certificates display their web address with that all important “S” after “HTTP”. Yes, the “S” stands for secure; it means a cryptographic key has been binded to the website, so communications between it and users are encrypted.

So, what does this have to do with the government shutdown?

It’s reported that as many as eighty (80) government websites—those with a .gov domain name—are no longer TLS-protected. Their certificates have expired. And furloughed government IT workers means there’s nobody to renew the certificates. So, trying to access one (1) of these unprotected websites will net you this message—Your connection is not private. As a result, users won’t be able to enter the site. Frustrating, yes, but at least they’ll be kept safe by being prevented from entering. However, in several browsers the warning can be bypassed, which means any sensitive information entered, such as social security numbers, won’t be encrypted. If more advanced and adventurous users decide to take this route, they could open themselves up to man-in-the-middle attacks, in which cyber criminals eavesdrop on conversations in the name of ill-gotten gains.

Naturally, the longer the shutdown, the more sites will be affected. In just over three (3) weeks, eighty (80) certificates have expired. And those eighty (80) sites represent only two percent (2%) of all federal .gov sites. Yikes.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

]]>

Categories:
Share on linkedin
Share on twitter
Share on reddit
Share on facebook
Share on email

Learn more about Government shutdown affects more than workers by filling out the form below:

Building the Future of Manufacturing

Manufacturers have had to a deal with a host of new problems and opportunities related to COVID-19, from new safety concerns to increased demand for services and everything in between. Looking forward to the rest of 2021 and beyond, here are three technological focus areas that will drive the manufacturing industry forward.

Read More »

The Picture of Health: Data Management

Though the need for healthcare providers to manage valuable data has increased dramatically, most have not had the time or capacity to fully assess how to support the long-term costs and security concerns related to these services, and many are currently struggling with performance issues that hinder user productivity.

Read More »
WordPress Image Lightbox