Government Shutdown May Lead to Increased Hacking Activity

With the U.S. government shutdown in its 25th day, additional repercussions have surfaced which may hinder the public’s cyber security.

Due to the shutdown of the U.S. government, all nonessential government tasks are being foregone, including the renewal of TLS certificates.  TLS certificates are used by any website that communicates over an encrypted HTTPS connection.  This certification confirms the website’s privacy by verifying it is who/what they claim to be, and the website has not been compromised.

Without this certification, various .gov websites have been identified as insecure; although, some are still allowing users to bypass the security alerts to access the content.  However, the lack of certification has left other websites entirely inaccessible.

How Does This Impact Cyber Security

Because these sites are being marked as insecure or inaccessible, their relevance begins to decrease in search results.  Meaning, if malicious lookalike pages are created, they will be shown, instead of the legitimate websites.  Why?  Because search engines want to offer users useful websites that have the content they are looking for — and offering insecure or inaccessible websites is not helpful.  To be clear neither is serving up malicious lookalikes, but these search engines often don’t know the copycat URLs are malicious.

How to Stay Protected

First, users should always be aware of what websites they are visiting.  This includes monitoring the HTTPS prefix in the URL.  Users are also encouraged to use an adblocker to prevent malicious ads from populating on the screen while browsing online.  Lastly, deploying an application whitelist security solution is critical.  A whitelisting agent will only allow known safe programs to run.  Therefore, if a user does accidentally encounter a malicious lookalike site, and malware attempts to execute — the whitelist will prevent it from infecting the PC.

2,422 total views, 1 views today

(Visited 1 times, 1 visits today)

One thought on “Government Shutdown May Lead to Increased Hacking Activity

  1. RE:
    “Without this certification, various .gov websites have been identified as insecure; although, some are still allowing users to bypass the security alerts to access the content. However, the lack of certification has left other websites entirely inaccessible.”

    Why did you not warn us with a list of these .gov sites that your article claims IS marked as insecure, and a list of ones that are “inaccessible?”

    Fake news?

    Every .gov domain I checked is safely secure… USA.gov, usda.gov, healthcare.gov, mymedicare.gov, treasury.gov, and many more.

    What isn’t happening is updates while the data entry clerk is away on furlough.

    Your article insinuates that TLS certificates expire in short 30 day increments or something, when in March of 2018 the validity range was changed to about 2 years, or 825 days to be more specific.

    Shutting down non-essential portions of government didn’t magically cause any certificates to expire any sooner than had the government not done a partial shutdown.

    Let’s not forget that.

    Offices in government are not cold and empty… They are still staffed with employees who are essential, like their upper IT people, thankfully.

    I do suggest the PC Pitstop security solution to friends who are too dumb to rely on cobbling together free solutions which may require them to make choices they are not qualified to make, such as choosing what levels of web scripting to default block, and when to add exceptions. Your whitelist is easier for them to live with, where other people have made decisions for them.

    Thank you very much for the warning, as I almost forgot I need to renew a certificate for one of my domains.

    LetsEncrypt recently emailed me about the issue. Short excerpt:

    “TLS-SNI-01 validation is reaching end-of-life and will stop working on **February 13th, 2019.**

    You need to update your ACME client to use an alternative validation method (HTTP-01, DNS-01 or TLS-ALPN-01) before this date or your certificate renewals will break and existing certificates will start to expire.”

    This could be a real issue for some sites eventually. We have less than a month to bring everything current.

    I expect about 3 hours for all my domains, but it may be less.

    What I am wondering, is since you wrote your article affirming .gov sites were already having issues, is if you will name those sites for your readers, or if it isn’t actually true?

    History in downdetector and other sites which graph reports of site outages shows all the .gov sites that I checked have not had any unusual outages longer than a few minutes at a time, like they always experience.

    You made claims, but didn’t cite any sources or list any domains experiencing issues with TLS expiration.

    Dig deep… I don’t buy your story that it HAS happened during this partial government shutdown without anyone else reporting.

    I am sure all your readers will want at least a partial list of .gov sites impacted by TLS expiration or showing as insecure.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.