Some powerful Democratic senators are looking for some answers on what, if any, cybersecurity risks were posed by the recent, and possibly future, government shutdown(s).
Sen. Mark Warner (D-Va.), vice chairman of the Intelligence Committee, fired off a letter to the Department of Homeland Security seeking to "better understand the shutdown’s toll on our national security."
"I have time and again sought to sound the alarm about our nation’s lack of a coordinated cyber strategy, and about our being unprepared to fully protect against and deter these attacks," said Warner. "That is true today more than ever,” said Sen. Warner. “One of the many areas where this unnecessary shutdown had dramatic consequences on our nation’s ability to defend against cyber-based threats. These threats come from a range of malicious actors, are constantly evolving, and are unrelenting.”
"Cybersecurity and Infrastructure Security Agency (CISA) was forced to suspend crucial efforts to protect our cybersecurity and infrastructure," said Warner. "Also hindered was the FBI’s ability to conduct cyber investigations. Some agents reported lacking the funds to pay their confidential human sources, therefore losing critical information and irreplaceable sources."
Warner cited a survey released at the State of the Net conference in Washington Tuesday (Jan. 29) that found 63% of respondents considered threats to online security and privacy as more urgent problems to solve than border security.
Possible presidential hopeful Sen. Amy Klobuchar (D-Minn.) teamed up with Sens. Ed Markey (Mass.), Tom Udall (N.M.), Catherine Cortez Masto (Nev.) and Cory Booker (N.J.), to send a similar letter to DHS and the National Security Agency.
The senators were responding to reports that the nation's cybersecurity teams were operating with less than half their staffs during the shutdown and that scores of government agencies' websites were either insecure or inaccessible because their security certifications had expired.
“Experts have warned that our reduced capacity for cybersecurity during shutdowns provides an opportunity for adversaries and cyber criminals," the senators wrote. "We are concerned that these circumstances have left our government and citizens vulnerable to cyber attacks and write to request information regarding what actions are being taken to protect our networks in the event of a future shutdown."
Both letters sought answers on questions like the impact of the shutdown, what steps were taken to minimize them, whether security certificates can be renewed regardless of shutdowns, and what percentage of the cybersecurity workforce was furloughed.