Among the government malfunction After more than five weeks, the Congressional Budget Office said on Thursday it had recently been hacked and had taken steps to contain the breach. The CBO provides lawmakers with nonpartisan financial and economic data, and The Washington Post reported that the agency was infiltrated by a “suspected foreign actor.”
CBO spokeswoman Caitlin Emma told WIRED in a statement that the company has “implemented additional monitoring and new security measures to further protect the agency's systems” and that “CBO occasionally encounters threats to its network and continually monitors their resolution.” Emma did not respond to WIRED's questions about whether the government shutdown has impacted the CBO's technical staff or cybersecurity-related work.
With growing instability in the Supplemental Nutrition Assistance Program (SNAP) leaving Americans hungry, shortage of air traffic control personnel flight disruption, financial devastation for federal workersand installation operational shortage at the Social Security AdministrationThe shutdown is increasingly affecting every corner of the United States. But researchers, former and current government officials, and federal technology experts warn that gaps in fundamental activities during the shutdown — such as system patching, activity monitoring and device management — could have real consequences for federal defense both now and for years to come.
“Many federal digital systems are still just running in the cloud during a shutdown, even if the office is empty,” says Safi Mojidi, a longtime cybersecurity researcher who previously worked for NASA and as a federal security contractor. “If everything has been configured correctly, the cloud provides an important baseline of security, but it is difficult to rest easy during an outage knowing that even in the best of times, security issues arise.”
Even before the shutdown, federal cybersecurity staff had been hit by staffing cuts at agencies like the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, potentially hampering leadership and coordination of digital defense across the government. And CISA has ongoing staff reductions including during shutdown.
In a statement, spokeswoman Marcy McCarthy said “CISA continues to carry out its mission” but did not answer WIRED's specific questions about how its work and digital advocacy at other agencies was affected by the government shutdown, which she blamed on Democrats.
The government's move to the cloud over the past decade, as well as the increased focus on cybersecurity in recent years, does provide important support for disruptions such as economic shutdowns. But experts stress that the federal landscape is patchy, and some agencies have made more progress and are better equipped than others. Additionally, missed and overlooked digital security work that accumulates during a shutdown will create a backlog when employees return that will be difficult to overcome.
