Government cyber workers increasingly concerned hackers will strike during shutdown
WASHINGTON - The government's cybersecurity professionals are increasingly concerned that hackers will take advantage of the partial shutdown to tamper with sensitive government data or steal citizens' information - and that the bare-bones staff won't be able to fend them off.
It's far from clear that the cadre of contractors and "essential" employees that remain on the job - and without pay - are equipped to defend against such a hack, a furloughed cybersecurity and IT manager tells me. The risk increases every day the shutdown continues, and he worries that failing to combat a serious hack or disinformation campaign would have consequences long after it eventually ends.
"We've never tested the limits like this before and I don't know if they're equipped to handle it," the furloughed worker, who manages a dozen digital systems at a small federal agency, told me. "The risk is much higher than it should be, especially when we're talking about people's sensitive data."
The furloughed worker, who spoke on the condition of anonymity because he's not authorized to speak to the media, is among more than 1,000 cyber and IT staff barred from working during the shutdown, which is the longest in history. Despite that ban, the worker told me, he fields text messages every day from agency employees and contractors who are working through the shutdown and helps them to keep agency computer systems running securely.
"People say 'think of this as a paid vacation' and that's insulting," he said. "I'm available 24/7 if they need me. The folks on my team are all unofficially checking in and making sure things are running."
Of the dozen digital systems that the furloughed worker usually manages, all but one has suspended operations during the shutdown, he told me. The system that's still operating doesn't contain sensitive information, he said, so the worst hackers could do by directly penetrating it would be to alter the information it does hold, sowing confusion and increasing distrust in government.
The threat of a disinformation campaign could have serious consequences. For instance: Hackers could monkey with numbers in government reports that other federal and state agencies rely on to do their own work, or change things in old press releases, speeches and statements. Or they could seize an opening to deface websites so citizens know the government can't protect its own websites.
And because many government systems are interconnected, a hacker who gained a foothold in any one system could use it to jump to other systems that do contain sensitive data, he said.
"We can build all the defenses up on a system, but once someone breaks in, who knows what they can do?" he told me.
The furloughed worker isn't alone in that fear. Bruce McConnell, a former Homeland Security Department top cyber official, raised a similar concern when I spoke with him during the second week of the shutdown.
"Cyber attackers aren't taking a shutdown. They're taking advantage of the shutdown," McConnell told me.
Here are three other big take-aways from my conversation with the furloughed cyber worker:
1. This could be the last straw for many federal workers.
The frustration of a forced furlough and missing a paycheck is sure to drive many federal workers into the private sector, said the furloughed worker who is considering private sector options himself. The lure is even greater for workers in high-paying fields such as cybersecurity, he said.
"Amongst my peers, we're all raising our eyebrows and saying: 'Is this really working?'" he told me.
Unfortunately, the most highly skilled and motivated workers will also probably be the first to leave, he told me.
"There are good employees and bad employees in government," he said, "and this is clearly a disincentive for the good employees to stick around."
2. Cybersecurity improvements are on hold.
Like many federal agencies, the one the furloughed manager works for is riddled with outdated and insecure software systems, he told me, and efforts to update those systems are on hold.
The agency will get back to some of those plans when the shutdown ends, he said, but they will almost certainly have to be curtailed during the current fiscal year because of time lost to the shutdown and to the complex process of resuming operations after weeks or longer with a bare-bones staff.
3. There's really no such thing as an "essential" worker
The public might imagine a nice clean list of precisely what functions and people are necessary to keep the government running without incident during a partial shutdown, but it's not really that simple, the furloughed worker told me.
As an example, the furloughed worker was actually eligible for an "essential" slot that would allow him to keep working without pay, managing the one system he oversees that's still operational during the shutdown, he told me. He opted, instead, to defer that slot to his subordinate who has more expertise in running the system day-to-day, he said. But, actually, neither of them can run it perfectly without the other's help and insights, he said, which is one reason he spends so much time texting with the worker who's still on the job.
The furloughed worker was also concerned that Congress wouldn't grant back pay to furloughed staff and wanted to ensure his employee, who has a larger family and a smaller financial cushion than he does, had a better chance of getting paid, he said.
"He's a father of three kids," he said. "If anyone needs back pay first, it's him, not me."