US Shutdown Exposes Consumers and Organizations to Attackers

• The current US government shutdown has left online consumer protection agencies crippled.
• Citizen information databases are vulnerable to attacks as certificates expire one after another.
• Experts highlight the need for the establishment of an emergency cybersecurity protection plan.

Government shutdowns in the US is a relatively common situation that occurs when the funding of the federal government operations is for any reason not approved by the Congress or the president. Usually, these shutdowns last for a couple of days which are still enough to cause problems on all sectors, including national cybersecurity. The most recent one though is running for 24 days now, breaking the record for the longest shutdown in the history of the country, keeping the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) out of service.

The situation has turned into an “attacker’s paradise”, as no one is currently working to actively and proactively protect the citizens’ data (found in various databases and registries), no one is enforcing marketing and online protection regulations of any kind, and no official entities monitor online activities and impose measures of any kind. FTC has temporarily seized the operation of multiple domains that operate under their control like the “identitytheft.gov” where citizens can report fraudulent activity. The FCC has also shut down their consumer complaint webpage, pointing to a document that analyzes the impact of the lapse in funding on the commission’s operations.

The situation is dire right now, and as we move deeper into this shutdown, several vital websites such as rockettest.nasa.gov are set to see their web security certificates expire. To this day, more than 80 TLS certifications of governmental websites have already expired, and several of them became completely inaccessible. One of the most notable examples of them is the website of the US Department of Justice which is now down. The expiration of certificates allows for data stealing through eavesdropping and man-in-the-middle attacks, as well as other types of cyber-attacks.

Image Source: news.netcraft.com

With all this going on, no one knows when the negotiating parties will reach a funding agreement, and Trump seems to be completely unwilling to compromise on his wall-building demands right now. The budget for this work is highly unlikely to get approved, so the situation is stuck, and US citizens are currently paying the price, farewelling their online consumer protection and privacy rights. Cybersecurity experts in the US are urging Trump to resume government funding in the context of an emergency program that will enable critical security measures to be developed and implemented until a funding agreement is reached.

Do you believe that the US government shutdown will be over soon? Let us know of your opinion in the comments below, and don’t forget to subscribe to our socials on Facebook and Twitter so that you are among the first to get to know what’s new in the tech world every day.