by Jennifer Daffron and Kelly Quantrill
Many US government employees are currently struggling with the ongoing effects of the US Government shutdown. Due to precedents set by previous government shutdowns, impacts such long lines at airports and national park closures were expected. However, several effects were not anticipated them, including slipping standards in food safety inspections and cyber security.
With many government staff furloughed, IT maintenance has taken a backseat. Operating with less than half of its staff, the Department of Homeland Security’s newly-created cyber security and infrastructure security agency has allowed more than 80 TLS certificates used by .gov websites to expire. This translates to dozens of US government websites presented as insecure or completely inaccessible. These sites included NASA, the US Department of Justice, and the Court of Appeals. If users continued onto insecure domains, they put themselves at risk to man-in-the-middle-attacks. These attacks allow for an unauthorised third party to intercept sensitive data and communication between two users – in these cases, the client and the website. This data can include credit card information, location data, and any other personal identifiable information.