Email
Password
Remember meForgot password?
    Log in with Twitter

article imageU.S. government shutdown: Websites insecure and inaccessible

By Tim Sandle     Jan 12, 2019 in Internet
One underplayed aspects of the longest U.S. government shutdown in history is with federal websites. Several websites have become inaccessible and even more face security risks due to a lack of updates.
The partial shutdown of the U.S. government is the longest on record (surpassing the previous record of 21 days), and at the time of writing there still no end in sight to the entrenched political standoff. The standoff rests on the dispute between President Trump, who wishes to build a wall across the U.S.-Mexican border, and the House of Representatives who are focused on other spending priorities.
Reported by Engadget, a consequence of this period of inactivity is that scores of U.S. government websites are either inaccessible or they pose a security risk. This is because there has been no one around to update TLS certificates. TLS represents 'Transport Layer Security' and it is a cryptographic protocol that provides authentication and data encryption between servers, machines and applications operating over a network. In essence, a TLS protocol aims primarily to provide privacy and data integrity between two or more communicating computer applications.
In terms of the types of websites affected, a review by Netcraft plots the range extending from NASA to the Department of Justice and through to the Court of Appeals. In all there are some eighty ".gov" websites that are affected by the shutdown.
The impact of out-of-date TLS certficiates depends on an individual's browser. Either a person will be able to access the websites, but this poses a cybersecurity risk, or they will be blocked from access some or all of the content. In practice most of the affected sites will display an interstitial security warning, however the user can elect to bypass this should they weigh up that the cybse-risk is sufficiently low.
Speaking with the BBC, security consultant Paul Mutton said of the matter: "As more and more certificates used by government websites inevitably expire over the following days, weeks - or maybe even months - there could be some realistic opportunities to undermine the security of all US citizens."
More about government shutdown, Websites, Cybersecurity, cyber risk
More news from
Latest News
Top News