Government Shutdown May Cause Issues With Web Security

January 23, 2019

Written by wukovits

Here’s a side-effect of the government’s continuing shutdown that many people had not anticipated:  Expiring TLS Certificates used for web security. Most people clearly see the impacts of national parks closing and the like.

It’s worth remembering that the government’s IT staffed as been classified as ‘non-essential’ too, which means they’re currently sitting at home twiddling their thumbs, waiting for the politicians to decide what’s next and get the doors of government opened up again.

Unfortunately, that’s beginning to have an impact on the vast collection of websites the government maintains.  TLS certificates are beginning to expire.  Currently, there are more than 80 government websites are either insecure or inaccessible due to expired certificates.

If you visit a website with an expired certificate, depending on the browser you’re using you’ll get some type of highly visible warning, and may not even be able to proceed to the site.  Even if you are, know that doing so carries added risk.  Sites without certificates, or sites with expired ones are much more vulnerable.

Among a great many others, this has impacted the Department of Justice website, NASA’s rocket testing site, and one of the sites used by the US Court of Appeals. As the shutdown grinds on, this list will only expand and grow.

Worse, the longer the shutdown lasts, the more likely it is that some governmental sites will simply go offline.  When that happens, it opens a big door to hackers to spoof government sites and begin causing all sorts of trouble.

The bottom line is that for the foreseeable future, take an added measure of care when navigating to government websites.  Thanks to the shutdown, many of them are not as secure as they could be, and the problem is certain to worsen over time. Be careful with internet for a while.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.