Lawmakers and IT security analysts have warned that the 35-day partial government shutdown crippled cybersecurity of federal networks. However, new research shows that the shutdown actually boosted the federal government’s digital defenses in some areas.
Security Scorecard, an organization that tests cybersecurity, found that both endpoint security and patching actually increased inside the federal government during the five-week partial shutdown.
The study illustrates the complicated nature of improving cybersecurity inside the federal government and the overwhelming workloads IT officials face.
“The most secure computer is one that is turned off, and there were a lot of turned off computers during the shutdown,” Alex Heid, chief research officer at Security Scorecard, told Fifth Domain. “We saw a drop in internet traffic coming from .gov during the shutdown,” which made the federal government “less of an exploitable attack vector.”
And for the computers that were on, the Security Scorecard research found that patching, or applying critical updates, experienced a 1.38 percent gain during the shutdown.
Two potential reasons were cited. First, many essential security employees of the U.S. government were still working — with pay or without — during the federal shutdown. And because traffic was significantly reduced it was easier to patch devices during the shutdown.
“A lot of the more critical functions of the federal government continued to operate and it seems that patching exploitable conditions was one of them,” Heid said.
Federal employee workstations and mobile devices are considered to be the most vulnerable attack vectors, according to Security Scorecard.
The research also found that there was a 9.16 percent increase in endpoint security during the partial shutdown, which is correlated to the total number of internet traffic.
“Since the U.S. federal government was shut down, so were many of the workstations and endpoints. There was a noticeable drop in internet browsing traffic coming from the U.S. federal government,” the report said.
However, the report from Security Scorecard was not all positive.
The research found that network security decreased by 1.58 percent during the shutdown, which was caused by a rise in expiration of SSL certificates, which ensure encryption between a computer and a website. Still, this change was within the normal patterns of the U.S. government, according to Security Scorecard.
Heid admitted that he was “surprised by what we found,” but that it “makes a lot of sense.”
The federal government typically has some of the worst cybersecurity standards, according to the Security Scorecard report, although it has marginally increased over the past few years.
Overall, Heid said the positive and negative findings of the shutdown balanced out.
“There was very little impact from the standpoint of an external attack perspective,” Heid said. “The federal government’s network have always been a punching bag and incredibly vulnerable.”