Report: Gov’t Shutdown Had ‘Minimal Effects’ on Federal Network Cybersecurity

The 35-day U.S. government shutdown resulted in “very minimal effects” on the overall cybersecurity of federal systems, according to a recent report by the information technology firm SecurityScorecard.

Researchers studied the cybersecurity of 128 federal agencies based on network security, which covers open ports and SSL certificate matters. They also studied patching cadence that involves the frequency of software updates and endpoint security, which revolves around detecting vulnerabilities in the systems of end users. The study covers signal collection on activities such as malware infections, network security configurations, web application identification, leaked enterprise credentials, endpoint security information, patching cadences, mentions in hacker forums and other potential threats.

The report noted that network security declined to 90.7 percent, a 1.58 percent decrease from the 92.28 percent recorded before the shutdown. However, researchers noted that endpoint security and patching cadence increased during the shutdown period. Endpoint security saw a 9.16 percent increase, potentially due to lesser traffic from government networks during the shutdown. Patching cadence also rose by 1.38 percent, most likely because of factors such as an increased capacity to implement overdue updates and parts of the government that were still operating during the shutdown.

According to the report, a longer shutdown ranging from 60 to 120 days would “likely have much more measurable impact” on the overall cybersecurity of federal systems.

Check Also

Innovation

Air Force to Hold Industry Event for Mobility-Focused Small Business Tech Transfer Solicitation

The U.S. Air Force’s AFWERX innovation arm will host an event on July 15 and 16 to brief small businesses and academic entities on the service branch’s efforts to utilize commercial technologies for military applications, the service branch reported on Friday.