US Federal Shutdown 'Dangerous and Irresponsible'A Shutdown 'Will Impact Our Ability to Do Our Job,' Says Deputy AG Lisa Monaco
A U.S. federal government shutdown would have "immeasurable" damaging effects on the federal government's ability to fight cyberthreats, a top official said Tuesday amid forewarnings that the country should start preparing now for potential cyber interference in the 2024 presidential election.
A shutdown "will impact our ability to do our job across the board," said Deputy Attorney General Lisa Monaco during a morning virtual event broadcast from Washington, D.C. (see: Cyber Experts Urge House Committee to Avoid Federal Shutdown).
Annual funding for the government runs out Saturday just before midnight, meaning that without unexpected emergency legislation approved by Congress before Sunday, most federal agencies will start out the new week insolvent. A small bloc of Republicans halted progress on the bills after demanding steep cuts to domestic spending and the removal of $300 million in aid for Ukraine.
Shutdowns result in large portions of the federal workforce receiving furloughs, apart from "excepted" civil servants whose job duties are essential for the protection of life and property or "exempted" workers whose salaries are funded separately from annual appropriations bills.
In updated shutdown guidance published Tuesday, the Department of Homeland Security estimated that approximately 82 percent of the more than 3,100 employees at the Cybersecurity and Infrastructure Security Agency would go on furlough in the event of a shutdown. Only 571 workers would stay on the job.*
Excepted employees are expected to continue working despite not receiving a salary during the duration of the shutdown. During the 35-day government shutdown that concluded in January 2019, growing numbers of excepted employees called in sick. They included Transportation Security Agency airport screeners, a development that threatened to disrupt airline travel.
Federal employees "who have life and safety missions will be able to continue their work," Monaco said. But the activities of support staff, along with funding for efforts with state and local partners, will be at a standstill, she said.
"It's irresponsible. For the people who are manning our cyber defenses - the cascading effects of something like this is really quite dangerous and irresponsible. We need to be able to give our employees certainty that they can come to work and do their jobs," she said.
The United States faces an array of increasingly worrying cyberthreats, including the possibility of bad actors undermining trust in the upcoming 2024 presidential election or using artificial intelligence to speed up vulnerability identification and exploitation, panelists at the virtual event said.
Chris Krebs, a Trump administration CISA director who oversaw security efforts during the 2020 presidential election, said that the U.S. needs to take full advantage of the 12 to 13 months left before the 2024 election and plan for possible digital domain interference.
In 2020, the U.S. saw Russia and China as potential threats to the election. "This time, it's a little bit different. With the Russian invasion of Ukraine and the continued support of the Ukrainian military by the U.S. and our allies - and the continued provision of more sophisticated technology, including the F-16 and other tools, the motivation shifts," Krebs said.
"When we think of the early days of the Ukraine war, we were expecting hits on U.S. infrastructure. I don't think that expectation was necessarily wrong. I think we got the timing wrong. So, as we continue to provide those weapons to Ukraine and Putin suffers some hits on the homeland, he will be perhaps more motivated to reach out and touch someone.
"And I think that could happen here. But we don't have any evidence to suggest that the Russians, Chinese, Iranians or anyone else has the technical capability - or demonstrated that ability to change the vote, stop counting or otherwise interfere with the certification. But the concept might not actually be to change the outcome of the election, but instead get into some point of the election process, make it wobble a little bit, and that cascades over the information ecosystem and undermines confidence in the process. That becomes the next big thing."
Russia and China "have redlines built in that say 'You can't go to this point' of interfering with an American election,'" Krebs said. "But things can change rapidly with what's going on in Ukraine as well as with China."
In the meantime, the insider threats facing the 2024 election, including those that are "ideology-minded" are also concerning, he said.
"In many jurisdictions, 50% of the election workforce is turning over, so that's putting new recruits, newly trained individuals - but it also creates some opportunities for those that want to create mischief, including ideology-minded folks, to come in - and now we have an insider risk problem," he said.
The potential for hackers to use AI for attacks - and for nation-states to steal AI technology for their own advantage - are also real, the experts said. That includes hackers using AI tools to find software vulnerabilities and launch attacks quickly.
Eric Goldstein, executive assistant director at CISA, said that with the growing adoption of AI it is important that the U.S. avoid mistakes it has made with other IT products. "AI need to be designed with security in mind," he said.
*Update Sept. 26, 20:06 UTC: Adds in DHS shutdown furlough guidance.