Are we sitting ducks in the cyber pond?
- By Amber Corrin
- Oct 08, 2013
The government shutdown leaves the nation vulnerable to cyber attacks, according to lawmakers and experts at a conference. (Stock image).
Top officials believe that U.S. cybersecurity is jeopardized by the perfect storm of a government shutdown, budget cuts under sequestration and a lack of political will. Speaking in Washington on Oct. 8, congressmen, agency leaders and cybersecurity experts expressed concern that adversaries could take advantage of the situation.
One by one, Washington heavyweights blasted the government shutdown and its potentially disastrous effects on national security. Some also openly worried about the failure of cybersecurity legislation and the future of the workforce, while others defended controversial information-sharing and National Security Agency surveillance programs. Politico sponsored the event.
"To think we would take a pause, a step back in cyber — the Russians and the Chinese are licking their chops at the thought of that," said Georgia Republican Sen. Saxby Chambliss. "If you think about the cyber threat, in many ways it is an asymmetric threat on steroids."
The budgetary impact on cybersecurity goes beyond just the government shutdown. The Pentagon is facing billions in cuts, including a 10-percent across-the-board reduction under sequestration for 2013 and possible furloughs if another sequester round is implemented in fiscal 2014.
"It's going to have a huge impact," Chambliss said. "We've got programs impacted, critical satellite programs and others that from an infrastructure standpoint face more scrutiny than ever as we go through the defense authorization bill. The people side of it is critically important; it's pretty clear that if nothing changes in relation to sequestration, there are going to be major furloughs."
The "people side," numerous speakers said, is another primary concern as the government shutdown and fiscal pressures take their toll on the federal workforce.
Fiscal "uncertainty, cutbacks, furloughs, the uncertainty of next mission and how folks fit in – that [all has] hurt morale," said Rep. Tammy Duckworth (D-Ill.). She called the situation "very insidious...it's showing in education programs and social services. Across the intelligence community, folks are not sitting at their desks doing their jobs."
Rep. Michael McCaul (R-Texas) agreed, noting just how hard-hit the federal workforce tasked with national security has been. The Homeland Security Department is operating at 85 percent overall, and only 57 percent in cybersecurity operations, he said.
"Intelligence is the best defense against terrorism, and when we have less people working on the cyber realm and other areas, we're going to be vulnerable. And that's what's happening right now," said Rep. Dutch Ruppersberger (D-Md.). "We're going to see the results from this down the road."
Ruppersberger, along with Rep. Mike Rogers (R-Mich.), has been working at passing cybersecurity legislation for more than a year to little avail.
Rep. Mac Thornberry (R-Texas) was doubtful that much would change before 2014.
"Given the crowded nature of docket...it's hard for me to see cyber information-sharing legislation breaking through that this calendar year," said Thornberry, who does not expect to see Congress act before the final cybersecurity framework is released in February.
That framework, currently under construction by the National Institute of Standards and Technology under executive order, remains stalled by the shutdown. A draft version of the framework is due Oct. 10 but is likely to be delayed.
"I went online to look at the most recent draft before I came here and the website was unavailable because of the shutdown," said Chris Finan, a former White House cybersecurity director now with the Truman National Security Project.
The shutdown is just one factor in the dismal outlook. Rogers, echoed by Gen. Keith Alexander, commander of U.S. Cyber Command and National Security Agency director, acknowledged that contractor Edward Snowden's leaks about NSA surveillance activities have also delivered a blow to Americans' regard for their own government.
Alexander, however, defended NSA practices and said that collecting and sharing data are critical to cybersecurity. He proposed that intelligence agencies put citizens' data in a central location that allows for controls as well as openness.
"It's in the nation's best interest to put the phone data into a repository that the American public knows what we're doing with," Alexander said. "I'm open for transparency. I'm open for where we put the data. ... How do we ensure that the American people know what we're doing is exactly right without letting the terrorists know how to circumvent it? That's the real issue."