During the partial government shutdown, you may have noticed some government websites are offline.
There's no funding or staff to keep them running, and that gap worries cybersecurity experts.
They say that with each passing day of the shutdown, the US puts itself at greater risk to hacks and other cyberattacks.
Right now, large portions of the government’s IT staff are furloughed.
At the Department of Homeland Security’s newly established Cybersecurity and Infrastructure Security Agency, about 43% of its 3500 employees have been told to stay home.
With no staff for upkeep, there have been lags in routine cybersecurity maintenance.
As of January 16, more than 130 security certificates that provide secure communications on government websites had run out.
This could create an opportunity for attackers to snoop around federal sites undetected, or even allow them to impersonate official sites with fake certificates.
With no end in to the shutdown in sight, some government officials worry private companies may come with job offers to hire furloughed talent away, which happened to the NSA during the 2013 shutdown.
That could create serious brain drain. Recent reports show there are more than 300,000 open cyber jobs in the U.S. But not even the private sector is entirely stable during a shutdown.
The National Institute of Standards and Technology — an agency which helps private developers meet federal cybersecurity standards — is currently operating without 85% of its staff .
The section of its website holding those standards reportedly went down for some time, which experts say might have kept private companies from working on projects that require federal approval.
Now, shutdown or no shutdown, the DHS has given emergency orders for agencies to shore up their behind-the-scenes web defenses.
Agencies now have about a week to change passwords and add new multi-factor authentication.