Federal Friday - 10.18.2013 - The "We're Back In Business" Edition

Blog Post created by jschim Employee on Oct 18, 2013

After a tough start to FY14, a sense of normalcy should start to creep back in over the coming weeks. Even though the folks in the House and Senate merely delayed their budgetary discussions, we can only hope that some hard lessons were learned this time around and that come January our collective backs won't be up against the wall again. Unfortunately the under-valued thespian, Nicolas Cage, won't be representing my feelings in this week's blog as we have some things to talk about.


One of the big concerns stemming from the shutdown was who was deemed essential and who wasn't. Unfortunately for most agencies their cyber teams were not considered essential, with some exceptions. All in all though, we were left fairly exposed during the shutdown for a number of reasons. While skeleton crews were in place to keep systems running and monitor the networks, the human element was effectively taken away for 3 weeks. They were made to rely on instead, a single individual to monitor complex security deployments that typically requires a team of specifically trained individuals to run effectively. Additionally, due to the extended length of the shutdown, attackers were given plenty of time to search for vulnerable critical systems.  While strict firewall standards may be in place, the maintenance (updates, patching etc.) have gone unchecked.  There was also a release of two IE Zero Days patches during the 16 days Washington was closed which could have a major impact if they remain unpatched, potentially putting networks of all sizes at risk.


The other issue, which I find astounding, is that by leaving behind "essential" employees you have given skilled Phishers their prime targets. Highlighting the importance of these individuals like giving Ahab a white whale fish finder in Moby Dick. My suggestion upon returning back to work, aside from the mountains of catch-up you will be doing, is to run some social engineering campaigns against those employees that were tasked to be in-office during the shutdown. If they're vulnerable to your tactics they could then be a honey-pot for future attacks, especially given the "essential" tag they've been given.


There were two great articles on the hit Cybersecurity took during the lockout which you can find here and here.


To make sure you end your week the right way we have the return of the Panda Cam, so sit back and watch as these cuddly creatures possibly make an appearance (no guarantees).


Welcome back everyone: 1251739579-nicolas-cage-20041116050216836-001.jpg