Why does the Internet seem broken lately? Let’s start with the obvious – the government shut down is a horrific occurrence far beyond what people realize.
Why is the Internet slow right “now”? Because DNS is under attack and the government is shut down and incapable of responding. Seriously. We, the InfoSec community, are flying blind. For the average person – you are kind of hosed. (kidding, not kidding….)
What is DNS? “DNS” means “domain name resolution.” and it tells your computer how to find a web site. The thing is, *most* sites pull content from numerous places (think twitter feeds on your page, or a FB badge, or a font, etc.) If *ANY* of these items are slowed down, so is your site.
Not surprisingly, criminals look for opportunities and our politicians gave them a big giant gift by shutting down the government.
The DNS attacks, among others, haven’t made the news because the government has been shut down.
Recovery from one month of nobody managing CyberSecurity for the US Government will take months if not years. Some damage is permanent. (I’m just the messenger.)
If the Internet and cybersecurity are put in the category of “non-essential” then we have a serious problem. And we have a serious problem far larger than the drop in home buying. Hackers are patient. Very patient. Recon conducted over the last month will be used far into 2020. The RATs will persist in silence and nobody will know until they are activated.
Image from: https://www.deteque.com/live-threat-map/
Additional resources:
Fox News on the impact of the government shut down on cybersecurity
https://video.foxnews.com/v/5990953428001/#sp=show-clips
Krebs on Security’s take:
https://krebsonsecurity.com/2019/01/how-the-u-s-govt-shutdown-harms-security/
#forgotten Hurricane Harvey and Houston
One federal agent with more than 20 years on the job told KrebsOnSecurity the shutdown “is crushing our ability to take the fight to cyber criminals.”
“The talent drain after this is finally resolved will cost us five years,” said the source, who asked to remain anonymous because he was not authorized to speak to the news media. “Literally everyone I know who is able to retire or can find work in the private sector is actively looking, and the smart private companies are aware and actively recruiting. As a nation, we are much less safe from a cyber security posture than we were a month ago.”
The source said his agency can’t even get agents and analysts the higher clearances needed for sensitive cases because everyone who does the clearance processing is furloughed.