The Cybersecurity 202: The government's cyber workers are back in action. First task: Checking for hacks

[InfoSec News <alerts () infosecnews org>]

https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2019/01/28/the-cybersecurity-202-the-government-s-cyber-workers-are-back-in-action-first-task-checking-for-hacks/5c4dfa6d1b326b29c3778cdc/

By Joseph Marks
The Washington Post
January 28, 2019

Thousands of federal cyber workers are returning to their posts after more than
a month on furlough today. And they have a big to-do list.

The first priority: Looking for evidence of any major hacks that wormed through
government defenses the past 35 days while agencies were working with a skeleton
crew of security pros.

It will take them days or weeks to pore through security logs to assess how much
damage the shutdown did to the security of government computer networks and the
sensitive data they hold. The attacks did not abate because the government was
closed: One cyber manager who worked without pay during the shutdown described
an uptick in attacks on his agency -- including phishing emails containing
malware, attempts to reset employee passwords and attempts to trick users into
downloading malicious software cloaked as a legitimate update.

Also on the docket: Figuring out how to adjust the multimillion-dollar contracts
to upgrade and secure federal IT systems that have spent more than a month on
ice.

Perhaps most dishearteningly, cyber and IT leaders across the government will
need to figure out the smartest way to prepare for the possibility of another
shutdown if Congress and the president can’t reach a new funding deal when the
current one expires in three weeks. President Trump has said congressional
Democrats must give him new money for a U.S.-Mexico border wall or risk another
shutdown when the temporary funding expires.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_