October 12, 2013; WBZ – CBS Boston
When it was reported this weekend that a computer glitch had caused the Electronic Benefit Transfer (EBT) cards used by recipients of food stamps and other benefits across 17 states to fail to work or to show up as having no spending limits, I harkened to a report aired Friday on NPR’s All Things Considered about the potential effect of the shutdown on government websites. Some websites are entirely shut down, but others are just sitting static with a message like, “Due to the lapse in federal government funding, this website is not available. We sincerely regret this inconvenience.”
Sign up for our free newsletter
Subscribe to the NPQ to have our top stories delivered directly to your inbox.
But Chester Wizneski, a security advisor with a company that makes computer security and hardware and software, says pulling the sites offline and putting up these “under construction” pages could have invited security risks. “I would argue they’re more hackable now that they’ve shut them down than they were when they were operating because, once again, we’ve taken an emergency measure in order to do something out of the ordinary, and I highly doubt that these outage notifications and pages have been properly tested.”
Steve Santorelli, formerly of Scotland Yard and now with an Internet security firm, says, “They’re going to have less scrutiny over their logs. There’s technical people actually reviewing things on the daily basis to make sure that nothing suspicious is actually caught.” He says that the longer the websites sit idle, the more tempting they become.
Santorelli goes on to remind us that the last time there was a government shutdown, the Web was in its infancy, so there is no precedent for online aftereffects. “The reality is there’s a lot of things that will be going on that could be security events, but they aren’t necessarily what we call security incidents. They are anomalous behavior that needs to be reviewed to make sure that it isn’t, in fact, an attempt by a criminal hacker to breach the system.”
While the problem with the cards is being attributed to a temporary malfunction at Xerox Corporation associated with a routine test of backup systems, we have to wonder what we are likely to see when federal websites get back up and running.—Ruth McCambridge