Several parts of the federal government have been shutdown for about a month now and cybersecurity professionals said government websites were becoming more vulnerable to security breaches each day the shutdown continued.
Visitors to manufacturing.gov, for instance, are finding that the site has become unusable — its information about the manufacturing sector is no longer accessible. Instead, it features this message at the top of the homepage:
NOTICE: Due to a lapse in appropriations, Manufacturing.gov and all associated online activities will be unavailable until further notice.
Security certificates help keep websites secure, but last week the British security firm Netcraft reported that more than 130 certificates used by U.S. government websites had expired.
These certificates ensure users are actually accessing government resources and not a fraudulent website, said Dan Kaminsky, the chief scientist at the security firm White Ops.
The lack of a certificate makes it easier for a bad actor to trick users into going to a fake website. Even though there's a warning when users click on a website without an updated certificate, Kaminsky said, "people might get used to ignoring the browser warnings" because of the shutdown. "Then you think you're really walking into this [web]site and you're really not."