DragonI

Government shutdown: TLS certificates not renewed, many websites are down | ZDNet

Over 80 government websites are down after TLS certificates expired and there's nobody on hand to renew them.

www.zdnet.com|Catalin Cimpanu

NASA, the US Department of Justice, and the Court of Appeals are just some of the US government agencies currently impacted, according to Netcraft.

Consequently, government websites are dropping like flies, with no one being on hand to renew TLS certificates.

Websites with expired certificates where admins followed proper procedures and implemented correctly-functioning HSTS (HTTP Strict Transport Security) policies are down for good, and users can't access these portals, not even to browse for basic information.

Nevertheless, visitors are warned not to log in or perform any sensitive operations on these sites, as traffic and authentication credentials aren't encrypted and could be intercepted by threat actors.

Visiting and browsing content is fine, but users should also be aware that all websites will not be actively managed and there won't be employees on hand to process requests or update sites with the latest correct information.

According to Axios, the Department of Homeland Security's newly created Cybersecurity and Infrastructure Security Agency (CISA) has had 43 percent of its staff, which amounts to roughly 1,500 employees, sent home. The National Institute of Standards and Technology, which puts together and manages many security standards, has also kept only 49 employees of its normal 3,000.