The News
As TSA screeners begin to be paid on Monday, another group of Department of Homeland Security employees who scan for threats will likely continue working without pay: employees at the Cybersecurity and Infrastructure Security Agency.
CISA, housed within DHS and responsible for defending critical infrastructure, has been hamstrung by the ongoing shutdown, even as threats connected to the war in Iran surge, including the successful hack of FBI Director Kash Patel’s personal email and the most significant wartime cyberattack in American history, on medical device company Stryker, two weeks ago.
Last week, CISA’s acting chief warned in a hearing that 60% of the agency’s workforce had been furloughed, “creating a real opportunity for our adversaries to be able to take advantage of that gap in capability.”
With staffing severely reduced, CISA acting Director Nick Andersen says the agency is largely limited to responding to imminent threats instead of proactively preventing them — “necessary functions, but they are not sufficient to get ahead of the threat.”
Two days after Andersen’s warning, hackers associated with Iran’s Ministry of Intelligence and Security said they’d breached Patel’s personal email, adding to a growing list of high‑profile cyberattacks on US entities for which the group has claimed credit since the war began. On March 18, Handala took credit for the historic cyberattack on Stryker, which wiped 200,000 devices, exfiltrated large amounts of data, and delayed surgeries.
The FBI confirmed the attack on Patel’s email in a statement to Semafor and noted that the State Department has offered a reward for information leading to the identification of the Handala team out of Iran, which “has frequently targeted U.S. government officials.”
Lauryn Williams, former director for strategy in the White House Office of the National Cyber Director under former President Joe Biden from 2022 to 2024, emphasized the real-world consequences of federal cyber staffing shortages: “Civilian cyber agencies like CISA have been gutted over the course of the last year, but in addition, we’re in a DHS partial government shutdown,” she said.
Know More
The staffing challenges coincide with new federal guidance on cybersecurity. On March 6, Trump released his “Cyber Strategy for America.” The document was seven pages long, concise compared to his 2018 strategy, at 26 pages, and Biden’s 2023 strategy, at 34 pages.
Experts note the document is higher-level than previous plans, which included concrete implementation steps. Nikita Shah, a senior fellow in the Intelligence, National Security, and Technology Program at CSIS, said the strategy “has the right objective and the right priorities, but it’s very vague on implementation.”
The FBI emphasized that despite these gaps, it continues to actively pursue cybercriminals. “Consistent with President Trump’s Cyber Strategy for America, the FBI will continue to pursue the actors responsible, support victims, and share actionable intelligence in defense of networks,” the agency said in a statement.