85% increase in US Government Cyberattacks blamed on shutdown!

DarkReading.com reported that “Attackers are pouncing on financially strapped US government agencies and furloughed employees. And the effects of this period might be felt for a long time hereafter.” The October 24, 2025 article entitled “Shutdown Sparks 85% Increase in US Government Cyberattacks” (https://www.darkreading.com/cybersecurity-operations/shutdown-increase-us-government-cyberattacks) included these comments:

The Media Trust found that the most targeted agency during this shutdown, by far, has been the Department of Veterans Affairs (VA). In second place — again, some distance from third — is the Department of Justice (DoJ). The chart below shows the volume of attacks that reached each agency in the first week of October.

Though the VA and DoJ might sound like an arbitrary duo, there may well be some hidden logic underneath.

When a government shutdown happens, employees fall into two buckets. Many are furloughed — sent home and barred from even checking their government email inbox. Some are deemed "essential," though, and they have to keep working.

Essential workers are just as unpaid, stressed, and vulnerable, yet they still have to walk into their workplace everyday. Miller points out how, especially in these cases, "you're going to have morale issues. And then with this minimal staffing, you're creating a higher burden on the personnel who are there having to do probably additional work," meaning cyber threats are more likely to slip through.

Because so many of them perform crucial medical and benefits work, 96.8% of employees at the VA are still going into work Monday through Friday. Similarly, 90% of DoJ employees are considered essential.

The White House has advised that, during the shutdown, "generally, agency cybersecurity functions are excepted as these functions are necessary to avoid imminent threat to Federal property," but agencies have discretion in how they interpret this guideline. And with two-thirds of the Cybersecurity and Infrastructure Security Agency (CISA) sitting at home, agencies already lack the support they're used to at a time when they're at greatest risk.

Are you surprised?