Caught in the crossfire of stalled negotiations for funding the Department of Homeland Security (DHS), the country’s main defender against cyberattacks has taken a hit.
Now more than 40 days without funding, Senate appropriations leaders say around 60% of current employees for the Cybersecurity and Infrastructure Security Agency (CISA) — the front line for U.S. cyberspace and critical infrastructure — have been furloughed.
This forced the agency to cancel physical and digital assessments to detect vulnerabilities of the nation’s critical infrastructure, according to the same Senate appropriations release.
As strikes continue across Iran, some experts worry America’s digital shields are down while the country faces a known player in global cyber warfare.
While President Donald Trump signed an executive order directing the TSA to resume paychecks, other agencies like CISA still lack allocated budgets.
Senate Republican and Democratic leaders continue to warn of Iranian cyberattacks as the conflict with the U.S. and Israel develops, but there’s still no clear or quick path ahead, leaving some experts concerned.
Damage is seen at a car service centre in eastern Tehran that was hit by a missile strike, March 28, 2026.
Atta Kenare/AFP via Getty Images
“Diminishing of resources here on cybersecurity at this particular juncture is absolutely dangerous,” Dr. Frederic Lemieux, Georgetown professor of cybersecurity risk management, said.
“In a conflict with a known enemy that uses cyber weapons to, you know, like to inflict damage on its opponents, I think that it will be tested, that’s for sure,” he added.
CISA has not responded to ABC News’ multiple requests for for comment.
What is cyber warfare?
Put simply, cyber warfare is the breach of information networks for various malicious means, including disruption, spying or destruction.
Cyberattacks from state and non-state actors are common. In 2025, CISA successfully blocked 2.62 billion malicious connections within the federal civilian network, according to its annual reports.
It blocked 371 million attempts targeting the country’s critical infrastructure, including power and water systems.
“They happen, but they don’t necessarily have consequences,” Lemieux said. “We can contain them, we can repel them, and so on and so forth.”
Conventional warfare is expensive. Cyberspace gives an alternative and much cheaper option, Lemieux said. With growing access to technology and programming tools, the barrier to entry for cyberattackers is much lower.
“They are too easy to deploy, and there’s something also that we see in terms of return on investment, where you can manage a lot of, I would say, widespread campaigns for very low costs,” Lemieux said.
“You can inflict a lot of cost on your opponent just in defending systems, not even talking about other consequences afterwards,” he added.
First-responders search a heavily-damaged building that was hit by an Israeli airstrike in Beirut’s southern suburbs, March 30, 2026.
Anwar Amro/AFP via Getty Images
What’s the threat?
Former National Cyber Director Harry Coker Jr. warned about the world’s evolving cyber capabilities in a 2024 report on the United States’ cybersecurity posture, saying the U.S. is “in the midst of a fundamental transformation” of its cyber defenses.
“It is now clear that a reactive posture cannot keep pace with fast-evolving cyber threats and a dynamic technology landscape,” Coker said.
That same report listed Iran as one of four main nation-states responsible for “a wide range of malicious activity that impacts the United States and our allies.”
Hackers breached FBI Director Kash Patel’s personal email, sources familiar with the situation said last week. Iranian-linked hackers online have claimed credit.
Earlier this month, hackers supporting Iran claimed responsibility for a significant cyberattack against U.S. medical device company Stryker. The group known as Handala claimed the strike was in retaliation for strikes that killed Iranian schoolchildren.
Groups working for Tehran have also infiltrated the email system of President Donald Trump’s campaign, tried to breach the networks used by the military and defense contractors, and even targeted U.S. water plants in rural America, according to previous reporting.
“We have a state actor that is cornered, and we know that it has penetrated several critical infrastructure systems, and it’s there,” Lemieux said.
Russia and China, two powerful allies of Iran, were also listed in the report as bad actors against the U.S.
“There is a conjuncture of a situation here that makes it appealing for another adversary to get in,” Lemieux said.
Since the strikes began, the Kremlin has provided Iran with intelligence on the location of American troops, according to U.S. officials. Lemieux said that as much as he worries about military intelligence sharing, he worries about cyberspace.
“We don’t know everything about where the Russians are hiding in our systems or I mean, where the Chinese might be hiding in our systems,” Lemieux said. “Those kinds of things are a reality of cybersecurity. You don’t know what, you don’t know when.”
Attacks take many forms, Lemieux said, which adds to the complexity of cyber defense — a challenge made greater by the recent boom in artificial intelligence.
“It could be, for example, passive and just provocative,” Lemieux said. “We saw them, you know, interrupting television channels and putting some message.”
Hackers can more easily coordinate mass attacks or make their programs more resilient against defenses, Lemieux said.
“You could receive, you know, an outage from your local government — do not drink the water because somebody tampered with the level of, you know, like filtration and chemistry in the water,” he added.
The threat, Lemieux warned, is only growing more urgent.
“This is critical,” Lemieux said. “… being cornered will break, even intensify. And that’s where we might see those hybrid warfare tactics taking place.”
CISA’s funding is tied to DHS. Should Americans be concerned during a shutdown?
Employees of several DHS agencies, including CISA, are operating without pay, with some senators saying both operations and personnel have been effected.
CISA is not new to the stresses of shutdowns. During the November 2025 shutdown, it faced one of the biggest hits within DHS, with 65% of the division placed on furlough.
In early March, Pennsylvania Republican Sen. Dave McCormick posted on social media that “over half of CISA’s workforce has been furloughed — 2,000 personnel cut down to about 800,” and warned that “Critical cybersecurity and infrastructure assessments are paused while the threats of Iranian cyberattacks are rising.”
Others, like Sen. Chuck Grassley, R-Iowa, posted that “the Cybersecurity & Infrastructure Security Agency has had to limit its operations.”
There is still debate over funding the agency. House Republicans on Friday rejected a Senate-approved bill that would have returned DHS’s budget without funding ICE and instead passed a short-term funding bill for all of the agency’s departments. That proposal was sent to the Senate, where Minority Leader Chuck Schumer, D-New York, says it is dead on arrival.
Former CISA acting director Dr. Madhu Gottumukkala gave a warning to lawmakers ahead of February’s partial shutdown.
“I want to be clear. When the government shuts down, cyber threats do not. And our adversaries work 24/7,” Gottumukkala said. “Even a brief lapse can have lasting consequences on small businesses, federal networks, and American taxpayers.”
Lemieux agrees.
“You should be concerned about what happened before the shutdown,” Lemieux said. “Also in the cuts previous, you know, prior to the shutdown. So all that puts us in a very precarious situation.”
Leave a Reply