Malicious actors have always targeted government entities, especially the Department of Defense, in search of state and military secrets. Today, many of these attacks are also aimed at defense contractors who have access to confidential information – and to DoD networks and systems.
Why Contractors are Particularly Vulnerable to Cyber Threats
A 2018 cybersecurity report revealed that 5.6% of aerospace and defense contractors have experienced at least one data breach in the previous year. Why are contractors so vulnerable to cyberattack?
Many defense contractors store or have access to sensitive data that could be of value to foreign governments. Unfortunately, these contractors are often smaller firms that do not possess the same level of security as larger contractors or the government itself. This makes them attractive to hackers who can exploit small vulnerabilities to gain access to larger government systems and data.
Understanding the CMMC for Defense Contractors
To ensure that defense contractors have adequate cybersecurity measures in place, the DoD developed the Cybersecurity Maturity Model Certification (CMMC) earlier this year. The CMMC is a framework that requires defense contractors and subcontractors to certify that they have specific security measures in place before their contracts can be approved.
The CMMC requires companies working with the DoD to undergo cyber audits of their security procedures. There are several levels of certification, depending on the type of work the contractor is performing, ranging from Level 1 to Level 5. If your company is a contractor or subcontractor to the DoD, the CMMC applies to you.
Examining the Top 5 Cybersecurity Threats to Defense Contractors
The CMMC is necessary because of the increasing number of cyber threats to the defense establishment. Here are the top five threats facing defense contractors today:
1. Phishing and Social Engineering
Social engineering, typically in the form of phishing and spear-phishing attacks, is a significant threat to both public and private sector organizations. According to the PhishMe Phishing Susceptibility Report, 91% of all cyber attacks start with social engineering attacks, where individuals within an organization are targeted with phishing or spear-phishing emails.
In 2015 and 2016, a group of defense contractors was targeted by the infamous Russian hacking group known as Fancy Bear. Eighty-seven individuals, working for both large and small firms, were targeted with phishing emails and 40% of them clicked on the phishing links, putting their companies at risk. The hackers appeared to be seeking classified information about military programs involving missiles, drones, and stealth fighter jets.
2. Malware and Ransomware
The second most prominent threat to defense contractors is that of ransomware and other malware. Hackers have been installing malware on large networks for years, often with the intent of using malicious software to facilitate future unauthorized access to the system. For example, the Titan Rain operation, which ran from 2003-2007, involved Chinese hackers who infiltrated a number of US and UK government agencies. The hackers installed Trojan horse software on the targeted systems so they could gain further access at a later date and steal data at their leisure.
Ransomware is the latest form of malware that is starting to hit defense and other government contractors. In March of 2020, Visser Precision, a supplier of parts for Boeing, Lockheed, and SpaceX was hit with a devastating ransomware attack. In addition to holding the firm hostage, the attackers stole classified documents from the company and posted them online.
3. Data Breaches
Data breaches continue to be a significant cyber threat to government agencies and contractors alike. According to Statista, in 2019 the United States government accounted for 5.6% of all data breaches in the country. These breaches cost the government more than $13.7 billion.
In early 2019, the computer systems of Perceptics LLC, a contractor of surveillance equipment, was breached by a hacking group called Team Snatch. The breach extended over a four-month period and culminated in a ransomware demand. When the company refused to pay, sensitive government data stolen by the group started to appear on the dark web. As a result, the government suspended the contract of the supplier.
4. Third-Party and Supply Chain Attacks
Another very real threat to contractors and the government is third-party and supply chain attacks. In this type of attack, the contractor’s systems are hacked as a means to access the systems of a government agency or supplier. The hackers gain access to high-value government assets through the less-secure systems of the contractor.
As an example, in September 2019, European aerospace company Airbus was the target of a series of data breaches through the company’s subcontractors. The subcontractors had their systems compromised in an attempt to obtain commercial secrets from Airbus. The hackers were not able to gain access to Airbus directly but could do so via the company’s subcontractors.
5. Insider Attacks
Finally, defense contractors need to be on the alert for hacks from their own employees. The inside access that employees have makes them capable of inflicting tremendous damage if they choose to abuse their access privileges for illicit gain.
One of the most notorious insider attacks occurred in 2013, when Edward Snowden, then employed by Booz Allen Hamilton, was working as a contractor at an NSA office in Hawaii. Snowden used his access to obtain sensitive documents about the government’s PRISM spy program that he later leaked to the press. The NSA claims that Snowden’s leaks have severely impacted the agency’s ability to detect potentially deadly terrorist plots.
Improve Your Cybersecurity with Secure Communications from AWS Wickr
One way for defense contractors and other companies that deal with confidential and classified data to ensure the security of that data is to use a secure platform for all communications. Many contractors and government agencies choose AWS Wickr because it uses 256-bit multilayered end-to-end encryption for the ultimate in secure collaboration.
AWS Wickr is the most secure and private collaboration platform – download it today.