US defense contractors victimized by foreign hackers
Despite the fact that the inept Biden administration has invested significant effort in year one to attempt to shore up cyber-defenses against an aggressive China and Russia, new reports show that foreign hackers have recently breached a number of organizations in the defense, energy, health care, education, and technology sectors.
Because of this, private sector cyber-security researchers and the National Security Agency (NSA) are working together to help protect data belonging to U.S. defense contractors and other sensitive targets. With these victimized targets being critical to national security, it is assumed that the culprit is a state-sponsored Advanced Persistent Threat Group (APT).
Although many leaders of the U.S. cyber effort have attempted to display calm, recently, a number of key figures working in the public and private sectors have signaled distress publicly.
Over just the last two weeks or so, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), remarked to congress that the "American way of life" is at risk due to new ransomware attacks and the ongoing threat of a devastating attack against the nation's critical infrastructure.
Easterly specifically stated that "ransomware has become a scourge on nearly every facet of our lives, and it's a prime example of the vulnerabilities that are emerging as our digital and our physical infrastructure increasingly converge." These concerning comments come after a recent CISA binding operational directive that creates a brand-new system of cataloging exploited cyber-security vulnerabilities and requiring federal agencies to fix those flaws within a set period.
Additionally, an October 24 blog post from Microsoft stated that Russian APT Nobelium spent three months attacking the businesses that resell and customize Microsoft cloud services for customers in both the public and private sectors. Nobelium is best known as the group behind the infamous SolarWinds hack.
In response to Microsoft's post, Jake Williams, a chief technology officer (CTO) at BreachQuest and a former team member at the NSA's elite hacking team, told website VOA that cyber-attacks targeting Microsoft-linked I.T. providers are evidence that American managed service providers (MSPs) are failing to adequately provide security services to customers.
According to VOA, Williams claimed that "[t]he profit margins for MSPs are often razor-thin, and in the majority of cases, they compete purely on cost," and added, "Any work they do that doesn't directly translate to additional revenue is generally not happening."
So when less-resourced small businesses find themselves priced out of the market in terms of additional security services, what should these entities do to provide the best protection for themselves in the increasingly dangerous cyber-sphere? The truth is, most of the answers involve simply going back to basics while remaining vigilant at the macro and micro levels.
There are many tried and true basic strategies found in a decade-old resource from the FCC that lists several internal cyber-security procedures that are still relevant today. These include training employees in security principles, providing firewalls on all internet connections, keeping backup copies of critical data, and limiting authority to install software to I.T. staff members.
While these options may sound simple enough, many individuals and small businesses lack the aptitude to ensure these minimum requirements are adhered to.
And because of this, hacking has become a billion-dollar business with no sign of slowing down. Even with the U.S. government's creation of the new Bureau of Cyberspace and Digital Policy as well as many new initiatives that have been created in the ten or so months of the Biden administration, America is clearly losing the cyber war.
Even as the best resourced and funded superpower on the planet, the formula needed to stay a step ahead of hackers in this new theater of warfare has eluded America. That unfortunate fact continues to put America's critical infrastructure in the crosshairs of catastrophe.
Julio Rivera is a business and political strategist, the editorial director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cyber-security and politics, has been published by websites including Newsmax, Townhall, American Thinker, and BizPacReview.
Image: Hippopx.
To comment, you can find the MeWe post for this article here.