As nation states and other hacking entities increasingly deploy malicious software to block information or manipulate data, defense contractors that provide U.S. military and intelligence agencies with products and services are facing more aggressive espionage-motivated attacks.
In an interview with The Hill, Peter Singer, a fellow at New America, said, “To put it bluntly, these are attacks that don’t try to steal secrets — but either try to block information or change information.”
Defense contractors are facing a rise in ransomware attacks that aligns with the increase in the general use of ransomware. Such attacks can spread after the original target has been hit, affecting unintended victims.
“It is the fastest growing area of cyber crime,” Singer said.
Hackers also infiltrate defense contractor companies via their employees, who are encountering increasingly sophisticated social engineering attacks through phishing, in which hackers masquerade as a trusted acquaintance to lure a victim into opening an email or link containing malware.
“Some of these emails are really sophisticated. They look credible,” said David Myers, a cybersecurity expert for American Defense International. “Very bright people are willing to click on them if you don’t take the time to really think about is this email from a trusted source.”
Adam Meyers, the vice president of intelligence at cybersecurity firm CrowdStrike, views the trend of cyber attacks targeting software supply chains as more concerning than spear phishing, which has been occurring for years.
“Nation-state actors — China, Russia, others and criminals as well — have identified that the software that lots of organizations rely on is the weak link now,” Meyers said. “If you get into that software supply chain then you can attack the customers of that software.”
While defense contractors usually have a well-trained workforce and utilize the latest security software, Meyers noted that they also use software developed by other outside organizations in cellphones, computers and even on badge-reading devices in secured buildings.
“There’s software on all of these systems and there is really no way to validate that…there is no threat actor in the development environment that that software was built in and that is the thing threat actors are going after,” Meyers said, noting that this “is something that should keep everybody up at night.”
Hackers are also capable of manipulating information to cause physical damage by altering the coding of a system.
The Hill reported, “One high-profile example of such a case is Stuxnet, a computer worm that altered the spin rates and pressures of Iran’s nuclear centrifuges, making the system spin out of control in 2007. The U.S. is believed to be behind the attack.”
Experts recommend that defense contractors adopt a holistic approach to confronting threats, including training personnel and improving technology and security processes as the attacks continue to evolve.