Military contractors remain a target of foreign hackers

Op-ed views and opinions expressed are solely those of the author.

Although the comically incompetent Biden administration has worked towards improving American cybersecurity, one troubling recent report indicates that hackers, believed to be from outside the US, have breached multiple entities in the energy, healthcare, education, defense, and technology sectors.

Because of this, cyber researchers have begun to work with the National Security Agency (NSA) to expose the criminals behind this relentless campaign that is swiping sensitive information from US military contractors and other sensitive targets. When this kind of targeting is discovered, it is generally thought to be the work of state-sponsored Advanced Persistent Threats (APTs).

Despite many of the leaders of the American effort in the cybersphere displaying a poker face during this period of increasing cyber activity, recently, it looks like more and more key figures in the online world war have thrown up their hands and seemingly accepted a weak defensive posture as the new normal.

Over just the past few days, two key individuals in the global cyberwar have made some chilling statements that, on the surface, are extremely troubling.

Last Wednesday, Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA), told a congressional hearing that the “American way of life” is at risk with new ransomware attacks and the constant threat of a catastrophic hack affecting America’s critical infrastructure.

Easterly told the gathering, “ransomware has become a scourge on nearly every facet of our lives, and it’s a prime example of the vulnerabilities that are emerging as our digital and our physical infrastructure increasingly converge.” These comments come after a recent CISA binding operational directive that will create a system of cataloging known exploited cyber vulnerabilities and requires those federal departments to address those flaws within a certain period of time.

In the private sector, a sobering October 24 blog post from Microsoft stated that Russian state-sponsored hackers Nobelium spent three months attacking businesses that resell managed Microsoft cloud services for both public and private customers. Nobelium was also the group that orchestrated one of the most wide-ranging hacking attacks in history – the SolarWinds hack.

In response to these developments, Jake Williams, CTO at US cybersecurity company BreachQuest and a former member of the US National Security Agency elite hacking team, told website VOA that the hacks against Microsoft-linked IT services are clear evidence that US managed service providers (MSPs) are failing to put enough priority on cybersecurity.

Williams was quoted as saying, “The profit margins for MSPs are often razor-thin, and in the majority of cases, they compete purely on cost,” and further added, “Any work they do that doesn’t directly translate to additional revenue is generally not happening.”

So, if the new trend is lesser-resourced entities being priced out of the à la carte market in terms of additional security, how should these individuals and small businesses protect themselves in an increasingly dangerous cybersphere? In reality, most of the answers involve getting back to basics and remaining vigilant. 

In fact, a decade-old resource from the FCC lists several internal cybersecurity protocols that are still very relevant today. Among the practices listed by the FCC are training employees in security principles, using firewalls on internet connections, keeping backup copies of important data, and limiting authority to install software.

While these options may sound elementary to some, surprisingly, many small businesses lack the aptitude to ensure these minimum requirements are adhered to. 

This has led to a slew of new cybercriminals raking in a king’s ransom as the proliferation of advanced ransomware strains shows no sign of slowing. That new growth is in spite of the Biden Administration’s creation of the new Bureau of Cyberspace and Digital Policy as well as many other new initiatives that have been created in the last 10 or so months.

It is evident that America is losing the cyberwar. Even with all its resources, the US lacks the magic formula to stay a step ahead in this new theater of warfare. That unfortunate fact puts American infrastructure firmly in the crosshairs of potential catastrophe. 

Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by websites including Newsmax, Townhall, American Thinker and BizPacReview.

DONATE TO BIZPAC REVIEW

Please help us! If you are fed up with letting radical big tech execs, phony fact-checkers, tyrannical liberals and a lying mainstream media have unprecedented power over your news please consider making a donation to BPR to help us fight them. Now is the time. Truth has never been more critical!

Success! Thank you for donating. Please share BPR content to help combat the lies.
Julio Rivera

Comment

PLEASE JOIN OUR NEW COMMENT SYSTEM! We love hearing from our readers and invite you to join us for feedback and great conversation. If you've commented with us before, we'll need you to re-input your email address for this. The public will not see it and we do not share it.

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

Latest Articles