Defense Industry Solutions
The US defense industry along with the global defense industry will likely experience a high rate of growth over the next few years as global tensions continue to rise in the Asian, Pacific, Middle Eastern, and other contested regions.
As civilian defense contractors employ more workers and expand operations to meet demand, state sponsored threat actors will step up offensive cyber ops to steal intellectual property (IP) and attempt to gain a time and cost efficient upper hand in the rapidly evolving chess game of developing of next generation technologies and accompanying counter technologies.
The key to keeping sensitive military IP away from adversarial states, or worse yet terrorist organizations, will be cyber security hygiene, continuous monitoring, and employee awareness of cyber security best practices.
For example, as evidenced by an article published February 7th 2018 in U.S. News; Russian hackers “known as Fancy Bear”, in pursuit of military parity with the United States have successfully tricked key contract workers into exposing and compromising their email.
Additionally, “Fancy Bear” engaged in offensive cyber security operations targeting 87 personnel associated with militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities.
“The programs that they appear to target and the people who work on those programs are some of the most forward-leaning, advanced technologies," said Charles Sowell, a former senior adviser to the U.S. Office of the Director of National Intelligence, who reviewed the list of names for the AP. "And if those programs are compromised in any way, then our competitive advantage and our defense is compromised."*
A special category of defense related companies and also non-defense related organizations is that of protecting classified networks between two entities and also of protecting sensitive and competitive information of non-defense related companies vis-à-vis their key competitors. Currently, the strategy of defense related companies and those of non defense related companies centers around “defense.” That is protecting the network from unauthorized access/probing. But why only rely on a “defense” strategy? In other words why just watch, defend, and absorb the computer network attack?
Now and in the future, defense and non defense companies will see their strategy evolve to attack as well as defend. The first priority of computer defense is to know who is attacking/probing your networks. This “know you attacker/prober” strategy initially must rely on a company knowing what they currently have as a total computer network and what the current vulnerabilities are. This will surprise many companies both defense and non defense related. Who would have thought a mere one year ago, a company’s entire network would be accessible from a single wall thermostat on the fourth floor? Unbelievable - - not anymore!
But after knowing your own companies network the next logical question is why only play defense? Cannot a company act in its own self interest when the attacking entity is known? These questions and more are the central ones of the present and the future. This will also require more cooperation among peer companies, maybe even competitors, to take down/shut off the attacking entity. Successful and unsuccessful lessons learned must be written up, protected as company secrets, and not announced to the public lest your “attacker” knows of a path to not use in the future. As a famous tennis player once said, “champions adjust” and nobody needs to declare victory in the public forum. And finally some of the “real champions” will understand deception in computer network defense and computer network attack must be part of the overall strategy. Again, this deception should not be part of the public domain.
Optium Cyber Systems recognizes that every company involved in the US defense industry, large and small, is a target. Here is how we can help:
- Our Cyber Vulnerability Assessment (CVA) takes a multi-tiered approach to ferreting out vulnerabilities associated with information handling practices, computing platforms, and employees. Very often employees are the weakest link in many cyber security scenarios.
- As a Managed Security Services Provider (MSSP) Optium provides continuous monitoring of your network and mission critical computing infrastructure. Once pernicious activity is detected, such as database hacking or surreptitious network scanning, our Security Operations Center (SOC) will inform your IT organization and quickly work to intelligently guide your originations next steps to protect your information and isolate the threat.
- Cyber Security Consulting: Sometimes the efficacy of the best security technologies are blunted by functional, but inherently unsecure network and application architectures. We can help spot and guide to remediation these issues before exploitation and exfiltration of sensitive defense secrets occurs.