Recent Ransomware Attack on U.S. Aerospace & Defense Firm Highlights Need for Cyber Risk Prevention

article

Share this post

https://enterprise.craft.co/post/recent-ransomware-attack-on-u-s-aerospace-defense-firm-highlights-need-for-cyber-risk-prevention

Cyber attacks have been rising for the past few years, partially spurred on by the rapid digitalization during the pandemic. In 2021, Check Point Research reported a 50% increase in overall attacks per week on corporate networks compared to 2020—with education, government, and military sectors experiencing the highest volume of attacks.

But recent high-profile ransomware attacks like the breach of U.S. defense firm Elbit Systems of America underscore just how prevalent and damaging these breaches can be—and how important it is for organizations to invest now in robust preventative measures. 

Here’s what happened and what it means for global supply chains and cybersecurity going forward.

What Happened: Defense Firm Elbit Systems of America Falls Victim to Ransomware Attack

Elbit Systems of America is a U.S.-based subsidiary of Israeli defense organization Elbit Systems. It provides technology-based systems for defense, commercial aviation, homeland security, medical instrumentation, and law enforcement. 

On September 25, 2022, it reported that it had detected unusual activity on June 8 and immediately shut down its network to begin securing its environment. The data breach ultimately impacted 369 people, including some employees, and potentially exposed data such as individuals’ names, addresses, Social Security numbers, dates of birth, and direct deposit information.  

The Black Basta ransomware gang, which has been active since April 2022, claimed responsibility for the breach. 

Why It Matters

Ransomware and cyber attacks on any global or enterprise firm have significant consequences.  However, they are particularly troublesome when targeted against aerospace & defense firms because those firms have large government contracts and thus access to sensitive government data and information. If they’re hacked, that could impact national security and critical infrastructure.  

Impact of Ransomware Attacks on Global Supply Chains & Large Firms

Until recently, ransomware tactics were rudimentary and fairly easy to defend against. But today, ransomware-as-a-service is on the rise, enabling more groups, including less tech-savvy criminals, to execute sophisticated and highly effective attacks. The proliferation of emerging technologies has also complicated cybersecurity efforts—expanding the threat perimeter and leaving enterprises more exposed to these attacks than ever before. 

An analysis by Deloitte highlights the risk of technologies like the Internet of Things (IoT), quantum computing, and artificial intelligence. While these bring benefits to enterprises, they are also increasingly adopted and exploited by attackers. For example, IoT devices and 5G networks give threat actors more entry points into organizations and create more data for ransomware actors to steal.

As threat actors increasingly target large firms and government organizations, global supply chains have become particularly vulnerable. In fact, 50% of ransomware attacks leverage the supply chain, according to a recent report by Deloitte. 

Cybercriminals have found that for larger targets like defense firms or energy companies, it’s easier to gain a foothold through smaller, less secure organizations down the supply chain. By breaching these smaller targets first, hackers can worm their way into the enterprise systems through the “back door,” often undetected. In fact, Deloitte reports that it takes 201 days on average to identify a cyber breach—giving hackers up to six months to plan and launch their attack.  

This has significant implications for both small suppliers and enterprises, as one breach can create a domino effect on critical industries. Large firms can no longer take a narrow perimeter-only approach to cybersecurity. Instead, they must consider their cyber risk down their entire supply chain and implement both preventative measures and recovery plans. 

The State of Cyber Health in 2022

A global study found that 82 percent of CIOs believe their software supply chains are vulnerable. And they have good reason to. In 2020, 92% of US organizations experienced a cybersecurity breach that originated from vulnerabilities in their supply chain. And software supply chain attacks alone hit three out of five companies in 2021.

Organizations of all sizes and industries experience cyber attacks, and it is important to understand how your industry and that of your suppliers fare when it comes to cybersecurity health. This can help you determine your relative cyber health and identify potential areas of weakness to shore up. 

For example, this database of ransomware attacks in 2022 shows that many school districts have been hacked, which follows the pattern of low cybersecurity scores among the educational sector in general, according to Craft’s cybersecurity industry report. 

Looking ahead, organizations that make robust supplier monitoring a key part of their cybersecurity risk prevention efforts will have an advantage compared to industry peers.