Home > News > featured news > New Black Kite Research Reveals Top 100 U.S. Defense Contractors at Risk for Ransomware Attack

CYBERSECURITY

New Black Kite Research Reveals Top 100 U.S. Defense Contractors at Risk for Ransomware Attack

Black Kite | May 26, 2022

Ransomware Attack
Black Kite, the leader in third-party cyber risk intelligence, released Centralizing Supply Chain Cybersecurity: U.S. Federal Government Risk in 2022, which finds cyber risks for top defense contractors are rising. Most notably, 72% of contractors have had at least one leaked credential in the last 90 days – a 71% increase from six months ago.

"In today’s geopolitical landscape, the federal sector is under constant threat of cyberattack. There’s a heightened sense of urgency to protect critical infrastructure and the nation -- but hackers across the globe are getting better at flying under the radar. Some of the most critical federal agencies are unprotected, which leaves our country vulnerable and at risk. Our latest research highlights the need for better third-party cyber risk intelligence, and where to start today.”

Bob Maley, CSO of Black Kite

Black Kite Research analyzed the top 100 U.S. defense contractors’ overall cyber hygiene, including susceptibility to ransomware attacks, and compared the data against its 2021 report. In addition to the alarming increase in leaked credentials, key findings include:

  • The cyber posture of defense contractors in critical technical categories (such as credential management, Secure Socket Layer (SSL) / Transport Layer Security (TLS), and strength and application security) is dangerously low.
  • Nearly half (46%) of defense contractors are three times more likely to experience a cyber breach than those with “A” technical ratings (on a scale from A to F).
  • 32% are vulnerable to ransomware attacks such as phishing – and 20% of agencies examined in last year’s report are still vulnerable, meaning quick improvement is critical.
  • 17% utilize out-of-date systems, creating a critical vulnerability for ransomware attacks.

According to a survey of government organizations by Sophos, 40% of central government and 34% of local government organizations experienced a ransomware attack in the past year. The Federal Bureau of Investigation’s Cyber Division recently issued Private Industry Notification finds “ransomware attacks against local government entities are especially significant due to the public’s dependency on critical utilities, emergency services, educational facilities, and other services overseen by local governments.” With the government being one of the largest holders of personal identifying information (PII), these entities are desirable targets for cyber criminals.

“Government agencies are prime targets for hackers due to the sheer amount of data they possess. It’s a virtual candy store for those with malicious intent,” said Jeffrey Wheatman, SVP and Cyber Risk Evangelist (CRE) of Black Kite. “Understanding third-party susceptibility to cyber threats must come first as contractors look to reduce their risk. At Black Kite, we’re committed to helping the most critical agencies safeguard their data – and in doing so – safeguard the information of all citizens.”

Black Kite provides third-party cyber risk intelligence from a technical, financial, and compliance perspective to eliminate false positives and ensure a holistic approach to vendor risk management. In addition to Centralizing Supply Chain Cybersecurity: U.S. Federal Government Risk in 2022, Black Kite issues an annual Third-Party Breach Report as well as regular risk assessment reports on the automotive manufacturing, energy and insurance sectors.

About Black Kite
One in four organizations suffered from a cyber attack in the last year, resulting in production, reputation and financial losses. The real problem is adversaries attack companies via third parties, island-hopping their way into target organizations. At Black Kite, we're redefining vendor risk management with the world’s first global third-party cyber risk monitoring platform, built from a hacker's perspective.

With 350+ customers across the globe and counting, we're committed to improving the health and safety of the entire planet's cyber ecosystem with the industry’s most accurate and comprehensive cyber intelligence. While other security ratings service (SRS) providers try to narrow the scope, Black Kite provides the only standards-based cyber risk assessments that analyze your supply chain's cybersecurity posture from three critical dimensions: technical, financial and compliance.

Spotlight

More featured news

Spotlight

Related News

EMERGING TECHNOLOGY

NowVertical's Subsidiary, Allegient Defense, Inc. Wins US Government Contract to Support the Air Force Office of Scientific Research

Globenewswire | May 09, 2023

NowVertical Group Inc., the Vertical Intelligence (“VI”) company is pleased to announce that its Government contracting subsidiary, Allegient Defense, has been awarded a 5-year $5.9M contract to support the Air Force Office of Scientific Research (“AFOSR”), a directorate of the Air Force Research Laboratory and the basic research arm of the Department of the Air Force. The AFOSR is responsible for identifying and funding cutting-edge research initiatives that have the potential to enhance the capabilities of the United States Air Force. Through this new contract, Allegient Defense will be working closely with the AFOSR to provide the necessary resources and expertise to help achieve these goals. "We are honored to have been chosen to support the AFOSR in its mission to advance scientific research," said Dr. Angel Diaz, CEO of Allegient Defense. "Our team is dedicated to providing the highest quality support services to the AFOSR, and we look forward to collaborating with them to achieve their objectives." Allegient Defense has a proven track record of delivering exceptional S&T, Data Science, and Engineering support services to government agencies, and this new contract award is a testament to the company's expertise and commitment to excellence. By working with the AFOSR, Allegient Defense will help to advance the development of new technologies and solutions that will benefit the United States and its military forces. About NowVertical Group Inc. NowVertical Group is a Vertical Intelligence (VI) software and services provider that delivers vertically-specific data, technology, and artificial intelligence (AI) applications into private and public verticals globally. NOW's proprietary solutions sit at the foundation of the modern enterprise by transforming AI investments into VI, enabling its customers to minimize their risk, accelerate the time to value, and reduce costs. NOW is rapidly growing organically and through targeted acquisitions. For more information about NOW, visit www.nowvertical.com. Neither the TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in the policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.

Read More

EMERGING TECHNOLOGY

Second Front Systems and Snowflake Announce Partnership

Prnewswire | April 26, 2023

Second Front Systems, a public-benefit software company focused on accelerating the delivery of mission-critical software-as-a-service (SaaS) solutions to government, is collaborating with Snowflake to offer a comprehensive DevSecOps capability to organizations serving the U.S. Department of Defense (DoD) and Intelligence Community markets. "Second Front™ is proud to be partnering with Snowflake, the leader in the data cloud industry. This collaboration expands the impact of both company's solutions and positions us to jointly enable secure, streamlined delivery of innovative technology to the DoD, Intelligence Community, and beyond," said Tyler Sweatt, Chief Revenue Officer of Second Front. "By combining components of Data Cloud and the Game Warden® platform, SaaS companies can leverage a best-in-breed offering that positions them for both initial adoption and long-term success with the federal government." Snowflake enables every organization to mobilize their data with Snowflake's Data Cloud. Customers use the Data Cloud to unite siloed data, discover and securely share data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single data experience that spans multiple clouds and geographies. "Snowflake is excited to be collaborating with our partner and mission-driven innovator, Second Front. Our combined technologies create a unique solution that better serves the federal government by reducing friction around access to and adoption of cutting-edge technologies," said Winston Chang, Snowflake's Global Public Sector CTO. "Working directly with Second Front on this DevSecOps initiative positions Snowflake to continue enabling data as a strategic asset in a variety of relevant national defense workloads." Second Front will continue to expand its partnerships with other defense innovation enablers like Snowflake, AWS, and Carahsoft in order to provide our commercial customers the best available solutions for delivery to the DoD and Intelligence Community market. About Second Front Systems Second Front Systems (2F) fast-tracks government access to disruptive, commercially-proven software as a service (SaaS) applications for national security missions. Leading software providers—ranging from publicly traded defense contractors to startups—and government agencies trust 2F's Game Warden DevSecOps platform and secure cloud hosting environment to accelerate their delivery and harness the cloud revolution at scale. Founded by former U.S. Marines, this public benefit, venture-backed software company is driven by firsthand experience of the dangers outdated technology poses in combat. For more information, visit https://secondfront.com/ About Snowflake Snowflake enables every organization to mobilize their data with Snowflake's Data Cloud. Customers use the Data Cloud to unite siloed data, discover and securely share data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single data experience that spans multiple clouds and geographies. Thousands of customers across many industries, including 573 of the 2022 Forbes Global 2000 (G2K) as of January 31, 2023, use Snowflake Data Cloud to power their businesses. Learn more at snowflake.com.

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

Carahsoft Announces Seagate Government Solutions and Cigent Alliance to Bring Sophisticated Cybersecurity Protection for SSD Storage to Public Sector

Globenewswire | April 05, 2023

Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced that Seagate Government Solutions’ Barracuda 515 M.2 solid state drive (SSD) - embedded with Cigent® Technology’s built in cybersecurity enhancements is now available to Government agencies through Carahsoft’s resellers and its Federal, State and Local Government contract vehicles. As the distributor for Seagate Government Solutions, Carahsoft works with its extensive ecosystem of reseller partners and systems integrators to make Seagate’s new SSD widely available to the Public Sector through several contracts including Carahsoft’s GSA Schedule, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, E&I Cooperative Services Contract, The Quilt, and more. “Protecting data at the edge is a key component of an effective Zero Trust strategy,” said Maryam Emdadi, Vice President of Sales who leads the Seagate Team at Carahsoft. “Our new partnership with Seagate Government Solutions and Cigent will enhance our portfolio of secure storage solutions and enable our customers to better defend their sensitive information through the support of our reseller partners.” Seagate Government Solutions combines its strengths with Cigent’s patented cybersecurity firmware enhancements to create the Seagate BarraCuda 515 SSD, a storage drive, designed with integrated advanced security features that deliver high performance, advanced reliability, data protection and security. Key advantages of the BarraCuda 515 SSD include: Federal Information Processing Standards (FIPS) 140-2 Level 2 certified and complies with corporate and Federal data security mandates. Common Criteria full disk encryption (FDE) solution that meets the requirements of Commercial Solutions for Classified (CSfC) Data at Rest (DAR) Capabilities Package 5.0. Cigent Pre Boot Authentication and Windows Software that protects data from all known physical and remote access attacks as well as zero-day ransomware. Tamper-evident coating which seals SSD’s circuitry and components to provide physical security. Full drive block-level and crypto secure erase, verified by patented erasure verification, that enables safe, fast, and cost-effective SSD retirement or redeployment. Trade Agreements Act (TAA) compliant which satisfies fair and open international trade agreements. “We’re thrilled to be working with Cigent and Carahsoft to provide our Public Sector clients with a top-tier storage solution that boasts Government-accredited security certifications,” said Mike Moritzkat, Managing Director of Seagate Government Solutions. “This partnership along with our new offering is another steppingstone in Seagate’s continued support of our Public Sector clients.” Seagate’s BarraCuda™ 515 SSD is now available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, E&I Contract #EI00063~2021MA, and The Quilt Master Service Agreement Number MSA05012019-F. About Carahsoft Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. About Seagate Government Solutions Seagate Government Solutions (SGS) is the FOCI mitigated subsidiary of Seagate Technology. The SGS mission is to deliver an array of data management solutions to federal agencies and their partners. Our proven technology adheres to strict government mandates while spearheading the way for advancements in the field of security—from unclassified to top secret, and beyond. About Cigent Cigent offers a new approach to data security for organizations of all sizes to stop ransomware and data theft, as well as achieve compliance. Cigent protects your most valuable asset – your data - against the most sophisticated adversaries. We protect data throughout its lifecycle via prevention-based defenses embedded into storage and individual files. From decades of data recovery, cybersecurity, and device sanitization experience, the experts at Cigent have developed prevention methods beyond anything that exists today.

Read More

EMERGING TECHNOLOGY

NowVertical's Subsidiary, Allegient Defense, Inc. Wins US Government Contract to Support the Air Force Office of Scientific Research

Globenewswire | May 09, 2023

NowVertical Group Inc., the Vertical Intelligence (“VI”) company is pleased to announce that its Government contracting subsidiary, Allegient Defense, has been awarded a 5-year $5.9M contract to support the Air Force Office of Scientific Research (“AFOSR”), a directorate of the Air Force Research Laboratory and the basic research arm of the Department of the Air Force. The AFOSR is responsible for identifying and funding cutting-edge research initiatives that have the potential to enhance the capabilities of the United States Air Force. Through this new contract, Allegient Defense will be working closely with the AFOSR to provide the necessary resources and expertise to help achieve these goals. "We are honored to have been chosen to support the AFOSR in its mission to advance scientific research," said Dr. Angel Diaz, CEO of Allegient Defense. "Our team is dedicated to providing the highest quality support services to the AFOSR, and we look forward to collaborating with them to achieve their objectives." Allegient Defense has a proven track record of delivering exceptional S&T, Data Science, and Engineering support services to government agencies, and this new contract award is a testament to the company's expertise and commitment to excellence. By working with the AFOSR, Allegient Defense will help to advance the development of new technologies and solutions that will benefit the United States and its military forces. About NowVertical Group Inc. NowVertical Group is a Vertical Intelligence (VI) software and services provider that delivers vertically-specific data, technology, and artificial intelligence (AI) applications into private and public verticals globally. NOW's proprietary solutions sit at the foundation of the modern enterprise by transforming AI investments into VI, enabling its customers to minimize their risk, accelerate the time to value, and reduce costs. NOW is rapidly growing organically and through targeted acquisitions. For more information about NOW, visit www.nowvertical.com. Neither the TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in the policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.

Read More

EMERGING TECHNOLOGY

Second Front Systems and Snowflake Announce Partnership

Prnewswire | April 26, 2023

Second Front Systems, a public-benefit software company focused on accelerating the delivery of mission-critical software-as-a-service (SaaS) solutions to government, is collaborating with Snowflake to offer a comprehensive DevSecOps capability to organizations serving the U.S. Department of Defense (DoD) and Intelligence Community markets. "Second Front™ is proud to be partnering with Snowflake, the leader in the data cloud industry. This collaboration expands the impact of both company's solutions and positions us to jointly enable secure, streamlined delivery of innovative technology to the DoD, Intelligence Community, and beyond," said Tyler Sweatt, Chief Revenue Officer of Second Front. "By combining components of Data Cloud and the Game Warden® platform, SaaS companies can leverage a best-in-breed offering that positions them for both initial adoption and long-term success with the federal government." Snowflake enables every organization to mobilize their data with Snowflake's Data Cloud. Customers use the Data Cloud to unite siloed data, discover and securely share data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single data experience that spans multiple clouds and geographies. "Snowflake is excited to be collaborating with our partner and mission-driven innovator, Second Front. Our combined technologies create a unique solution that better serves the federal government by reducing friction around access to and adoption of cutting-edge technologies," said Winston Chang, Snowflake's Global Public Sector CTO. "Working directly with Second Front on this DevSecOps initiative positions Snowflake to continue enabling data as a strategic asset in a variety of relevant national defense workloads." Second Front will continue to expand its partnerships with other defense innovation enablers like Snowflake, AWS, and Carahsoft in order to provide our commercial customers the best available solutions for delivery to the DoD and Intelligence Community market. About Second Front Systems Second Front Systems (2F) fast-tracks government access to disruptive, commercially-proven software as a service (SaaS) applications for national security missions. Leading software providers—ranging from publicly traded defense contractors to startups—and government agencies trust 2F's Game Warden DevSecOps platform and secure cloud hosting environment to accelerate their delivery and harness the cloud revolution at scale. Founded by former U.S. Marines, this public benefit, venture-backed software company is driven by firsthand experience of the dangers outdated technology poses in combat. For more information, visit https://secondfront.com/ About Snowflake Snowflake enables every organization to mobilize their data with Snowflake's Data Cloud. Customers use the Data Cloud to unite siloed data, discover and securely share data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single data experience that spans multiple clouds and geographies. Thousands of customers across many industries, including 573 of the 2022 Forbes Global 2000 (G2K) as of January 31, 2023, use Snowflake Data Cloud to power their businesses. Learn more at snowflake.com.

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

Carahsoft Announces Seagate Government Solutions and Cigent Alliance to Bring Sophisticated Cybersecurity Protection for SSD Storage to Public Sector

Globenewswire | April 05, 2023

Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced that Seagate Government Solutions’ Barracuda 515 M.2 solid state drive (SSD) - embedded with Cigent® Technology’s built in cybersecurity enhancements is now available to Government agencies through Carahsoft’s resellers and its Federal, State and Local Government contract vehicles. As the distributor for Seagate Government Solutions, Carahsoft works with its extensive ecosystem of reseller partners and systems integrators to make Seagate’s new SSD widely available to the Public Sector through several contracts including Carahsoft’s GSA Schedule, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, E&I Cooperative Services Contract, The Quilt, and more. “Protecting data at the edge is a key component of an effective Zero Trust strategy,” said Maryam Emdadi, Vice President of Sales who leads the Seagate Team at Carahsoft. “Our new partnership with Seagate Government Solutions and Cigent will enhance our portfolio of secure storage solutions and enable our customers to better defend their sensitive information through the support of our reseller partners.” Seagate Government Solutions combines its strengths with Cigent’s patented cybersecurity firmware enhancements to create the Seagate BarraCuda 515 SSD, a storage drive, designed with integrated advanced security features that deliver high performance, advanced reliability, data protection and security. Key advantages of the BarraCuda 515 SSD include: Federal Information Processing Standards (FIPS) 140-2 Level 2 certified and complies with corporate and Federal data security mandates. Common Criteria full disk encryption (FDE) solution that meets the requirements of Commercial Solutions for Classified (CSfC) Data at Rest (DAR) Capabilities Package 5.0. Cigent Pre Boot Authentication and Windows Software that protects data from all known physical and remote access attacks as well as zero-day ransomware. Tamper-evident coating which seals SSD’s circuitry and components to provide physical security. Full drive block-level and crypto secure erase, verified by patented erasure verification, that enables safe, fast, and cost-effective SSD retirement or redeployment. Trade Agreements Act (TAA) compliant which satisfies fair and open international trade agreements. “We’re thrilled to be working with Cigent and Carahsoft to provide our Public Sector clients with a top-tier storage solution that boasts Government-accredited security certifications,” said Mike Moritzkat, Managing Director of Seagate Government Solutions. “This partnership along with our new offering is another steppingstone in Seagate’s continued support of our Public Sector clients.” Seagate’s BarraCuda™ 515 SSD is now available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, E&I Contract #EI00063~2021MA, and The Quilt Master Service Agreement Number MSA05012019-F. About Carahsoft Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. About Seagate Government Solutions Seagate Government Solutions (SGS) is the FOCI mitigated subsidiary of Seagate Technology. The SGS mission is to deliver an array of data management solutions to federal agencies and their partners. Our proven technology adheres to strict government mandates while spearheading the way for advancements in the field of security—from unclassified to top secret, and beyond. About Cigent Cigent offers a new approach to data security for organizations of all sizes to stop ransomware and data theft, as well as achieve compliance. Cigent protects your most valuable asset – your data - against the most sophisticated adversaries. We protect data throughout its lifecycle via prevention-based defenses embedded into storage and individual files. From decades of data recovery, cybersecurity, and device sanitization experience, the experts at Cigent have developed prevention methods beyond anything that exists today.

Read More

More featured news