The Department of Defense (DoD) business contractors
continue to be regularly targeted. These organizations tend to work with secret
and top-secret data and information as they develop new systems for use in the
military. These could be ground vehicles, jets, ships, and other projects. One
contractor, Navistar, was targeted and successfully breached. This was
published with their Form 8-K filing with the Securities and Exchange
Commission (SEC). The company detected the compromise on May 20, 2021.
With the data involved, the company could not be affected by
paralysis by analysis, and immediately went into action to contain the breach,
and work towards mitigating the effects from this. After these steps, Navistar
began investigating the attack. This was done with security and forensic
subject matter experts. They also contacted law enforcement.
As a result, from this, the organization took steps with its
infrastructure to strengthen its structure and protect the data from
unauthorized parties. Through the attack, the systems continued to be
operational. While they aggressively worked to minimize any damage, on May 31
they did receive a communication that data had been exfiltrated during the
attack. Considering the updated information, they continue dot investigate the
issue and determine the scope of the data involved.
This is another example of what could happen. While you
continuously work towards securing the enterprise, there is always a vector
available. Arriving at this may be difficult, but it is still there.
No comments:
Post a Comment