Seventy-two percent of the 100 U.S. defense companies included in a Black Kite analysis have at least one credential that has been compromised within a 90-day period, the cyber risk monitoring company said in its new report.
The “Centralizing Supply Chain Cybersecurity: U.S. Federal Government Risk in 2022” report indicates the number of contractors that experienced credential leakage rose 71 percent from Black Kite’s November 2021 study findings.
Defense firms’ cyber posture also appears “dangerously low” in terms of Secure Sockets Layer/Transport Layer Security protocols and other key technical categories analyzed during the study.
Researchers also found 32 percent of the country’s top contractors in the defense market are susceptible to ransomware attacks and 17 percent use outdated systems that make them vulnerable to the malware type.
Bob Maley, chief security officer of Black Kite, said findings of the company’s latest research underscore the need for third-party intelligence in the federal sector to defend critical systems against cyber risks.