Emotet Malware Attacks Government Contractor
The Miracle Systems breach reemphasizes the need for comprehensive cyber risk management and mitigation throughout the defense supply chain.
The breach, first reported by KrebsonSecurity, was caused by the Emotet malware strain and compromised information on at least eight internal systems at Miracle Systems. While any company breach is significant, a breach at a company like Miracle Systems can potentially have devastating national security consequences.
Miracle Systems is a mid-sized defense contractor that specializes primarily in technology services. And while they are not among the largest contractors, they are involved in over 100 contracts for more than 20 federal agencies. With that, a breach of Miracle Systems opens doors to some of the most protected information within the defense structure.
And the U.S. Secret Service is taking notice.
After a member of a Russian-language, cybercrime forum sought to sell access to Miracle Systems’ internal network, the Secret Service launched an investigation into the attack and subsequent breach. As with any supply chain breach, gaining access to a vendor puts all contracted entities in danger. And considering that Miracle Systems is the primary contractor for 95% of their contracts, gaining access to their network could give threat actors direct access to national defense systems.
Unfortunately, defense contractor breaches are not uncommon, and national security has suffered as a result. Let’s not forget, Edward Snowden was working as a Booz Allen contractor when he gained access to and leaked documents from the National Security Administration.
Miracle Systems insists the stolen data is outdated and does not pose a threat to Miracle Systems or their contracts. We hope that’s the case, but it’s often hard to determine the true extent of a cyber breach until the consequences are already in effect.
Usually, the malware strain that infected Miracle Systems is introduced via email through a phishing attack. Email-based attacks are among the most prevalent, successful cyber attack types. Understanding the cyber landscape, knowing the likely threats, and taking effective steps to mitigate them is essential.
Comprehensive cybersecurity is the only way to protect sensitive data – and in the case of defense contractors – it’s necessary to help defend national security.
While attacks like the one that affected Miracle Systems are not 100% avoidable, an accurate and comprehensive assessment of the contractor’s cyber maturity may have uncovered a soft area in the company’s cybersecurity employee training.
Practicing serious cybersecurity everyday.
-Assured Enterprises, INC.