The U.S. government’s top information technology provider, Lockheed Martin, Corp., cited on Monday the dramatic increase in cyber-attacks against its IT infrastructure. A majority of the “advanced persistent threats” (APTs) were either generated from organized groups or state-sponsored actors, but Lockheed failed to name any specific countries or groups. According to Lockheed, the cyber-attacks are targeting the defense contractor’s business partners within its supply chain in order to gain unauthorized access to U.S. top-secret information. The reason for targeting the supply chain is quite simple – there are a large number of products and components that make its IT infrastructure vulnerable to APTs and other vulnerabilities.
A majority of corporate and government data center’s resemble a Dr. Seuss-like gadget of hardware and software that will allow for access points to be discovered by cyber-theives tenacious enough to seek them out. The takeaway from the Lockheed warning’s should be that simple reliance on technology to secure mission-critical information is much like a dog chasing its tail – while it may be fun, you don’t go anywhere. Businesses must have a comprehensive internal, and external, data governance program in order to lessen the risk of mission-critical data being compromised.