Security of Defense Contractor

We are reminded by today's disclosures by almost every news carrier (AP and Reuters being the first I saw) that the Chinese have hacked into some interesting parts of TRANSCOM (again, we should add, since it isn't the first time TRANSCOM has been hit) deep in its transport subcontractors.  The examples given are airlines and ships, of the 20 o so discovered, two were reported to TRANSCOM.  Before we blame these folks for what is happening to their contractors, we might consider they are not alone in having their contractors hacked.  In the last couple of years it has become an epidemic of names, most of whom should know better, since they sell cyber defense.

There is no oversight of computer security among defense contractors.  There used to be a program to do that, but it only covered the protection of classified information.  They don't even do much of that anymore, and contactors security staffs certainly need help.  They don't get much from their own management.  You can run down the list of major defense contractors who have been hacked and can hardly find one that wasn't.  It makes no sense.  

We had a major contractor get hacked at a place where I once worked and we refused to use their networks for anything sensitive.  That was almost 10 years ago.  You would think Defense would be smart enough to start overseeing some of the data they give to contractors and making sure essential services are protected through reasonable reporting and oversight.  They are, after all, spending billions of dollars doing things for Defense, and should expect a little oversight.  When they lose the designs to major weapons system who loses out?

You would think that things like security clearances would be worth something, or that all that money we spent on centralized adjudication would have been well spent.  Let's ask Edward Snowden about how well that worked.

While we are cutting defense, let's make sure to keep a few things that are needed.  Contractors, are not all equal, because 10% of them have 90% of the defense work.  Let's put some effort into getting the big ones in order and helping small ones keep up.