China has been successfully attacking both the US Navy itself along with its suppliers and third-party vendors and stealing secrets to gain a military advantage.
These are the conclusions of a 57-page report compiled by the US Navy and delivered by US Navy Secretary Richard Spencer, and read and reported on by the Wall Street Journal; they state that the Chinese have been attacking both the branch itself along with its suppliers and third-party vendors to steal secrets and gain an military advantage. The report cites the Navy for not anticipating a cyber-campaign to be run against its contractors and for not informing those companies of the threat, the WSJ said.
Such attacks are well known in the private sector with many corporations having been breached or had data stolen through a partner firm.
"Supply chain attacks are increasing as threat actors target companies through their weakest link, which is the third party. Accountability must be set to ensure that contractors adhere to a set of cyber-security standards. That said, the process of enforcing those standards must be efficient, rather than increasing time and effort with unnecessary bureaucracy," said Matan Or-El, CEO of Panorays.
The US Navy report comes just days after the news that Spencer was considering scrapping the newly proposed position of assistant secretary position to manage cyber, IT and data that was to be created under a new reorganisation plan.
Some of the top line issues The WSJ found in the report found were:
The US Navy and Defence Department have only a limited understanding of the totality of losses they and their partners are suffering.
The Navy is focused on "preparing to win some future kinetic battle, while it is losing the current global, counter-force, counter-value, cyber-war," the review’s authors conclude.