The Pentagon requested $800 million more funding than it requested last year. This includes investments in zero trust architecture (DIB) and support for the Defense Industrial Base (DIB). According to budget documents, this request also includes five cyber mission force teams, making a total of 142.
It is not surprising that they request billions of dollars for cyberspace activities within their fiscal 2023 budget. There are many reasons why more funding is needed. These include increasing cybersecurity support for defense contractors and hardening its networks, operationalizing zero trust architecture, as well as for “cyberranges”, which are similar to rifle ranges but for all things digital. The Pentagon is investing in cybersecurity ranges to support training and exercises in cyber domain. The budget also lays the foundation for the U.S. Cyber Command’s ownership of the mission, resources, and mission force of the cyber mission force starting in FY24, as required by the FY22 NDAA.
Monday’s budget documents were also released by the White House. They include funding details for cyber-focused agencies other than DoD, such as the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. (CISA) is asking for $2.5 billion in FY23.
According to the White House document, the funding will be used to maintain critical cybersecurity capabilities that were established in the American Rescue Plan, expand network protection throughout Federal Executive Branch, and strengthen support capabilities such as cloud business apps, enhanced analytics, stakeholder engagement, and support capabilities like cloud business applications, enhanced data analysis, and stakeholder engagement. The budget also funds the Office of the National Cyber Director to improve national coordination in the face of increasing cyber-attacks against government and critical infrastructure.
CISA has voiced concern about possible cyberattacks on America in the wake the escalation foreign threats from cybercriminals “bad actor” and hackers. CISA and the FBI released a joint cybersecurity advisory in February claiming that hackers have targeted U.S. defense contractors over a period of at least two years. CISA, NSA and FBI expect that cyber attackers will continue to target cleared defense contractors for U.S. defense information, given the sensitive nature of information on unclassified (cleared contract) networks.
The Russian government has been supporting hackers infiltrating American defense contractor systems for the past two years. Sometimes, they raided the companies for months to steal sensitive, unclassified data, the U.S. government warned today.
The information gathered provides valuable insight into U.S. weapon platforms development and deployment timelines, vehicle specifications and plans for communication infrastructure and information technology. A CISA alert was posted online by the Department of Homeland Security. An adversary may be able adjust their military plans and priorities by obtaining proprietary internal documents and emails communications. This information could also inform foreign policymakers about U.S. intentions and target potential sources of recruitment.
The funding increase is not without merit. CISA stated that a cyber-espionage campaign was in place since January 2020, at the latest. It targeted contractors working for all military branches as well as U.S. Intelligence Community. It covered subjects such as command and control systems and aircraft design.
These “bad actors” maintained persistent access to multiple CDC networks for at least six months during this two-year period. CISA, NSA, FBI and NSA have all observed regular and recurring exfiltrations of data and emails in cases where the actors have gained access. One example is that threat actors stole hundreds of documents from computers during a compromise in 2021. These documents included information about the company’s products, relationships to other countries, internal personnel, legal matters, and more.
CISA stated that hackers didn’t generally use new techniques to break into systems. Instead, they relied on traditional standbys like spearphishing and brute-forcing and taking advantage unpatched networks.
CISA asked companies to conduct forensic inspections of their systems in order to find evidence of compromise and strengthen their defenses against future breaches. According to CISA, the threat is unlikely to disappear anytime soon.
The sensitivity of the information on unclassified CDC networks is so sensitive that the FBI, NSA and CISA expect that foreign state-sponsored cyber agents will continue to target CDCs in the near future for U.S. defense information. CISA advised companies to strengthen their defenses against future attacks.
The DoD Chief information Officer is correct in stating that there is a cost to your IP and a cost for the U.S government. There is also a benefit to our enemies if we do not implement something like the Cybersecurity Mature Model Certification (CMMC).
The Defense Department’s CIO is now working under an upgraded cyber certification program and wants to concentrate on clarifying requirements, increasing engagements with small- to medium-sized businesses in the hopes of improving the overall “baseline” of the Pentagon’s cybersecurity defenses.
The CMMC 2.0 is a way to raise the cybersecurity “baseline” across the Department of Defense in order to keep foreign countries, and other potential adversaries, from accessing our critical data. This is basic hygiene to ensure that we can protect our sensitive information so that our service members don’t have an unfair advantage if an adversary has stolen key data or technologies that will benefit them.
Earlier this month, the Deputy Defense Secretary announced that CMMC would be transferred under the control of the CIO for the DoD and out from the office of