Security firm Black Kite says that 20 percent of America’s largest 100 defense contractors are highly susceptible to a ransomware attack. Why do they say this?
Nearly 43% of federal defense contractors have out-of-date systems, giving them a D+ rating for patch management.
42% of contractors have had at least one credential compromised in the last 90 days and 40 contractors received an F in credential management.
The top 100 federal contractors averaged an RSI of 0.39 (Ransomware susceptibility Index) but 20 percent scored above 0.6.
This is compared to 10% of pharmaceutical manufacturers who scored above an RSI above 0.6 .
The top 100 scored a C+ for information disclosure (leaks) and a C on both SSL strength and application security.
But consider this.
These are the big companies and the ones who should be very security aware.
If the top 100 defense contractors are in bad shape can you imagine what the millions of small businesses’ security profiles look like? You don’t have to wonder. The Chinese already know and if the news is any indication (as in the number of breaches and the number ransomware attacks), it isn’t pretty. Credit: Help Net Security