- The National Counterintelligence and Security Center launched its Know Your Risk, Raise Your Shield campaign on Monday, to drive awareness around the increasing risk of foreign cyberattacks on the private sector.
The cybersecurity campaign will provide educational tools to the private sector mitigate the growing risks from foreign intelligence agencies and other threat actors. Officials said the goal is to raise awareness and arm organizations with best practices to protect data, assets, technologies, and networks.
Supply chains topped the list of threats, as officials said foreign intelligence entities have been “bypassing hardened corporate defenses by using less-secure suppliers and vendors as surreptitious entry points to surveil, sabotage, and steal information from companies’ networks.”
The remarks mirror the language used in a recent Department of Homeland Security alert, warning all industries of Chinese hackers launching targeted cyberattacks on supply chain relationships. The Department of Justice indicted two Chinese hackers for those attacks, including those on the healthcare sector.
According to the NCSC campaign officials, other foreign governments have targeted a wide range of U.S. companies, including the global WannaCry campaign that was allegedly launched by North Korea. These attacks will only worsen in the near future.
“Make no mistake, American companies are squarely in the cross-hairs of well-financed nation-state actors, who are routinely breaching private sector networks, stealing proprietary data, and compromising supply chains,” NCSC Director William Evanina, said in a statement.
“The attacks are persistent, aggressive, and cost our nation jobs, economic advantage, and hundreds of billions of dollars,” he added. “To enhance private sector awareness, we’re arming U.S. companies with information they need to better understand and defend against these threats.”
The guidance also includes information around spear-phishing and social media deception. Officials also reminded all sectors of a July 2018 report with insight into the latest unclassified foreign intelligence information, which also highlighted the growing risk to supply chain.
NCSC’s campaign is just the latest federal effort to share threat information across sectors. The Department of Health and Human Services recently released a four-volume cybersecurity series for healthcare organizations, while National Institute of Standards and Technology released the final version of its Risk Management Framework that also highlight supply chain risk.
Cross-sector threat sharing is crucial to all organizations, especially in the healthcare sector, as a way to keep ahead of the growing risks. A list of all Know Your Risk, Raise Your Shield information can be found here.