Supply chain attacks have become a serious cybersecurity concern for the federal government in the past year. The massive SolarWinds attack showed that sensitive federal data could be infiltrated through third parties in federal data networks. Recently, Microsoft issued a warning that Nobelium, the Russian group responsible for the SolarWinds attack, “has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.” The federal government’s expanding network of suppliers and service providers with access to federal data means that officials must make it a priority to reduce the risk of attacks. An Executive Order issued in May has placed increased responsibility on federal agencies to do their part to mitigate these risks.
Read more.