Thirty-two percent of U.S. defense contractors are vulnerable to ransomware attacks, according to a new report.

"Centralizing Supply Chain Cybersecurity: U.S. Federal Government Risk in 2022," a report from Black Kite, identified that cyber risks for top defense contractors are rising. The research found that 72% of contractors have had at least one leaked credential in the last 90 days — a 71% increase from six months ago.

The report analyzed the top 100 U.S. defense contractors’ overall cyber hygiene, including susceptibility to ransomware attacks. In addition to the increase in leaked credentials, report findings include:

  • Nearly half (46%) of defense contractors are three times more likely to experience a cyber breach than those with “A” technical ratings (on a scale from A to F).
  • Thirty-two percent are vulnerable to ransomware attacks such as phishing – and 20% of agencies examined in last year’s report are still vulnerable, meaning quick improvement is critical.
  • Seventeen percent utilize out-of-date systems, creating a critical vulnerability for ransomware attacks.

"In today’s geopolitical landscape, the federal sector is under constant threat of cyberattack. There’s a heightened sense of urgency to protect critical infrastructure and the nation — but hackers across the globe are getting better at flying under the radar," said Bob Maley, Chief Security Officer (CSO) at Black Kite. "Some of the most critical federal agencies are unprotected, which leaves our country vulnerable and at risk."

For more defense sector cybersecurity insights, click here.