The U.S. Navy is prepared to face and defeat the nation’s enemies in all physical environments, but is losing an on-going cyberwar with China, according to its own assessment of the situation.
A 57-page report compiled by the Navy and delivered by Navy Secretary Richard Spencer, and read and reported on by the Wall Street Journal, states the Chinese have been attacking both the branch itself along with its suppliers and third-party vendors to steal secrets and gain an military advantage. The report cites the Navy for not anticipating a cyber campaign to be run against its contractors and for not informing those companies of the threat, the WSJ said.
Such attacks are well known in the private sector with many corporations having been breached or had data stolen through a partner firm.
“Supply chain attacks are increasing as threat actors target companies through their weakest link, which is the third party. Accountability must be set to ensure that contractors adhere to a set of cybersecurity standards. That said, the process of enforcing those standards must be efficient, rather than increasing time and effort with unnecessary bureaucracy,” said Matan Or-El, CEO of Panorays.
The Navy report comes just days after the news that Spencer was considering scrapping the newly proposed position of assistant secretary position to manage cyber, IT and data that was to be created under a new reorganization plan.
Some of the top line issues The WSJ found in the report found were:
- The Navy and Defense Department have only a limited understanding of the totality of losses they and their partners are suffering.
- The Navy is focused on “preparing to win some future kinetic battle, while it is losing the current global, counter-force, counter-value, cyber war,” the review’s authors conclude.