Any breach of a cleared defense contractor is a serious matter, especially if it could potentially affect the safety and security of nuclear weapons systems. The Department of Defense has been increasing auditing and compliance requirements for contractors, but simply complying with minimum required levels of security controls to pass an audit is not necessarily sufficient to protect against ever-evolving attack techniques. It is important to keep Internet-facing systems up to date with security patches, use multi-factor authentication and auditing for all remote access systems, and educate employees about the danger of opening attachments, downloading document files, or entering their passwords into phishing pages. Even with all the best security controls in place, one careless employee can open the door to allow attackers remote access to steal files and encrypt or destroy the original copies. The best strategy for defense in depth is for a Security Operations Center to monitor network and endpoint systems around the clock to detect abnormalities in user behavior that can indicate an attacker has breached a computer and then shut down the attacker’s access before they have a chance to steal all the files and cause damage.
For more information, please see:
https://news.sky.com/story/hackers-steal-secrets-from-us-nuclear-missile-contractor-11999442