Home News How U.S. Defense Contractor Electronic Warfare Associates Fell Prey to Phishing

How U.S. Defense Contractor Electronic Warfare Associates Fell Prey to Phishing

A U.S. government defense contractor, Electronic Warfare Associates (EWA), was a victim of data breach due to an email phishing incident.

Russian hackers, Senate Homeland Security Report, Electronic Warfare Associates

A U.S. government defense contractor, Electronic Warfare Associates (EWA), was a victim of a data breach due to an email phishing incident. Per a disclosure notification dated November 4, 2021, the defense contractor EWA was a victim of a phishing email on August 2, 2021. The incident was discovered when the hacker initiated a wire fraud, and the theft was detected. The defense contractor believes it was not an attack to purloin personal information but a direct financial theft attempt. But as discovered, the attack exposed certain personal information and files, including Social Security Number and driver’s license.

In a letter to its clients, EWA detailed the incident, what followed as investigation (third party forensics), the impact of the breach, and the steps taken as incident response. In response to the incident, EWA has offered a free fraud detection and identity theft protection through Equifax’s Complete Premier services at no charge for two years.

EWA’s customer list includes the Department of Defense (DOD) – Office of the Secretary of Defense (OSD), Defense Advanced Research Projects Agency (DARPA), Department of the Navy (USN), Department of the Army (USA), Department of the Air Force (USAF), Unified Military Commands, Department of Homeland Security (DHS), and Department of Justice (DOJ).

Some of its services include Computer Forensic Analysis, Data Recovery, Electronic Warfare (EW) Analysis and Support, EW and RF Engineering and Systems Services among others.

A data breach of any kind does expose critical sensitive data of national importance. The company deals in highly sensitive military category systems, and any breach could have grave ramifications on national security.

Third-Party Attacks

Firms are increasingly outsourcing core and non-core systems, business processes, and data processing to third-party service providers. With the widespread adoption of software-as-a-service (SaaS) technologies, even among industries like financial services that traditionally wanted control and autonomy, build vs. buy is less of a debate than it was just five years ago. When we think of third-party relationships, we think of the direct supply chain of vendors, suppliers, and cloud providers.

In an exclusive article for CISO MAG, Alla Valente, Senior Alla ValenteResearch Analyst, Forrester, opined, “What adds to the complexity of the third-party ecosystem is that although companies have limited or no control over how third parties secure their technology infrastructure, their applications, or their data, they’re fully responsible for security, privacy, or regulatory missteps that occur during the relationship. As a result, companies are on the hook financially for fines, penalties, or revenue loss and risk their reputation when events lead to negative publicity, business disruption, or impact the customer experience. According to Ponemon Institute, third-party breaches account for over half of all data breaches in the U.S.”

It’s not surprising that breaches caused by third parties are among the most highly publicized. Some of the most notorious data breaches in recent times have occurred because of the organizations’ vendors. Unfortunately, cyberattacks caused by third parties are also among the costliest. A January 2020 Ponemon Institute report indicates that 53% of organizations have experienced at least one data breach caused by a third party in the last two years. And that, on average, the data breach costs $7.5 million to remediate.