Darron Makrokanis, chief revenue officer at Summit 7, said Iran-affiliated cyber threat actors pose a persistent threat to U.S. defense industrial base, or DIB, organizations. He noted that the fallout from these actors’ threat campaigns can be severe.
“While their campaigns are often labeled as lower sophistication, make no mistake: Low-skill does not mean low-impact,” Makrokanis wrote in a commentary published Tuesday on Federal News Network.
“From wiper malware to phishing and supply chain compromise, Iranian actors continue to exploit the weakest links in U.S. defense networks — often when attention is focused elsewhere,” he added.
Disruptive Potential of Iranian Cyber Actors and Their Campaigns
In this piece, Makrokanis discussed some of the tactics and campaigns Iranian actors use to target DIB organizations, such as aggressive credential harvesting campaigns, social engineering, supply chain compromise and use of wiper malware that could destroy data and systems.
He said such schemes may lack technical sophistication, but they have the potential to be disruptive and could have long-term implications for defense contractors.
DIB Organizations Should Focus on Perimeter Hardening, Internal Resilience
The Summit 7 official called on DIB organizations to act now by focusing on internal resilience and perimeter hardening.
He suggested several measures that contractors should take, such as patching all internet-facing services; implementing geofencing; deploying web application firewalls; conducting network segmentation; detecting brute-force attacks; requiring multifactor authentication; and maintaining “secure, tested backups and clear recovery time objectives.”
“Beyond technology, don’t underestimate the human factor,” Makrokanis wrote. “Mandatory security awareness and insider threat training must be enforced not just internally but across your subcontractor network. A compromised vendor could be the path into your own environment.”