Study: Home Depot Has Better Cybersecurity Than Defense Contractors

A new study questions how strong federal government contractors' cybersecurity is, providing data showing the computer systems for Home Depot, Target, and other retailers, as a whole, are more secure.

The study, according to Nextgov, looked at several contractors working with the Department of Defense and concluded there's a lot of work to be done in order to shore up their computer defenses.

A recent hack of government computers was allegedly caused by a compromised login belonging to a contractor, according to Nextgov.

The study, conducted by BitSight Technologies, found that banks and retailers have better cybersecurity than contractors used by the government.

Nextgov cites BitSight data that gave federal contractors a median cyberdefense score of 650 out of 900 points, compared to financial institutions (710) and retail companies (670).

"You can write a contract requiring somebody to do something. The question is, how do you enforce it? And if it's broken, what are the penalties? That's what DOD is really struggling with," Jacob Olcott of BitSight Technologies told Nextgen. "If you are the only organization that's building an F-35, there is only so much that the government can demand of you."

What it means is that contractors, for all the money they're taking in from the government in exchange for building planes, helicopters, weapons systems, and more, are susceptible to hackers.

More specifically, J.P. Morgan Chase and Home Depot, giants in the financial and retail industries, had better ratings than 25 defense contractors — a list that includes Boeing, Lockheed Martin, and Raytheon.

Olcott told Nextgov companies such as Goldman Sachs, an investment bank, use external network monitoring tools that allow them to keep better tabs on what's happening.

"The guys at Goldman Sachs will say, 'I can't just rely on my vendors to proactively report to me when something bad is happening," Olcott said. "'I need to know in real time what is happening with them and I need to be able to hold them accountable.'"

Home Depot and Target, were the victims of massive data breaches in the last two years that resulted in compromised credit card data for 100 million Americans. In April, President Barack Obama signed an executive order to help stop foreign cyberattacks.

Federal government servers were targeted earlier this year in another major breach that resulted in the personal information of current and former federal workers being stolen. Experts point to Chinese hackers as the culprits.

A Security expert told Newsmax TV last month there is no stopping hackers from stealing data because of "pinholes" in security systems.

Related Stories:

• US Army's Public Website Hacked Over Syria Rebel Training
• Petraeus: US Water, Electrical Grid Vulnerable to Chinese Cyberattacks