- Select a language for the TTS:
- UK English Female
- UK English Male
- US English Female
- US English Male
- Australian Female
- Australian Male
- Language selected: (auto detect) - EN
Play all audios:
A former Marine who conducted cyber missions for the U.S. military and the National Security Agency told CNBC on Monday the threat of a cyberattack on the U.S. chain supply keeps him awake
at night. David Kennedy, also the founder of cybersecurity companies TrustedSec and Binary Defense, told "Power Lunch" that an attack on the U.S. supply chain would disrupt the
entire world. "The thing that personally keeps me up at night as a cybersecurity professional are these supply chain attacks ... you're talking about impacting tens of thousands
and hundreds of thousands of companies and organizations around the world from a single hack," Kennedy said. The Russian-linked hacker group Nobelium has been attempting to attack parts
of the global technology supply chain, according to cybersecurity experts at Microsoft. Nobelium, as the hacking group is known, is infamous for the SolarWinds hack in 2020, which
compromised the IT firm and its customers including big U.S. companies and the federal government. "They've had a lot of success," Kennedy said of Nobelium. "They
targeted Ukrainian tax software, they then continued with Solarwinds and now we're seeing them target man-to-man service providers." Successful attacks may lead other adversarial
nations to wage a cyberattack against the United States, with aim taken at increasingly vulnerable cloud computing, Kennedy said. "Every other adversary that we have in the U.S. is
looking at this and saying this is an area of opportunity, and cloud is definitely the next evolution of attack for us." Security systems in place by many technology companies
weren't designed to handle these levels of threats, according to Kennedy. "It's not just these high sophisticated level of adversaries like Russia or China, it's also
ransomware now which is particularly alarming for us," he added. Another thing that keeps Kennedy up at night is the United States' lack of offensive cybersecurity capabilities.
"We have to do more going after these countries and holding them accountable, especially on ransomware." Offensive actions should especially be considered when adversarial nations
attack U.S. intellectual property and the private sector, according to Kennedy. With other powerful countries using cyberattacks as a sign of force, the U.S. is at risk of appearing
vulnerable and at risk for further attacks, he added. "It's time to go on the offensive."
