{"id":55273,"date":"2024-02-08T00:06:00","date_gmt":"2024-02-08T00:06:00","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/"},"modified":"2024-02-08T00:06:00","modified_gmt":"2024-02-08T00:06:00","slug":"it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/","title":{"rendered":"IT suppliers hacked off with Uncle Sam&#8217;s demands in aftermath of cyberattacks"},"content":{"rendered":"<p>Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US government agencies full access to their systems in the event of a security incident.<\/p>\n<p>The rules were unveiled in a <a href=\"https:\/\/www.federalregister.gov\/documents\/2023\/10\/03\/2023-21328\/federal-acquisition-regulation-cyber-threat-and-incident-reporting-and-information-sharing\" rel=\"nofollow\">draft update<\/a> to the Federal Acquisition Regulation (FAR) that refreshes security reporting standards for government contractors in line with President Biden&#8217;s 2021 <a href=\"https:\/\/www.whitehouse.gov\/briefing-room\/presidential-actions\/2021\/05\/12\/executive-order-on-improving-the-nations-cybersecurity\/\" rel=\"nofollow\">executive order<\/a> on the topic.<\/p>\n<p>Among the potential incoming requirements are:<\/p>\n<ul>\n<li>Contractors would have just eight hours to report a detected incident to the Cybersecurity and Infrastructure Security Agency (CISA), which would have to be updated every 72 hours thereafter;<\/li>\n<li>A software bill of materials (SBOM) would need to be maintained;<\/li>\n<li>After an incident, contractors would provide &#8220;full access&#8221; to IT systems and personnel for CISA and federal law enforcement agencies.<\/li>\n<\/ul>\n<p>The above ideas \u2013 developed by Department of Defense (DoD), General Services Administration (GSA), and NASA \u2013 have been suggested in light of the many infosec threats facing the USA.<\/p>\n<p>&#8220;SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that US public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals,&#8221; the update from the three agencies reads.<\/p>\n<div class=\"promo_article no_img\">\n<h2 title=\"CERT-In was told its six-hour notification requirement was a bad idea \u2013 now it knows just how bad\">India&#8217;s absurd infosec reporting rules get just 15 followers<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2023\/03\/22\/cert_in_cyber_reporting_ignored\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>&#8220;These incidents share commonalities, including insufficient cyber security defenses that leave public and private sector entities more vulnerable to incidents,&#8221; the trio added. &#8220;This proposed rule underscores that the compliance with information-sharing and incident-reporting requirements are material to eligibility and payment under government contracts.&#8221;<\/p>\n<h3 class=\"crosshead\">Proposed changes are FAR from what industry wants<\/h3>\n<p>While you&#8217;d think rules to improve government security would be welcomed, industry respondents aren&#8217;t happy.<\/p>\n<p>Even though they were first proposed in October of last year, the comment period on the FAR reporting requirements has ended after being extended for two months. With more than 80 responses, it&#8217;s clear many stakeholders wanted to have their say \u2013 and all the aforementioned provisions were questioned.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The Cloud Service Providers Advisory Board, (CSP-AB), which counts <a href=\"https:\/\/www.csp-ab.com\/about-us\" rel=\"nofollow\">multiple<\/a> major US cloud service firms among its members, <a href=\"https:\/\/www.regulations.gov\/comment\/FAR-2021-0017-0085\" rel=\"nofollow\">described<\/a> the new rules as &#8220;burdensome \u2026 on information technology companies who are already meeting a high security and compliance bar across the federal marketplace.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>The CSP-AB took particular umbrage with the FAR update&#8217;s SBOM requirements, arguing cloud service providers shouldn&#8217;t be required to submit them since they&#8217;re so frequently subject to change \u2013 sometimes &#8220;up to hundreds of times&#8221; per day.<\/p>\n<p>The Information Technology Industry Council (ITIC), which <a href=\"https:\/\/www.itic.org\/about\/membership\/iti-members\" rel=\"nofollow\">represents<\/a> a laundry list of heavy hitters, <a href=\"https:\/\/www.regulations.gov\/comment\/FAR-2021-0017-0076\" rel=\"nofollow\">expressed<\/a> dissatisfaction over the proposed reporting rules, describing them as adding &#8220;another hue of color to the kaleidoscope of incident reporting regimes&#8221; being passed by the US federal government of late.<\/p>\n<p>ITIC said the eight-hour reporting requirement was &#8220;unduly burdensome and inconsistent&#8221; with other reporting rules, adding that the 72-hour update period &#8220;does not reflect the shifting urgency throughout an incident response.&#8221;<\/p>\n<p>Even bug bounty biz HackerOne weighed in, <a href=\"https:\/\/www.regulations.gov\/comment\/FAR-2021-0017-0079\" rel=\"nofollow\">arguing<\/a> among other things that the provision requiring access to contractor systems by federal law enforcement in the wake of a security incident &#8220;has the potential to expose data and information from the contractor&#8217;s non-federal customers.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Non-federal customers may be reluctant to continue working with federal contractors, potentially forcing federal contractors to choose between selling to non-federal customers or the government,&#8221; HackerOne warned.<\/p>\n<h3 class=\"crosshead\">Reporting rules are myriad and inconsistent<\/h3>\n<p>There&#8217;s room to debate some of the complaints raised by commenters, but one thing&#8217;s for certain: Uncle Sam&#8217;s cyber incident reporting rules are growing in number \u2013 and each set of regulations is different.<\/p>\n<p>The Securities and Exchange Commission (SEC) <a href=\"https:\/\/www.theregister.com\/2023\/07\/26\/sec_reporting_security\/\">implemented<\/a> a rule last summer requiring victims to report cyberattacks to it within four days when the incident could have a &#8220;material&#8221; impact on the business or investors. The Federal Trade Commission (FTC) followed suit in the fall with <a href=\"https:\/\/www.theregister.com\/2023\/10\/31\/ftc_30_day_breach_disclosure\/\">its own<\/a> incident reporting rule, giving non-banking financial organizations 30 days to inform the commission of a successful break-in of their systems.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2024\/01\/30\/voltage.jpg?x=174&amp;amp;y=115&amp;amp;crop=1\" width=\"174\" height=\"115\" alt=\"voltage\"><\/p>\n<h2 title=\"Presumably American TLAs are all over Beijing's infrastructure, too ... right?\">Volt Typhoon not the only Chinese crew lurking in US energy, critical networks<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2024\/02\/07\/its_not_just_volt_typhoon\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>CISA, meanwhile, plans to follow suit with its own rules outlined by the Cyber Incident Reporting for Critical Infrastructure Act (<a href=\"https:\/\/www.cisa.gov\/topics\/cyber-threats-and-advisories\/information-sharing\/cyber-incident-reporting-critical-infrastructure-act-2022-circia\" rel=\"nofollow\">CIRCIA<\/a>), signed into law by President Biden in March 2022, with a two-year deadline to propose a rule. Due next month, CIRCIA will give companies in critical infrastructure sectors three days to report an incident.<\/p>\n<p>Congressional representatives have expressed discontent with the SEC&#8217;s reporting rules and <a href=\"https:\/\/www.theregister.com\/2024\/02\/01\/senate_resolution_to_undo_sec\/\">introduced a bill to kill its reporting requirement<\/a> \u2013 citing too short a deadline and the fact that incident reporting should fall under CISA&#8217;s purview. The proposed FAR updates, as mentioned, give a mere eight hours.<\/p>\n<p>All of these various reporting requirements are likely to lead to what the ITIC describes as &#8220;misalignment&#8221; among reporting requirements, with the council calling for &#8220;the establishment of one authoritative incident reporting process across the federal government and regulated sectors.&#8221;<\/p>\n<p>&#8220;Several incident reporting regimes are potentially suitable candidates,&#8221; ITIC EVP of public sector policy Gordon Bitko wrote in the org\u2019s submission, suggesting rules set by CIRCIA and the SEC as suitable alternatives.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;The rule should identify one coordinating agency, ideally CISA [which] should be the focal point for all reporting and subsequent investigations,&#8221; Bitko added, echoing calls from other commenters and representative Andrew Garbarino (R-NY), who introduced a House bill to kill the SEC&#8217;s reporting requirements.<\/p>\n<p>We&#8217;ve asked NASA, the GSA, and DoD for comment, and have not received a response at the time of publication. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2024\/02\/08\/us_tech_industry_changes\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Plan says to hand over keys to networks \u2013 and report intrusions within eight hours of discovery Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US government agencies full access to their systems in the event of a security incident.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-55273","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>IT suppliers hacked off with Uncle Sam&#039;s demands in aftermath of cyberattacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"IT suppliers hacked off with Uncle Sam&#039;s demands in aftermath of cyberattacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-08T00:06:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"IT suppliers hacked off with Uncle Sam&#8217;s demands in aftermath of cyberattacks\",\"datePublished\":\"2024-02-08T00:06:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/\"},\"wordCount\":938,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_onprem\\\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/\",\"name\":\"IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_onprem\\\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-02-08T00:06:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_onprem\\\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_onprem\\\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"IT suppliers hacked off with Uncle Sam&#8217;s demands in aftermath of cyberattacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/","og_locale":"en_US","og_type":"article","og_title":"IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-02-08T00:06:00+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"IT suppliers hacked off with Uncle Sam&#8217;s demands in aftermath of cyberattacks","datePublished":"2024-02-08T00:06:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/"},"wordCount":938,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/","url":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/","name":"IT suppliers hacked off with Uncle Sam's demands in aftermath of cyberattacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-02-08T00:06:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_onprem\/publicsector&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZcQ2WDOmPyWaFIU9XaUPPQAAAcM&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/it-suppliers-hacked-off-with-uncle-sams-demands-in-aftermath-of-cyberattacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"IT suppliers hacked off with Uncle Sam&#8217;s demands in aftermath of cyberattacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55273"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55273\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}