[1]https://hothardware.com/news/how-cheap-smart-id-card-reader-sold-amazon-becam
e-national-security-risk

   "Earlier this month, we reported on a phishing attack that [2]stole
   $23.5 million from the US Department of Defense (DoD). Thankfully,
   the [3]DoD caught the cybercriminals and recovered the money, but this
   incident highlights the need for strong [4]cybersecurity practices at
   the DoD and among its contractors. The DoD is a high value target with
   an extensive attack surface due to its size and complexity. A recent
   discovery demonstrates how cyberattacks can be indirect and come from
   unexpected sources. A government defense contractor relayed this
   discovery to Brian Krebs of KrebsOnSecurity, who published the
   details."

   "DoD employees and contractors, along with military personal, use ID
   cards known as Common Access Cards (CAC) to access controlled spaces,
   as well as computer systems and networks. Cardholders don’t just use
   these cards onsite. Many employees and contractors need to access their
   email remotely, which requires CAC authentication. However, approved
   card readers aren’t standard issue devices for cardholders. As a
   result, government employees and contractors often turn to the internet
   to find compatible card readers."

References

   1. https://hothardware.com/news/how-cheap-smart-id-card-reader-sold-amazon-became-national-security-risk
   2. https://hothardware.com/news/us-dod-got-snookered-235m-phishing-scam-but-got-revenge-court
   3. https://hothardware.com/tags/dod
   4. https://hothardware.com/tags/cybersecurity