(Published October 20, 2018)
Earlier this month, the auditors at the Government Accountability Office (GAO) released a report outlining the Pentagon’s faulty cybersecurity. “Nearly all” of the Pentagon’s software-dependent weapons systems, or $1.7 trillion dollars worth of weaponry, is hackable.
According to the GAO, the federal government has focused so closely on shoring up their computer networks to prevent another Snowden-like theft, they have left glaring holes in their weaponry that relies on software.
Weapons that are hacked by an enemy could potentially misfire or cease operating altogether. This report is one of many that have come out since the 1990’s warning the Pentagon that their systems were compromised, to no avail. The GAO notes that “Until recently, DOD [Department of Defense] did not prioritize cybersecurity in weapon systems acquisitions. DOD is in the early stage of trying to understand how to apply cybersecurity to weapon systems.”
The security is astonishingly weak it turns out. The report states that military hackers employed to test the cybersecurity of systems were able to access the platforms in seconds. In one instance, a key password was guessed in nine seconds. Weapons manufacturers were found to equip their systems with publicly available software, but without changing the default passwords.
Because cybersecurity was not tested before 2014 at the federal level, there are older systems that are still connected to newer ones that can serve as a backdoor to connected networks. The GAO report concludes the Pentagon “does not know the full extent of its weapon systems cyber vulnerabilities.” This is because of inadequate and hurried testing and a lack of qualified cyber experts. The most egregious finding was that even when 20 security weaknesses were found and reported, only one issue had been repaired when it was rechecked at a later date.
According to an article by Zachary Fryer-Biggs at the Center for Public Integrity,
> General Dynamics, the company responsible for the MUOS ground systems, said in a statement that it is ‘confident in the security of the Mobile User Objective System (MUOS) having received an ‘Authority to Operate’ from the U.S. Navy in August and continue to improve and adapt the system’s security to outpace new and emerging threats.
Read more HERE.
Reality Changing Observations:
Q1. Why is cybersecurity so important on a national an international level?
Q2. What could motivate the federal government to strengthen their cybersecurity?
Q3. What measures do you take to ensure your own personal computer, cell phone and connected devices are safe?