[ad_1]
The monitoring group report states that the GAO "found that between 2012 and 2017, testers (from the Department of Defense) regularly discovered critical cyber-vulnerabilities in almost all weapons systems in the country. development course ".
In some tests, the testers were able to hack some of these complex weapon systems and control them "using relatively simple tools and techniques."
"In one case, it took an hour for a two-person test team to gain initial access to a weapon system and one day to take full control of the system. that they were testing, "says the report.
In some cases, "the weapon systems used commercial or open source software, but did not change the default password during software installation, which allowed the test teams to search the password on the Internet and get the administrator privileges ".
One of the reasons that weapons systems are so vulnerable to cyber attacks is their connectivity to other systems, which the Pentagon has long considered a benefit.
Weapons such as the F-35 Joint Strike Fighter have been recognized for their ability to connect to a range of other systems, making it easier to share critical military information.
But GAO reports indicate that connectivity makes weapons systems vulnerable, as potential hackers would only need to enter one of the connected systems to potentially gain access to others.
"These connections facilitate the exchange of information that benefits the weapons systems and their operators in many ways – such as command and control of weapons, communications and knowledge of the space of weapons. fight, "says the report while adding," If attackers can access any of these systems, they may be able to reach any of the other through the networks of connection. "
Pentagon spokesman Major Audricia Harris told CNN that they "take seriously the threats to our country."
"We are continually reinforcing our defensive stance by strengthening the network, strengthening cyber security, and working with our international allies and partners and industry base partners and critical defense infrastructure to secure critical information," he said. she declared.
The revelation that so many Pentagon weapons systems are vulnerable to cyber attacks raises questions about the billions of dollars that the United States has invested in its various programs.
The report says that part of the problem is that cybersecurity has been put forward only recently when developing requirements for these systems.
The report said the Pentagon "is taking steps to improve its understanding of the vulnerabilities of its weapons systems, determine how to mitigate the risks associated with these vulnerabilities and inform the future development of more secure systems," but added that the Department of Defense faced challenges in strengthening its defenses given the costs of recruiting and retaining talented cybersecurity professionals and the difficulties of sharing information.
The Department of Defense recently released its cyber strategy, which indicated that the Pentagon was seeking to integrate cybersecurity awareness into the overall institutional culture of the department.
Source link
