DOD Weapon Systems Vulnerable to Cyber Threats, GAO Reports
Although GAO and others have warned of cyber risks for decades, the Defense Department did not prioritize weapon systems cybersecurity until recently, the new report says.
A new report from the Government Accountability Office (GAO) indicates weapon systems of the U.S. Department of Defense are very vulnerable to cyber threats. Although GAO and others have warned of cyber risks for decades, the Defense Department did not prioritize weapon systems cybersecurity until recently, the new report says.
Operational testing by DOD routinely found mission-critical cyber vulnerabilities in systems that were under development, but program officials with whom GAO met as part of this study believed their systems were secure. Yet "using relatively simple tools and techniques, testers were able to take control of systems and largely operate undetected, due in part to basic issues such as poor password management and unencrypted communications," GAO's summary of the report states. t also says the vulnerabilities of which DOD is aware "likely represent a fraction of total vulnerabilties due to testing limitations."
DOD has recently taken steps to improve weapon systems cybersecurity, and, at Congress' suggestion, has begun initiatives to better understand and address cyber vulnerabilities, it says.