Latest in Gear

Image credit: Fuse

Report: US weapons systems are highly vulnerable to cyber attacks

Tests showed that they're quite easy to infiltrate.
458 Shares
Share
Tweet
Share

Sponsored Links

Fuse

The Department of Defense will have to ramp up its cybersecurity efforts now that it's planning to spend $1.66 trillion to develop major weapons systems. According to a new report (PDF) by the Government Accountability Office, nearly all of Pentagon's weapons systems are vulnerable to cyberattacks. The DoD, the report reads, didn't make cybersecurity a priority, even though GAO has been warning it for decades about the risks it's taking by not making sure its systems are properly protected. That leaves the nation's weapons, such missiles and drones, susceptible to attacks meant to take over their controls.

By request from the Senate Armed Services Committee, GAO assessed the department's readiness to deal with cyberattacks by looking at cybersecurity tests conducted on its weapons systems from 2012 to 2017. It found that testers were routinely able to infiltrate and commandeer the weapons systems they're testing. In at least one case, they were able to find the correct administrator password in nine seconds, because the DoD never bothered changing the default. All the testers had to do was look it up on the internet. Further, they were able to operate undetected -- the other testers meant to fend them off were unable to do so.

GAO also believes that the Pentagon doesn't know how bad its vulnerability issues truly are, because the tests were limited in scope. In addition, most of the vulnerabilities the tests unearthed remain unresolved. The Pentagon only addressed one of 20 identified vulnerabilities, and even though officials found solutions for some of them, they were never implemented "for some reason." While there could multiple factors that contribute to DoD's lack of action, one of them is losing its best workers to the private sector. The department doesn't have the budget to match the salaries private companies offer top cybersecurity experts, whom it needs to be able to detect and combat advanced/state-sponsored cyber threats against the government.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
458 Shares
Share
Tweet
Share

Popular on Engadget

'Animal Crossing: New Horizons' has more customization options than ever

'Animal Crossing: New Horizons' has more customization options than ever

View
Amazon is the next to pull out of GDC over coronavirus fears

Amazon is the next to pull out of GDC over coronavirus fears

View
Five small smart devices that can prevent major home damage

Five small smart devices that can prevent major home damage

View
How to buy a mirrorless camera lens in 2020

How to buy a mirrorless camera lens in 2020

View
Twitter verified a fake congressional candidate created by a teenager

Twitter verified a fake congressional candidate created by a teenager

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr