News & Comment: Nearly all new U.S. weapons systems have “critical” cybersecurity problems, auditors say
Nearly all new U.S. weapons systems have âcriticalâ cybersecurity problems, auditors say
The Washington Post reported today that the Department of Defense’s (DOD) weapon systems feature cyber vulnerabilities that leave them susceptible to attack, according to a GAO government report released Tuesday.
COMMENT: According to Pravin Kothari, CEO of cloud security vendor CipherCloud:
“Yes, cyber vulnerabilities remain a major challenge especially in areas such as the move to cloud computing. The GAO is keeping everyone’s eye on the ball. That said, let’s keep this GAO report in perspective. First – many of these weapons systems are absolutely not online to external networks. This is intentional. Second – many of the network protocols used in these specialized weapons systems do not use a standard TCP/IP protocol, but instead may use proprietary, highly specialized network communications protocols and encryption techniques specifically designed for that weapons system program. Third, and the most important to your health – if you do try to get in close proximity to a classified weapons system it won’t be more than a few seconds before a highly motivated marine interrupts your activities. Let’s get real here. If there were real actionable deficiencies to classified weapons systems, they’re getting worked on furiously right now. Rest assured the vulnerabilities would not be detailed as a “how to” manual for hostile nation states in a GAO non-classified report.”
Hugh Taylor
Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.