SoylentNews

takyon [soylentnews.org] writes:

Cybersecurity failures raise threat of 'deadly missile attacks,' Pentagon watchdog says [nbcnews.com]

Cybersecurity lapses as basic as neglecting to encrypt classified flash drives and failing to put physical locks on critical computer servers leave the United States vulnerable to deadly missile attacks, the Defense Department's internal watchdog says in a new report.

The report, dated Dec. 10 but not made public until Friday, sums up eight months of investigation of the nation's ballistic missile defense system by the Pentagon's Office of Inspector General, or IG.

The audit examined five of the 104 Defense Department facilities that manage ballistic missile defense systems and technical information.

The facilities aren't identified in the heavily redacted 44-page report. But the report makes numerous specific references to programs involving the Army, the Navy and the Missile Defense Agency.

"The Army, Navy and MDA did not protect networks and systems that process, store and transmit [ballistic missile defense] technical information from unauthorized access and use," the declassified report concludes.

The shortcomings could lead to the disclosure of "critical details that compromise the integrity, confidentiality and availability of [ballistic missile defense] technical information," it says. Twice, it warns that such disclosure "could allow U.S. adversaries to circumvent [ballistic missile defense] capabilities, leaving the United States vulnerable to deadly missile attacks."

Security Controls at DoD Facilities for Protecting Ballistic Missile Defense System Technical Information [defense.gov]

See also: Cyber Tests Showed 'Nearly All' New Pentagon Weapons Vulnerable To Attack, GAO Says [npr.org] (October)

WEAPON SYSTEMS CYBERSECURITY: DOD Just Beginning to Grapple with Scale of Vulnerabilities [gao.gov]

Original Submission