Skip to content
More from
Bloomberg
Cybersecurity
relates to Where Do Disruptive Ideas Happen? Not on a Big Team
relates to China Has Abandoned a Cybersecurity Truce With the U.S., Report Says relates to New Zealand Says China's Huawei Hasn't Been Ruled Out of 5G relates to Christie’s Tip Off Leads to Conviction of Global Money Launderer relates to U.K. Security Watchdog Said to Conclude No Huawei 5G Ban Needed relates to Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers relates to Cybersecurity Powerhouse Israel Is Ripe for Election Meddling relates to Singapore Plans Cautious Budget Ahead of Election relates to Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle relates to The Swiss Go Against the Flow With Online Voting relates to Where Do Disruptive Ideas Happen? Not on a Big Team
relates to China Has Abandoned a Cybersecurity Truce With the U.S., Report Says relates to New Zealand Says China's Huawei Hasn't Been Ruled Out of 5G relates to Christie’s Tip Off Leads to Conviction of Global Money Launderer relates to U.K. Security Watchdog Said to Conclude No Huawei 5G Ban Needed relates to Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers relates to Cybersecurity Powerhouse Israel Is Ripe for Election Meddling relates to Singapore Plans Cautious Budget Ahead of Election relates to Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle relates to The Swiss Go Against the Flow With Online Voting relates to Where Do Disruptive Ideas Happen? Not on a Big Team
relates to China Has Abandoned a Cybersecurity Truce With the U.S., Report Says relates to New Zealand Says China's Huawei Hasn't Been Ruled Out of 5G relates to Christie’s Tip Off Leads to Conviction of Global Money Launderer relates to U.K. Security Watchdog Said to Conclude No Huawei 5G Ban Needed relates to Australia Says a ‘Sophisticated State Actor’ Hacked Lawmakers relates to Cybersecurity Powerhouse Israel Is Ripe for Election Meddling relates to Singapore Plans Cautious Budget Ahead of Election relates to Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle relates to The Swiss Go Against the Flow With Online Voting
Photographer: Andrey Rudakov/Bloomberg
cybersecurity

Pentagon Slow to Protect Weapons From Cyber Attacks

Corrected

Pentagon Slow to Protect Weapons From Cyber Attacks

  • Cybersecurity hasn’t been Pentagon focus despite warnings: GAO
  • Pentagon started improving security in 2014, watchdog says
Hacker hacking
Photographer: Andrey Rudakov/Bloomberg

The Pentagon hasn’t made cybersecurity for its multibillion-dollar weapons systems a major focus until recently despite years of warnings, according to Congress’s watchdog agency.

“Instead, for many years,” until about 2014, the Pentagon “focused cybersecurity efforts on protecting networks and traditional IT systems, such as accounting systems, rather than weapons,” the Government Accountability Office said in a report released Tuesday entitled: “DOD Just Beginning to Grapple with Scale of Vulnerabilities.”

The report doesn’t name any specific weapons systems but underscores that the same software that can turn the F-35 jet into a flying computer capable of absorbing and distributing massive amounts of data also can introduce vulnerabilities that can cripple a system.

“There was a general lack of emphasis on cybersecurity throughout the acquisition process” even as operational tests of systems between 2012 and last year “routinely found mission-critical cyber vulnerabilities in nearly all weapon systems that were under development,” the GAO said in the report to the Senate Armed Services Committee.

“Using relatively simple tools and techniques, testers were able to take control of these systems and largely operate undetected” and “in some cases, system operators were unable to effectively respond to the hacks,” the GAO said. “Furthermore, DOD does not know the full scale of its weapon system vulnerabilities because, for a number of reasons, tests were limited in scope and sophistication.”

“We are continuously strengthening our defensive posture through network hardening, improved cybersecurity, and working with our international allies and partners and our Defense Industrial Base and Defense Critical Infrastructure partners to secure critical information,” Army Major Audricia Harris, a Pentagon spokeswoman, said in an emailed statement.

Todd Probert, Raytheon Co.’s vice president of Mission Support and Modernization, said the GAO report wasn’t surprising. “The military has been working closely with industry to understand the risks these vulnerabilities pose and how to better secure their systems.” Congress and the military “must also increase funding specifically for cyber vulnerability assessments and cyber hardening,” he said.

(Corrects last paragraph to attribute the quote to the GAO report, not the Raytheon official, in story originally published on Oct. 9.)