The U.S. Cyber Command (USCC) is conducting a massive audit of all the military’s computer networks, weapons, and bases in order to create a list of vulnerabilities to cyber attack. Deputy commander Lt. Gen. Kevin McLaughlin said the audit resulted from a troubling report from the Pentagon’s chief weapons tester, Michael Gilmore.
Gilmore’s report pointed out that a majority of the military’s weapon systems are vulnerable to cyber attack.
Within months, the audit is expected to lead to a framework for approaching the most critical vulnerabilities, which includes new weapon systems as well as those introduced 30 years ago, before the cyber threat was a factor.
Government agencies are constantly dealing with multiple attacks by both Russia and China, the largest being the attack this year on the Office of Personnel Management. One of the most recent attacks involved the Pentagon’s Joint Staff, which includes some of the nation’s most senior military personnel.
In short the military is being attacked like never before and it’s now getting tough on protecting its systems.
The USCC audit follows a similar report last week in which USCC Commander Admiral Mike Rodgers emphasized the need for more vigilance and awareness among personnel regarding cyber threats. In a troubling sign, that report echoed the desire of FBI Director James Comey to allow “backdoors” within encrypted systems, which is basically an invitation for more cyber attacks.
Mr. Comey brought out the familiar villain of terrorism as justification for requiring companies to place backdoors on consumer products such as phones, tablets, and laptops. Currently, FBI investigations of potential terrorist recruits are incapable of decoding communications exchanges once they are moved to third party encrypted software.
The USCC’s audit will hopefully result in systems that do not allow for these backdoors on weapons systems, but an event this summer involving a U.S.-made Patriot missile battery in Germany witnessed the device overtaken by unexplained commands from unknown hackers.
Government officials are eager to find a way to retain the use of backdoors for their surveillance activities, while also increasing security from cyber threats, but the two goals are contradictory. Any backdoor available to government agencies would eventually be abused by other actors.
The latest moves by the Pentagon indicate its well aware of this tradeoff and will not be including any such vulnerabilities into the nation’s weapons system while looking to aggressively remove any that may be lurking from days gone by.