- A report by the Government Accountability Office (GAO) found that cybercriminals could easily target Pentagon’s weapons systems to shut systems down from operating, or function in ways that are undermining to the US.
- The GAO found a stockpile of vulnerabilities affecting the new weapons systems.
The Pentagon’s new computerized weapons systems, which is currently under development by the US Department of Defense (DoD) contains a stockpile of vulnerabilities that could easily be exploited by cybercriminals to hack the system.
A new report by the Government Accountability Office (GAO) found that cybercriminals could easily target Pentagon’s weapons systems to shut systems down from operating, or function in ways that are undermining to the US. The GAO report was commissioned by the Congress, which is currently planning to approve a $1.6 billion funding to the DoD. This money is allotted for the Pentagon to acquire and develop new weapons and expand its weapons base.
“We found that from 2012 to 2017, DOD testers routinely found missioncritical cyber vulnerabilities in nearly all weapon systems that were under development. Using relatively simple tools and techniques, testers were able to take control of these systems and largely operate undetected,” the GAO report stated. “In some cases, system operators were unable to effectively respond to the hacks. Furthermore, DOD does not know the full scale of its weapon system vulnerabilities because, for a number of reasons, tests were limited in scope and sophistication.”
According to GAO, testers were able to compromise weapons control systems designed to prevent adversaries from accessing to the systems. In one case, GAO said that it took a team of two testers just an hour to gain access to a weapon system and just around 24 hours to gain complete control of it.
“In one case, the test team took control of the operators’ terminals. They could see, in real-time, what the operators were seeing on their screens and could manipulate the system. They were able to disrupt the system and observe how the operators responded,” the GAO report stated.
The report highlights how vulnerable America’s weapons systems are and also raises severe concerns about the future of the nations arsenal. Given how government agencies are already grappling with the challenge of recruiting qualified cybersecurity professionals, the DoD may find addressing these issues a monumental undertaking.