New Pentagon weapons systems easily hacked: report

October 9, 2018
US Air Force F-22 Raptor: a government report says the Pentagon's weapons systems currently under development are highly vulnerable to hackers

New US weapons systems being developed by the US Department of Defense can be easily be hacked by adversaries, a new government report said on Tuesday.

The Government Accountability Office said the Pentagon was unaware of how easy it could be for an adversary to gain access to the computer brains and software of the weapons systems and operate inside them undetected.

The weak points began with poor password management and unencrypted communications, it said.

But it said access points for the systems continued to grow in number and are not always well-understood by the operators themselves, leaving even non-networked systems deeply vulnerable.

More critically, the faulted the US military for not incorporating into the design and acquisition process for the computer-dependent weapons, and said weapons developers often did not themselves adequately understand cybersecurity issues.

"Due to this lack of focus on weapon systems cybersecurity, DOD likely has an entire generation of systems that were designed and built without adequately considering cybersecurity," the GAO said.

"In one case, it took a two-person test team just one hour to gain initial access to a and one day to gain full control of the system they were testing," it said.

In another case, it said, the test team gained control of the terminals of the system's operators.

"They could see, in real-time, what the operators were seeing on their screens and could manipulate the system."

The public, unclassified version of the report did not identify which arms systems it had tested and found faults with, citing the need for secrecy.

But it said that between 2012 and 2017, the Defense Department's own testers "routinely" found dangerous cyber vulnerabilities in "nearly all" under development.

"Using relatively simple tools and techniques, testers were able to take control of these systems and largely operate undetected. In some cases, system operators were unable to effectively respond to the hacks," it said.

The risk rises as Pentagon weapons and other systems are increasingly interconnected and their dependence on software and networking continues to rise.

The report came as the US wrestles with what it sees as concerted efforts by government-backed hackers in Russia and China to permeate government and private sector computer networks to steal data or simply wreak havoc.

Explore further: Why 50,000 ships are so vulnerable to cyberattacks

Related Stories

Why 50,000 ships are so vulnerable to cyberattacks

June 14, 2018

The 50,000 ships sailing the sea at any one time have joined an ever-expanding list of objects that can be hacked. Cybersecurity experts recently displayed how easy it was to break into a ship's navigational equipment. This ...

Recommended for you

In colliding galaxies, a pipsqueak shines bright

February 20, 2019

In the nearby Whirlpool galaxy and its companion galaxy, M51b, two supermassive black holes heat up and devour surrounding material. These two monsters should be the most luminous X-ray sources in sight, but a new study using ...

Research reveals why the zebra got its stripes

February 20, 2019

Why do zebras have stripes? A study published in PLOS ONE today takes us another step closer to answering this puzzling question and to understanding how stripes actually work.

When does one of the central ideas in economics work?

February 20, 2019

The concept of equilibrium is one of the most central ideas in economics. It is one of the core assumptions in the vast majority of economic models, including models used by policymakers on issues ranging from monetary policy ...

Correlated nucleons may solve 35-year-old mystery

February 20, 2019

A careful re-analysis of data taken at the Department of Energy's Thomas Jefferson National Accelerator Facility has revealed a possible link between correlated protons and neutrons in the nucleus and a 35-year-old mystery. ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

antialias_physorg
5 / 5 (2) Oct 10, 2018
the report faulted the US military for not incorporating cybersecurity into the design and acquisition process for the computer-dependent weapons

Seriously? 600bn$ a year and they go "Oh well, cybersecurity ain't important, let's spend the money on shiny uniforms"?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.