Hackers can easily hack major US weapons systems

World

10 Oct 2018

US-govt report: Major US weapons systems can be easily hacked

In an era where the very nature of warfare is shifting towards the digital, cybersecurity of increasingly-automated and software-based weapons systems ought to be a priority.

Yet, it seems this point had escaped the US Department of Defense (DoD) - a report by a US government agency has found that it's extremely easy to hack an entire generation of US weapons systems.

Here's more.

Overview

The overview of the US GAO's findings

The overview of the US GAO's findings

The US Government Accountability Office (GAO) was tasked with reviewing the state of cybersecurity of DoD weapons and reported extremely worrying findings, not just for the US government, but also for the rest of the world.

The report found that hackers were able to digitally hijack a multitude of "major weapons systems" within an hour!

What's more? They could do so while remaining undetected.

Testing

How the GAO carried out the tests

To test vulnerabilities, the GAO had ethical hackers pose as adversaries.

What they found was that these hackers were able to bypass security of several weapons systems with relative ease, and could do so largely undetected owing to "basic issues such as poor password management and unencrypted communications".

The tests covered only a fraction of weapons systems, and many more vulnerabilities could be abound.

Love World news?

Stay updated with the latest happenings.

Yes, notify me

Other details

Hackers could manipulate all software-enabled weapons functions

Understandably, owing to national security reasons, the GAO report left out crucial details including the specific list of weapon systems that are currently vulnerable to cyber attacks.

However, it noted that software-enabled functions like the powering on/off of a system, missile targeting, auto-pilot, an aircraft's oxygen levels etc. could all be manipulated by hackers in the instance of a successful cyber attack.

Threat

Cyber-threats to weapons systems poses a threat to global security

This is particularly pertinent, considering that automation and connectivity have become an indispensable part of modern weapon systems, and DoD weapon systems are increasingly becoming software-dependent and networked.

Given this reality, the possibility of weapon systems being compromised poses a massive threat to global security insofar as a hacker-controlled rogue weapons system could trigger hostilities, and even war, by carrying out unwarranted attacks.

Warnings

For decades, the GAO's warnings about cybersecurity weren't heeded

For decades, the GAO's warnings about cybersecurity weren't heeded

In its report, the GAO further notes that it had, for decades, warned the DoD about the importance of cybersecurity but that those warnings were left largely unheeded, until recently.

However, the late realization on part of the DoD has its consequences - the department is still in the process of determining how best to address the vulnerabilities found by the GAO report.

DoD efforts

The DoD has, of late, taken steps to address cybersecurity

That said, the DoD has, of late, taken several steps to bring its weapons systems' cybersecurity up to the mark.

Directed by the Congress, the DoD has initiated fresh efforts to understand the scope and nature of cybersecurity threats and address cyber vulnerabilities.

It has also started issuing new guidelines, and revising old guidelines pertaining to the cybersecurity.

But, is it already too late?

Editor's note

The laxity on part of the DoD is inexcusable

The laxity on part of the DoD is inexcusable

Considering the GAO's warnings, the laxity on part of the DoD is simply inexcusable.

For a country that has the world's largest military spending budget, and plans to spend an astronomical $1.66 trillion to develop its current portfolio of weapons systems, the US' short-sightedness in matters of weapons system cybersecurity reeks either of complete incompetence or wilful ignorance.

Share this timeline

Cyber Attack

Hacking

US Defense

DoD

Major US

US

US Department

US Department of Defense

US GAO

US Government Accountability Office

Share this timeline

Ask NewsBytes
User Image

Next Timeline