DoD: U.S. ‘Vulnerable to Deadly Missile Attacks’ Due to Ballistic Missile Defense Cyber Weaknesses By Phil Baker

https://pjmedia.com/homeland-security/dod-u-s-vulnerable-to-deadly-missile-attacks-due-to-ballistic-missile-system-cyber-weaknesses/

We’re constantly reading about cybersecurity weaknesses and cyber break-ins at our banks, department stores, and large corporations. The results include disclosure of our credit card numbers, social security numbers, and other personal information. But cybersecurity breakdowns can have much more ominous results, as a Department of Defense report reveals.

Serious cybersecurity flaws have been found in the U.S. ballistic missile defense system (BMDS). These flaws were found to put at risk our ability to defend ourselves if we are attacked by an enemy with an intercontinental ballistic missile (ICBM).

In the report filed on December 10 by the inspector general (IG) for the Department of Defense, it was disclosed that a number of security issues were found with the networks that process, store, and transmit both the classified and unclassified technical information related to our ballistic missile defense systems. The issues include access to removable storage media that contains classified information, weak password controls, failures to encrypt technical information transmission, and problems in detecting intrusions — all relating to BMDS.

The report, which is full of redactions, can be viewed here. It reads in part:

We determined that officials from the (redacted) did not consistently implement security controls and processes to protect BMDS technical information. Specifically, (redacted) network administrators and data center managers did not:

  • require the use of multifactor authentication to access BMDS technical information at the (redacted)

  • identify and mitigate known network vulnerabilities at three of the five Components visited

  • lock server racks at the (redacted)

  • protect and monitor classified data stored on removable media at the (redacted)

  • encrypt BMDS technical information transmitted between (redacted)

  • implement intrusion detection capabilities on classified network

  • require written justification as a condition to obtain and elevate system access for users at the (redacted)

The report notes, “We determined that officials did not consistently implement security controls and processes to protect BMDS technical information and facility security officers did not consistently implement physical security controls to limit unauthorized access to facilities that managed BMDS technical information.” As a result, “The disclosure of technical details could allow U.S. adversaries to circumvent BMDS capabilities, leaving the United States vulnerable to deadly missile attacks,” the report explained. CONTINUE AT SITE

Comments are closed.