Oct 9, 2018

Report finds cyber vulnerabilities in U.S. military weapons systems

Photo: Brendan Smialowski/AFP/Getty Images

The Pentagon has "routinely" found mission-critical cyber vulnerabilities in most systems under development from 2012-2017, and yet, U.S. military officials still often think the Pentagon's weapon systems are secure against cyberthreats, per a Government Accountability Office report issued Tuesday.

Why it matters: The report assesses that "[a]lthough GAO and others have warned of cyber risks for decades, until recently, DoD did not prioritize weapon systems cybersecurity." This is the first report the GAO is releasing on the cybersecurity of U.S. military weapon systems acquisitions.

The big picture: Part of the problem is the Defense Department has typically focused cybersecurity efforts on networks and IT systems, not weapons systems, per GAO. But the problem of weapons systems' cybersecurity is only going to burgeon since cyberthreats are getting more sophisticated and the Pentagon’s weapon systems are becoming software-dependent and networked more than ever before, per the report.

  • The acquisitions process is part of the problem. "DOD likely has an entire generation of systems that were designed and built without adequately considering cybersecurity," the authors of the report write.
  • Reality check: Not all systems were tested for the report, so the GAO assesses the cybersecurity vulnerabilities it's reporting on today are likely just a small sampling of the overall problem.

Top vulnerabilities included poor password management and unencrypted communications, per the report.

  • Threat level: Those checking into the Pentagon’s weapon systems found that even using simple tools they could overtake systems — and do so undetected.

Go deeper

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 3 p.m. ET: 5,931,112 — Total deaths: 357,929 — Total recoveries — 2,388,172Map.
  2. U.S.: Total confirmed cases as of 3 p.m. ET: 1,711,313 — Total deaths: 101,129 — Total recoveries: 391,508 — Total tested: 15,192,481Map.
  3. States: New York to allow private businesses to deny entry to customers without masks.
  4. Public health: Louisiana Sen. Cassidy wants more frequent testing of nursing home workers.
  5. Congress: Pelosi slams McConnell on stimulus delay — Sen. Tim Kaine and wife test positive for coronavirus antibodies.
  6. Tech: Twitter fact-checks Chinese official's claims that coronavirus originated in U.S.
  7. What should I do? When you can be around others after contracting the coronavirus — Traveling, asthma, dishes, disinfectants and being contagiousMasks, lending books and self-isolatingExercise, laundry, what counts as soap — Pets, moving and personal healthAnswers about the virus from Axios expertsWhat to know about social distancingHow to minimize your risk.
  8. Other resources: CDC on how to avoid the virus, what to do if you get it, the right mask to wear.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Updated 27 mins ago - Politics & Policy

Twitter fact-checks Chinese official's claims that coronavirus originated in U.S.

Chinese Foreign Ministry spokesman Zhao Lijian. Photo: Greg Baker/AFP via Getty Images

Twitter slapped a fact-check label on a pair of months-old tweets from a Chinese government spokesperson that falsely suggested that the coronavirus originated in the U.S. and was brought to Wuhan by the U.S. military, directing users to "get the facts about COVID-19."

Why it matters: The labels were added after criticism that Twitter had fact-checked tweets from President Trump about mail-in voting, but not other false claims from Chinese Communist Party officials and other U.S. adversaries.

Podcast: Trump vs. Twitter, round two

President Trump is escalating his response to Twitter’s fact check of his recent tweets about mail-in voting, issuing an executive order that's designed to begin limiting social media's liability protections. Dan digs in with Axios' Margaret Harding McGill.

Go deeper: Twitter vs. Trump... vs. Twitter

2 hours ago - Politics & Policy