Well this is fun: The United States Government Accountability Office released a report today that explains, in no uncertain terms, that the majority of the nation's new-fangled, high-tech weapons systems are hilariously vulnerable to cyber attacks.
From the Washington Post:
The report by the Government Accountability Office concluded that many of the weapons, or the systems that control them, could be neutralized within hours. In many cases, the military teams developing or testing the systems were oblivious to the hacking.
A public version of the study, published on Tuesday, deleted all names and descriptions of which systems were attacked so the report could be published without tipping off American adversaries about the vulnerabilities. Congress is receiving the classified version of the report, which specifies which among the $1.6 trillion in weapons systems that the Pentagon is acquiring from defense contractors were affected.
The Government Accountability Office used a team of hackers to see what sort of shenanigans could be caused with a little bit of access and a whole lot of digital kung-fu. The results aren't a good look for America's military. In one instance, the red team that the GOA used was pitted against Pentagon personnel tasked with holding the line against cyberintrusions. The security checks that the Pentagon were easily bypassed, thanks to the use of easy-to-crack passwords and "insiders" who were familiar with the program acting as meatspace backdoors to what would normally be secure systems. It gets worse: hackers working for the GAO reported being able to watch, in real time, a system operator's every move. Everything they did on screen was observable from a remote location and, if the hackers had wanted to, they could have taken the system over. The Washington Post reports:
One team reported that they caused a pop-up message to appear on users’ terminals instructing them to insert two quarters to continue operating.
So yeah: the most powerful military force in the world is, despite recent efforts to tie off existing vulnerabilities, ill-equipped to detect or fend off against cyber attacks that could cripple many of the technological advantages that the Army, Navy, Air Force and Marines use to maintain an edge over enemy combatants.
Image via United States Air Force Academy