Oct. 12 (UPI) — Testers at the U.S. Department of Defense have found vulnerabilities in many of the military’s weapons systems, a new report by the Government Accountability Office warned Thursday.
The testers discovered critical cybersecurity flaws in “nearly all” weapons systems that were under development between 2012 and 2017, the GAO report said.
“Using relatively simple tools and techniques, testers were able to take control of these systems and largely operate undetected,” the report stated. “In some cases, system operators were unable to effectively respond to the hacks.”
The report, titled “Weapons Systems Cybersecurity: DOD Just Beginning to Grapple with Scale of Vulnerabilities,” said the full scope of the vulnerabilities is not known because tests were limited.
The study was conducted as the Department of Defense plans to spend about $1.66 trillion to develop its major weapons systems portfolio.
Thursday’s was the GAO’s first report to address cybersecurity for weapon system acquisitions, and did not make recommendations. It did stress, though, the Pentagon is already taking steps to improve security.
“DOD has recently taken several steps to improve weapon systems cybersecurity, including issuing and revising policies and guidance to better incorporate cybersecurity considerations,” the report said. “[It] has also begun initiatives to better understand and address cyber vulnerabilities.”
The analysis said the GAO, the federal government’s chief auditing agency, will continue evaluating future aspects of the military’s cybersecurity efforts.
“We are continuously strengthening our defensive posture through network hardening, improved cybersecurity, and working with our international allies and partners and our defense Industrial Base and defense Critical Infrastructure partners to secure critical information,” Pentagon spokesperson Maj. Audricia Harris told CNN.