The Pentagon’s ‘Internet of Things’ has become a huge hacking problem

( Once upon a time, at the dawn of the Internet, the Defense Department, eager to digitize its operations, moved quickly to transform its operations from paper and file cabinets to massive data clouds in the sky.

At the time it seemed like a wonderfully logical thing to do – bolster efficiency, cut down on physical space and property, and revolutionize the way the Pentagon operates.

Then came hackers. And hacking. And today, the Pentagon – like most government agencies, private corporations and civilian infrastructure – is scrambling to find ways to better protect and defend the cyber networks it quickly built to store all data from individual troops’ personnel records to the most sophisticated, advanced weapons systems.

“We are trying to overcome decades of a thought process…where we assumed that the development of our weapon systems that external interfaces, if you will, with the outside world were not something to be overly concerned with,” Adm. Michael Rogers, the head of Cyber Command, told the Senate Armed Services last week, as reported by Defense One.

“They represented opportunity for us to remotely monitor activity, to generate data as to how aircraft, for example, or ships’ hulls were doing in different sea states around the world. [These are] all positives if you’re trying to develop the next generation of cruiser [or] destroyer for the Navy,” he added.

Today, however, in an environment where these kinds of public interfaces are points of vulnerability, Rogers noted, adversaries and competitors adapt their strategies based on hacking Pentagon data, then build copycat weapons like China’s J-31 fighter, which many say is based on the F-35.

“That’s where we find ourselves now. So one of the things I try to remind people is: it took us decades to get here. We are not going to fix this set of problems in a few years,” Rogers told the senators. “We have to prioritize it, figure out where is the greatest vulnerability.”

Sen. Jeff Sessions, R-Ala., noted that the 2014 Defense Authorization Act requires all service branches to find and report to the Senate cyber vulnerabilities in their weapons and communications systems – a report that is overdue.

At the hearing, Deputy Defense Secretary Robert Work told the panel that Frank Kendall, the Defense Department’s lead weapons buyer, is currently going through nearly the entire U.S. arsenal to find out how vulnerable to hacking each one is.

“I expect this work do be done very soon,” Work said.

Such vulnerabilities amount to “a big, big problem.” Work added, “Most of the weapons systems that we have today were not built to withstand a concerted cyber threat.”

The Pentagon has a ways to go, Defense One noted, but it is making appreciable progress in winnowing hackable networks and systems, as well as protecting future weapons systems. Along with survivability on the battlefield, cyber security is now a primary performance requirement for every new weapon.

Work also talked about reducing the number of vulnerable cyber attack surfaces within the Defense Department.

“We’re going from 15,000 enclaves to less than 500,” he told the Senate panel, in reference to smaller computing networks that will be governed by a central authority. “We’re going from 1,000 defendable firewalls to less than 200, somewhere between 50 and 200.”

Have you ‘liked’ on Facebook? Click here!

Also, find other breaking stories hacking at

See also:




comments powered by Disqus