- Ohio KKK rally met with massive counter-protest and witty signs from local businesses Saturday 5:06 PM
- Guy who said he stole drugs from MS-13 now says viral story is fake Saturday 4:07 PM
- Financial service company left 885 million private records exposed online Saturday 3:13 PM
- Sasha Obama went to prom and Twitter is delighted with the photos Saturday 2:22 PM
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Saturday 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Saturday 11:58 AM
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Saturday 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Saturday 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Saturday 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Saturday 6:30 AM
- How to watch the Copa del Rey Final online for free Saturday 5:45 AM
- How to watch the DFB-Pokal final for free Saturday 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
A report from the Government Accountability Office (GAO) found that Pentagon weapons are woefully underprepared in the face of a cyberattack. Equipment such as F-35 jets and missile systems is vulnerable to hacking.
“In recent cybersecurity tests of major weapon systems [the Department of Defense] is developing, testers playing the role of adversary were able to take control of systems relatively easily and operate largely undetected,” the report says. The agency discovered “mission-critical cyber vulnerabilities” in almost every weapon system being developed.
Many of these security issues center around the fact that so many systems and devices are connected to the internet. On many Pentagon weapons systems that use open source or commercial software programs, the organization didn’t bother changing the default passwords—a huge and very simple security faux pas. The GAO also found that the Pentagon was using poor password practices across the board, as well as unencrypted communications.
In the GAO’s investigation, it found that in one instance, a two-person team was able to hack and gain complete control of a weapons system they were testing in only one hour. In another case, a tester was able to guess an administrator password in less than 10 seconds.
At this point, the GAO isn’t making any recommendations on what the Department of Defense should do next. The organization has been warning the Pentagon about these types of weapons system security vulnerabilities for more than 20 years. One part of the issue may be that these security assessments aren’t taken seriously. Another problem is that in some cases the findings apply to classified systems, which can make it difficult to share information and knowledge.
Officials that the GAO met with, however, reported feeling that their systems are indeed secure. Some GAO test results were even discounted, believed to be unrealistic of hackers’ true abilities in the wild. This could show a dire lack of understanding about networking security that the U.S. government needs to remedy, stat.
Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.