Back to news

December 19, 2018 | International, C4ISR

DoD IG: Military networks are exposed to ‘unnecessary’ cyber risks

By:

The military services are exposing networks to “unnecessary cybersecurity risks” thanks in part to a lack of visibility over software application inventories, according to a Department of Defense Inspector General report.

The IG investigated whether DoD components rationalized their software applications by identifying and eliminating any duplicative or obsolete applications. Rationalizing software applications seeks to improve enterprise IT by identifying all software applications on the network; determining if existing applications are needed, duplicative or obsolete; and determining if applications already existing within the network prior to purchasing new ones.

The audit — which focused on Marine Corps, Navy and Air Force commands and divisions — found that the groups examined did not consistently perform this rationalization process. By not having visibility into software application inventories, these organizations were unable to identify the extent of existing vulnerabilities within their applications, the report found.

Moreover, such a process could lead to cost savings associated with eliminating duplicative and obsolete applications.

Fleet Forces Command was the only command the IG reviewed that had a process in place for eliminating duplicative or obsolete applications. The Air Force did not have a process in place to prevent duplication when purchasing new applications.

The report placed blame on the DoD chief information officer for not implementing a solution for software rationalization in response to Federal Information Technology Acquisition Reform Act requirements.

The IG made three recommendations for the CIO, who did not provide a response to draft recommendations:

  • Develop an enterprisewide process for conduction software application rationalization throughout DoD;
  • Establish guidance requiring DoD components to conduct rationalization and require DoD component CIOs to develop implementation guidance outlining responsibilities for rationalization. Such a policy should also require components on at least an annual basis to validate the accuracy of their owned and in use software applications inventory; and
  • Conduct periodic review to ensure components are regularly validating the accuracy of their inventory and they are eliminating duplicative and obsolete applications.

https://www.fifthdomain.com/dod/2018/12/18/dod-ig-military-networks-are-exposed-to-unnecessary-cyber-risks

On the same subject

  • European Union weighs creation of air defense shield

    June 2, 2024 | International, Land

    European Union weighs creation of air defense shield

    A Greek-Polish proposal for a bloc-funded program is looking for takers.

  • US Navy should turn to unmanned systems to track and destroy submarines

    April 14, 2020 | International, Naval

    US Navy should turn to unmanned systems to track and destroy submarines

    By: Bryan Clark Anti-submarine warfare, or ASW, is one of a navy's most difficult missions. Sonars detect submarines with only a fraction of the range and precision possible using radars or visual sensors against ships above the water. Submarines can carry missiles able to hit targets hundreds of miles away, requiring searches to cover potentially vast areas. And the torpedoes that aircraft and surface ships use to sink submarines need to be dropped right on the submarine to have any chance of sinking it. These challenges led the Cold War-era U.S. Navy to rely on a sequential approach for tracking enemy submarines. Electronic or visual intelligence sources would report when an opposing sub was leaving port, and it would hopefully get picked up by sound surveillance, or SOSUS — sonar arrays on the sea floor — as it entered chokepoints, like that between Iceland and the United Kingdom. Patrol aircraft would then attempt to track the submarine using sonar-equipped buoys, or sonobuoys, and eventually turn it over to a U.S. nuclear attack submarine, or SSN, for long-term trail. The U.S. ASW model broke down, however, in the decades following the Cold War as U.S. submarine and patrol aircraft fleets shrank, the Chinese submarine fleet grew, and Russian submarines became quieter. Today, the U.S. Navy devotes enormous effort to tracking each modern Russian submarine in the western Atlantic. During the 2000s, the strategy of full-spectrum ASW started an essential shift in goals, from being able to sink submarines when needed to being able to defeat submarines by preventing them from accomplishing their mission. Full-spectrum ASW and other current concepts, however, still rely on aircraft, ships and submarines for sensing, tracking and attacking enemy submarines to bottle them up near their own coasts or sink them in the open ocean. Although SOSUS has improved since the Cold War and is joined by a family of new deployable seabed arrays, the next link in the U.S. ASW chain is still a P-8A Poseidon patrol aircraft, an Arleigh Burke-class guided-missile destroyer, or a U.S. SSN. These platforms are in short supply around the world, cost hundreds of millions to billions of dollars to buy and cost hundreds of thousands of dollars a day to operate. With defense budgets flattening and likely to decrease in a post-COVID-19 environment, the U.S. Navy cannot afford to continue playing “little kid soccer” in ASW, with multiple aircraft or ships converging to track and destroy submarines before they can get within missile range of targets like aircraft carriers or bases ashore. The Navy should instead increase the use of unmanned systems in ASW across the board, which cost a fraction to buy and operate compared to their manned counterparts. Unmanned aircraft could deploy sonobuoys or stationary sonar arrays, and unmanned undersea or surface vehicles could tow passive sonar arrays. Unmanned surface vehicles could also deploy low-frequency active sonars like those carried by U.S. undersea surveillance ships that can detect or drive off submarines from dozens of miles away. Although autonomous platforms will not have the onboard operators of a destroyer or patrol aircraft, improved processing is enabling small autonomous sensors to rapidly identify contacts of interest. Line-of-sight or satellite communications can connect unmanned vehicles and sensors with operators ashore or on manned ASW platforms. A significant shortfall of today's ASW concepts is “closing the kill chain” by attacking enemy submarines. Air- or surface-launched weapons have short ranges and small warheads that reduce their ability to sink a submarine, but their cost and size prevents them from being purchased and fielded in large numbers. Unmanned systems could address this shortfall in concert with a new approach to ASW that suppresses enemy submarines rather than destroying them. During World War II and the Cold War, allied navies largely kept submarines at bay through aggressive tracking and harassing attacks, or by forcing opposing SSNs to protect ballistic missile submarines. The modern version of submarine suppression would include overt sensing operations combined with frequent torpedo or depth-bomb attacks. Although unmanned vehicles frequently launch lethal weapons today under human supervision, the small weapons that would be most useful for submarine suppression could be carried in operationally relevant numbers by medium-altitude, long-endurance UAVs or medium unmanned surface vessels. Moreover, the large number and long endurance of unmanned vehicles would enable the tracking and suppressing of many submarines over a wide area at lower risk than using patrol aircraft or destroyers. Today the U.S. Navy uses unmanned systems in ASW primarily to detect submarines. To affordably conduct peacetime surveillance and effectively defeat submarines in wartime, the Navy should increase the role of unmanned systems. Using manned platforms to conduct command and control, and unmanned vehicles to track, deter and engage submarines, could significantly reduce the costs of ASW operations and enable the Navy to scale its ASW efforts to match the growing threat posed by submarine fleets. Bryan Clark is a senior fellow at the Hudson Institute. He is an expert in naval operations, electronic warfare, autonomous systems, military competitions and war gaming. https://www.defensenews.com/opinion/commentary/2020/04/13/us-navy-should-turn-to-unmanned-systems-to-track-and-destroy-submarines/

  • Contracts for August 23, 2021

    August 24, 2021 | International, Aerospace, Naval, Land, C4ISR, Security

    Contracts for August 23, 2021

    Today

All news