Buried deep within the pages of Senate report 113-044 are made mention of certain “vulnerabilities” of the Department of Defense weapons systems and tactical communications systems to cyber threats and attack, which the Pentagon recently refused to discuss when asked about them on May 16, 2014.
They read as follows:
“The committee recommends a provision that would require the Secretary of Defense, within 180 days of the enactment of this Act, to report to the congressional defense and intelligence committees on the capability of each military service to operate in a hostile cyber environment.
The report would be required to provide an assessment of the cyber threats to major weapons systems and tactical communications systems that could emerge within the next 5 years; an assessment of the cyber vulnerabilities of major weapons systems and tactical communications systems; a description of the current strategy to defend against battlefield cyber attacks; and an estimate of the costs to correct the vulnerabilities in the future.
The Department of Defense (DOD) has layered defenses for its desktop computers, laptops, servers, data centers, and backbone networks, including endpoint or host-based defensive systems, such as the Host-Based Security System (HBSS). Tactical networks, and the software elements of battlefield weapons systems, lack such protections.
Such tactical systems are less readily accessible than the main DOD networks and computing equipment, and utilize more custom software, but in principle, they can be accessed and subverted through wireless communications means or through other wireless apertures, test equipment or other removable media, and through supply chain compromise. In important respects, battlefield cyber warfare is closely related to traditional electronic warfare. It is critically important for DOD to prepare for this type of conflict.
As highlighted in a January 2013 report by the Defense Science Board, DOD’s dependence upon networked systems and components serves as “a magnet to U.S. opponents’ and if left un-addressed, threatens our core warfighting capabilities. Every critical system from ground vehicle electronic systems and next generation aircraft to satellites and missile defense systems must be assessed to ensure that critical warfighting capabilities are not undermined and that the same level of emphasis placed on developmental and operational security in the physical domain be adequately addressed and applied in the cyber domain.”
Source: Senate Report 113-044 National Defense Authorization Act for Fiscal Year 2014 Report (To Accompany S.1197) on to Authorize Appropriations for Fiscal Year 2014 For Military Activities of the Department of Defense and for Military Construction, to Prescribe Military Personnel Strengths for Fiscal Year and for other purposes together with additional views – Congressional Record, section 941, Cyber Space related matters (unclassified).