(DoD photo by Master Sgt. Ken Hammond, U.S. Air Force.)

Cybersecurity Controls on Ballistic Missile Defense System ‘Not Implemented,’ Reports DoD Inspector General

Security controls for Department of Defense networks and systems containing Ballistic Missile Defense System (BMDS) technical information on classified networks were not implemented, according to a new report from the DoD Inspector General. The IG visited five of the 104 DoD facilities around the world that manage BMDS technical information and identified numerous internal control weaknesses to networks and systems.

“We determined that officials from the did not consistently implement security controls and processes to protect BMDS technical information,” the IG report states. “The report identified systemic weaknesses at the contractor locations concerning network access, vulnerability management, and the review of system audit logs.”  

ICYMI: Hackers Launching 480 New Malware Attacks Per Minute, Surge in IoT Device Targeting

On April 14, 2016, then-Missile Defense Agency Director Vice Adm. James Syring testified before the House Armed Services Subcommittee on Strategic Forces, expressing concern about the potential threat to systems containing BMDS technical information. Consequently, the fiscal year 2017 National Defense Authorization Act directed the DoD IG to conduct the audit.

The audit found network administrators and data center managers did not:  

  • Require the use of multi-factor authentication to access BMDS technical information
  • Identify and mitigate known network vulnerabilities at three of the five components visited  
  • Lock server racks
  • Protect and monitor classified data stored on removable media
  • Encrypt BMDS technical information
  • Implement intrusion detection capabilities on classified network

READ THE FULL REPORT HERE

Multimedia journalist James Cullum has reported for over a decade to newspapers, magazines and websites in the D.C. metro area. He excels at finding order in chaotic environments, from slave liberations in South Sudan to the halls of the power in Washington, D.C.

Leave a Reply

Latest from Cybersecurity

Go to Top
Malcare WordPress Security