// Small NEWS // The Arsenal Of the US Army Is Riddled With Security Breaches!
Default passwords, deactivated encryption, ineffective detection systems… An official report is alarmed by the lack of security of the military devices and by the free-and-easy attitude of the officers.
Every year, the United States spend hundreds of the billion’s dollars in their military forces. A budget of 1.600 trillion is even planned to renew the armament from top to bottom in the next years, what should ensure this country's role of superpower. But still this money must be really spent wisely.
In a report that appeared Tuesday, the US Government Accountability Office (GAO) considers that Donald Trump's armaments systems are riddled with computer security breaches.
The agency arrives to this conclusion having peeled the army's test reports from 2012 to 2017. "Almost all the main acquisition programs tested on the operational plan between 2012 and 2017 had critical cyber-vulnerabilities which opponents could exploit to compromise a mission", we can read in the report.
The found weaknesses are sometimes of a surprising simplicity, starting with passwords. The military systems also integrate commercial or open source software, and default passwords are not systematically replaced. A beginner's error. In a case, for example, testers managed to guess an administrator password within nine seconds.
In other cases, testers managed to penetrate a system and to stay there for weeks without being detected and that, without paying particularly attention to the tracks they left…
In still other cases, Intrusion Detection Systems (ISD) have been successful in identifying a malicious presence, but users were not able to interpret the alerts. The reason is sometimes due to a bad configuration of the IDS which generated alerts permanently, reducing to nothing its utility.
In some armament systems, the encryption also leaves something to be desired. It allows the testers to intercept sensitive data such as administrators' identifiers. What allowed them to move forward even further in the network put to the test.
The reality is the even worse
The GAO is even more pessimistic that, according to him, these dysfunctions represent only a fraction of the reality. He considers that the tests made by the army were too limited in time and in quality to really cover the whole spectrum of cybersecurity.
Audit reports would only show the tip of the iceberg. And it does not risk stopping given that the military technologies incorporate more and more computing, which mathematically increases the attack surface.
Another problem would be the army’s posture and its hierarchy which, according to the GAO, makes a denial of the reality. Despite bad tests results, the persons in charge tend to minimize the IT security problems, by arguing that the tests are not made in real conditions.
An attitude that could show itself fatal against a well-trained opponent in the field of computer fight…
I've made a lot of articles with tools, explanations and advises to show you how to protect your privacy and to secure your computer, GO check them out!
This is my guide to secure your PC after a fresh installation of Windows
If you think that your phone or your PC has been hacked, you have to check it right now!
That's how you can be more Anonymous on the internet!
These are the best VPN to protect your numeric life: NordVPN, ExpressVPN and CyberGhost!
Your PC is slow? That's why!
You Feel hot? Your computer also!
How an adware works?
That's how you should guard against Trojan!
What are the different types of hackers?
So interesting... An eye opener... Thank you
Congratulations,
you just received a 14.19% upvote from @steemhq - Community Bot!
Wanna join and receive free upvotes yourself?
Vote for
steemhq.witnesson Steemit or directly on SteemConnect and join the Community Witness.This service was brought to you by SteemHQ.com