The Internet of Things is supposed to make life easier. For the Pentagon, the quintessential early adopter, it has made life much harder.
Once upon a time, very smart people in the Pentagon believed that connecting sensitive networks, expensive equipment, and powerful weapons to the open Internet was a swell idea. This ubiquitous connectivity among devices and objects — what we now call the Internet of Things — would allow them to collect performance data to help design new weapons, monitor equipment remotely, and realize myriad other benefits. The risks were less assiduously catalogued.
That strategy has spread huge vulnerabilities across the Defense Department, its networks, and much of what the defense industry has spent the last several decades creating.
“We are trying to overcome decades of a thought process…where we assumed that the development of our weapon systems that external interfaces, if you will, with the outside world were not something to be overly concerned with,” Adm. Michael Rogers, the commander of Cyber Command, told the Senate Armed Services Committee today. “They represented opportunity for us to remotely monitor activity, to generate data as to how aircraft, for example, or ships’ hulls were doing in different sea states around the world. [These are] all positives if you’re trying to develop the next generation of cruiser [or] destroyer for the Navy.”
But in a world where such public interfaces are points of vulnerability, Rogers said, adversaries develop strategies based on stealing Pentagon data, and then fashion copycat weapons like China’s J-31 fighter, which many call a cheaper cousin to the F-35.
“That’s where we find ourselves now. So one of the things I try to remind people is: it took us decades to get here. We are not going to fix this set of problems in a few years,” Rogers told the senators. “We have to prioritize it, figure out where is the greatest vulnerability.” (end of excerpt)
Click here for the full story, on the Defense One website.