Security Controls at DoD Facilities for Protecting Ballistic Missile Defense System Technical Information
Inspector General, U.S. Department of Defense
DODIG-2019-034
Dec. 10, 2018
A security audit of the US ballistic missile defense system found very serious cyber-security failings at five missile defense installations, including no data encryption, no multifactor authentication mechanisms, no antivirus programs and even 28-year-old unpatched vulnerabilities.

These revelations are contained in this report released Dec. 14 by the US Department of Defense Inspector General (DOD IG).

The report was completed in April, after DOD IG officials inspected five random locations where the Missile Defense Agency (MDA) had placed ballistic missiles part of the Ballistic Missile Defense System (BMDS) --a DOD program developed to protect US territory by launching ballistic missiles to intercept incoming enemy nuclear weapons.

The report’s major conclusion is that "the Army, Navy, and MDA did not protect networks and systems that process, store, and transmit BMDS technical information."


Full text
44 PDF pages




prev next