Cybersecurity

Cyber red teams find DOD systems tougher to crack

The Pentagon (Photo by Ivan Cholakov / Shutterstock) 

A Pentagon watchdog noted improvements in cyber capabilities but worried that adversaries are improving their attacks faster than defenders are shoring up their systems.

In a Jan. 31 report, the Office of the Director, Operational Test and Evaluation shared the results of 50 cybersecurity assessments of combatant commands and the military services.

The report found that despite improvements in penetrating network defenses and maintaining access, missions and systems continued to be at risk of cyber intrusions in acquisition programs, and previously unknown vulnerabilities kept popping up.

"There were an increasing number of instances where the cyber red teams employed during DOT&E assessments experienced greater difficulty in penetrating network defenses or maintaining previously acquired accesses," the director Robert Behler wrote in the report.

"These improvements are both noteworthy and encouraging, but we estimate that the rate of these improvements is not outpacing the growing capabilities of potential adversaries, who continue to find new vulnerabilities and techniques to counter the fixes and countermeasures by DOD defenders."

Behler noted that the DOD's red teams themselves are under-resourced and suggested that their results might impart a false sense of confidence to system owners across the Defense Department.

The report stated that "realistic demonstrations" of advanced, multipronged cyberattacks "have yet to become routine" across the DOD.

In an overview of its operations, DOT&E reported that assessments of legacy weapons systems considered resistant to cyberattack by virtue of their age identified possible avenues of attack in more recent updates that were not part of the original design.

Additionally, trust relationships between different command networks allowed red team operatives to proceed from one network to another. "Trust relationships are critical to the operational support relationships between separate warfighter commands, but they

must be designed and monitored to prevent mission impacts by adversaries," the report stated.

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at lwilliams@fcw.com, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.