U.S. Army Finds Its New Communications Network Is Vulnerable to Hackers by Aaron Pressman.
From the post:
The U.S. Army’s new $12 billion mobile communications system remains vulnerable to hackers, according to a recent assessment by outside security experts, prompting a series of further improvements.
Already in use in Iraq and Afghanistan, the Warfighter Information Network-Tactical Increment 2, or WIN-T, system is supposed to allow for protected voice, video, and data communications by troops on the move. In June, General Dynamics won a $219 million order for communications systems to go in more than 300 vehicles.
Government overseers have regularly criticized cyber security features of WIN-T in reports over the past few years, prompting an outside review by Johns Hopkins University and the Army Research Laboratory. The public reports do not disclose specific vulnerabilities, however.
…
Do you appreciate the use of “finds” rather than “admits to” flaws in their $12 billion mobile communication center?
Public reports not “…disclos[ing] specific vulnerabilities” was very likely in the interest of saving space in the reports.
Or as noted in the DOE&T report on the WIN-T:
WIN-T Increment 2 is not survivable. Although improved, WIN-T Increment 2 continues to demonstrate cybersecurity vulnerabilities. This is a complex challenge for the Army since WIN-T is dependent upon the cyber defense capabilities of all mission command systems connected to the network. (Emphasis added.) at page WIN-T 156.
Listing all the vulnerabilities of the WIN-T Increment 2 or Increment 3, would be equivalent to detailing all the vulnerabilities of the Sony network.
Interesting in a cataloging sort of way but only just.
Besides, its more sporting to challenge hackers to find vulnerabilities in WIN-T Increment 2 or Increment 3 without a detailed listing.
PS: Talk about an attack surface: General Dynamics Receives $219 Million for U.S. Army’s WIN-T Increment 2 Systems
General Dynamics Mission Systems and more than 500 suppliers nationwide will continue to work together to build and deliver WIN-T Increment 2 systems, the Army’s “Digital Guardian Angel.”
That doesn’t include all the insecure systems that tie into the WIN-T.
Maybe they will change the acronym to RDS – Rolling Digital Sieve?