DoD Audit Finds Cybersecurity Failures in BMDS

On December 10, the U.S. Department of Defense (DoD) Inspector General released a report, detailing cybersecurity shortcomings of the U.S. Ballistic Missile Defense System (BMDS). The audit found that the system’s software and hardware are at risk of being attacked or infiltrated to gain access to classified information. In the report, the Inspector General noted that security controls like multifactor authentication, vulnerability assessment and mitigation, server rack security, and encryption of technical information were not used, leaving the system exposed to internal and external attacks. Reports indicate a number of these issues were discovered several years ago. The new DoD report’s recommendations directed the CIOs at various BMDS facilities to fix the issues and follow the federal cybersecurity requirements. The office of the Inspector General has requested the Director, Commanding General, Commander, and CIO to comment on the report by January 8.