Pentagon to focus more on hack-proofing weaponsReprints
(Reuters) — Cyber attacks on U.S. weapons programs and manufacturers are a “pervasive” problem that requires greater attention, the top U.S. arms buyer said Thursday, saying that he would add cyber security to the Pentagon’s guidelines for buying weapons.
“It’s about the security of our weapons systems themselves and everything that touches them. It’s a pervasive problem and I think we have to pay a lot more attention to it,” Defense Undersecretary Frank Kendall told Reuters after a speech to the American Society of Naval Engineers in Washington.
Mr. Kendall said he planned to add cyber security to the next phase of his “better buying power” initiative, and was also working on a special section on cyber security requirements to be added to the Pentagon’s guidelines for buying weapons.
President Barack Obama’s fiscal 2016 budget proposal requested $14 billion for cyber security efforts to better protect federal and private networks from hacking threats, including $5.5 billion for the Pentagon alone.
The Defense Department’s chief weapons tester told Congress in January that nearly every U.S. weapons program showed “significant vulnerabilities” to cyber attacks, including misconfigured, unpatched and outdated software.
Mr. Kendall echoed those concerns on Thursday and said he was trying to raise awareness about what he described as a “big problem” that affected the Pentagon and all layers of industry, including the larger supply chain involved in weapons systems.
Increased funding and focus on cyber security could result in more work for Lockheed Martin Corp., General Dynamics Corp. and other firms that already play a big role in cyber security, encryption and analysis for government agencies.
Mr. Kendall said some measures had already been adopted to defend U.S. weapons systems and the companies that build them against escalating cyber attacks, but more work was needed.
In January, when Mr. Kendall released the latest version of the Pentagon’s acquisition guidelines, called Department of Defense Instruction 5000.02, he said he had started work on a new section to deal with designing for and managing cyber security.
Details of the new section have not been released.
Mr. Kendall told the conference that the latest version of his Better Buying Power initiative would be released later this month. It too will included a section on cyber security, he said.