Congress questions Defense Department’s cybersecurity plans
This PC World piece discusses potential vulnerability in our military’s computer infrastructure. Major concerns are the widespread use of off-the-shelf software which could easily be hacked, the fact that, with the same software used across many systems, one problem or successful attack could bring down significant protions of the network, and outsourcing software development to non-US companies and idividuals. It also brings up some of the upside to each concern, such as cost-savings, eased training, and quicker system-wide fixes.
But professor Eugene Spafford, director of the Center for Education and Research in Information Assurance and Security at Purdue University, dodged a question put to him while making a report to the House Armed Services Committee’s Subcommittee on Terrorism, Unconventional Threats, and Capabilities.
Representative Roscoe Bartlett, a Maryland Republican, asked witnesses what would happen to the U.S. military if all computer systems were knocked out. A nuclear bomb set off in the upper atmosphere could take out most communication satellites, and Bartlett questioned whether the DOD has a backup plan for such a scenario.
‘Are we just through if our computer systems don’t work?’ he asked.
Such a scenario seems unlikely, Spafford answered. ‘Taking out all the computers would be a very difficult thing to do,’ he said.
Well. Bartlett didn’t ask how difficult it was. He asked what would happen if it did. Apparently, Spafford didn’t want to answer the question. Why could that be?