Security Flaws Could Cripple Defense Network

userexec wrote to mention an FCW.com article about the uninspiring future for the Missile Defense System's software. The developers are apparently very worried about poor information security on the project. From the article: "The report said that neither MDA nor Boeing officials saw the need to install a system to conduct automated log audits on unencrypted communications and monitoring systems. Even though current DOD policies require such automated network monitoring, such a requirement 'was not in the contract.' The network, which was also developed to conform to more than 20-year-old DOD security policies rather than more recent guidelines, lacks a comprehensive user account management process, the report said. Neither MDA nor Boeing conducted required Information Assurance (IA) training for users before they were granted access to the network, the report stated. "

Re:This is bad.

[Zeinfeld]

Someone's head is going to roll over this one. The military has been really tight on network security lately, even with contractors. A hole as big as this is simply unacceptable.

Why is anyone going to care about a weapon system everyone knows is a dud anyway?

The system has never once demonstrated that it works, every single test has either failed outright or been rigged. The only reason the program exists at all is to hand out taxpayer money to campaign contributors.

Re:This is bad.

A hole as big as this is simply unacceptable.

I doubt it. I mean, really, no level of failure or malfeasance in the missle shield project has dissuaded or concerned U.S. politicians one bit since it was first proposed. Why start now?

Not Surprised

[musicon]

I'm not surprised in the slightest by the "revelation" in this FA.

• For profit companies will always take the quickest, least expensive option available (in that order), even if it's not the correct decision.
• Contract companies love to say "that's not in the contract, but we'd be happy to renegotiate and do it for $x."

Re:Not Surprised

[Gyorg_Lavode]

Actually, what they say is "we'd love to do it. Now we need X man hours to develop that price for you."

Re:It's always a waste of money, until it works...

[prurientknave]

No reason to get defensive from profiting a little bit from pork barrel politics. Everyone else is doing it, might as well get a piece of it while the getting is good. When I was working at parsons you should've seen the number of billable hours that were being pushed on the MTA for a terrorism vulnerability audit for what amounted to reading, highlighting and summarizing their existing procedures.

Reports been pulled

[Gyorg_Lavode]

Anyone realize that the report was pulled off the IG's website? It was 06-53 according to google. Now it's gone.

Re:It's always a waste of money, until it works...

[John+Newman]

And the thousands of American scientists, engineers, technicians and support staff that design and work on these systems. Based on comments like this, you'd think that the government is stuffing shells full of cash and launching them at the enemy. Where do you think these "weapon systems" are designed and built?

True, but one can argue that at least a few of those scientists, engineers, technicians and support staff who are on the government dole building weapons could be better put to use creating new energy sources, curing diseases, advancing our understanding of the universe, etc. Every engineer employed by federal money to study a cutting-edge aspect of missle-defense mechanics is one fewer biologist or doctor funded by federal money to cure cancer. And right now there are many, many more of the former than the latter. Yeah, in a perfect world we'd fund both. But the reality is that defense spending is still booming while the NIH budget (barely a rounding error on the DoD budget anyway) is actually shinking in real terms.