DoD attempts to address the vulnerabilities on its networks have been numerous, but fragmented, the report noted. As a result, the military is simply not prepared to meet the cyber threats that are ranged against it. In recent penetration tests and mock attacks, U.S. Army "red teams" have been able to very easily penetrate and disrupt Army networks.
"Typically, the disruption is so great, that the exercise must be essentially reset without the cyber intrusion to allow enough operational capability to proceed," the report said. The demonstrations showed that many DoD systems are likely going to be unable t owithstand even a "modestly aggressive cyberattack."
The report offers several recommendations on what the government and the military need to do to address the problems. Among them is the need for a strong deterrent capability in cyberspace, the development of a strong incident response capability based on a thorough understanding of an adversary's cyber capabilities, and the need for robust cyber offensive capabilities.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His email address is firstname.lastname@example.org.
Read more about cyberwarfare in Computerworld's Cyberwarfare Topic Center.