In a 2018 report by the Pentagon’s Office of the Director of Test and Evaluation, it was revealed that the US Army’s enhanced and up-gunned Stryker has cyber vulnerabilities that have been successfully exploited. Whether those vulnerabilities were used by an actual opponent or by a simulated group such as the Army’s own Cyber teams as part of a training exercise is unclear. What is surprising is that the report mentions it all, though we can probably assume that the vulnerabilities have since been patched out or otherwise covered as revealing the existence of such weaknesses wouldn’t happen normally. The report does note that the attacks took advantage of vulnerabilities that existed before the Stryker received the upgrades that transformed some of them into Stryker Dragoons and have existed before 2015.
US Military systems are increasingly advanced and cutting edge, as the United States seeks to overcome potential differences in material quantity though extreme quality. Every unit in the US military hits above its weight by integrating all of them into a cohesive force that has the visibility and resilience of all in the network. This creates the same weak spot that comes from Internet of Things (IoT) devices, a network is only as strong as its weakest member and there are hundreds, if not thousands, of programs and devices that work together.
The use of the word “adversary” lends more weigh towards the attack being a real one, as “adversary” is usually used to describe an actual military opponent instead of just a training exercise. The details of the report by the DoT&E are classified, so we can’t say either way whether or not it was real or simulated; however, we can note that US forces are under electronic assault in their current deployments. Russia, China, and North Korea have all worked to develop their Electronic Warfare (EW) capabilities in recent years as it became increasingly clear that the United States and its allies were going to focus more and more on technologically advanced weapons. EW allows a small force to become increasingly dangerous as it disables, distorts, or destroys enemy capabilities and the US is no stranger to developing its own EW weapons. The design of the F-22 Raptor is one that allows the elusive fighter to slip through radar nets and remove them before they can spot larger and more weapon-laden targets, and the Aegis system found on Arleigh Burke cruisers is designed to cut through EW and provide information access to allied forces at large.
The Pentagon report highlights how important information and the protection of it is as cyber warfare becomes more prevalent and the risk of ignoring it becomes more pronounced.
Max is a Legal Assistant and author residing in the Philadelphia area He has been writing for AskCyberSecurity.com since early 2017.