Get Task & Purpose in your inbox
WASHINGTON — Defense Department employees have procured thousands of printers, cameras and computers that carry known cybersecurity risks, and the practice may be continuing, according to an audit released Tuesday by the Pentagon's inspector general.
More than 9,000 commercially available information technology products bought in fiscal 2018 could be used to spy on or hack U.S. military personnel and facilities, the report said. Without fixing oversight of such purchases, more risks lie ahead, potentially including perils for top-dollar weapons that use such "commercial-off-the-shelf" or COTS devices.
Defense Secretary James Mattis announced last month that his department would be standing up a new task force to make recommendations about securing the defense industrial base from cyber attack. This comes after a Chinese company was charged with attempting to steal trade secrets from a leading U.S. chip manufacturer.
Over the last six months, the government has released a series of strategic documents and executive orders that have led some to conclude that the gloves are off when it comes to deploying offensive cyber capabilities.
Sometime between May and July, 143 million Americans had their personal financial information exposed when Equifax — one of the nation’s top credit reporting agencies — experienced an online security breach. Experts now warn the hack, which became public on Sept. 7, could disproportionately impact active-duty service members who are especially vulnerable to identity theft.