Monday, March 20, 2006

DoD Removes Missile Defense System Report From Web Site

Security through obscurity?

Bob Brewin writes on FCW.com:

The Defense Department has removed from the DOD inspector general’s Web site a critical report that states that the network that links radar systems, missile sites and command centers for the Missile Defense Agency’s (MDA) ground-based defense system has serious flaws in the security technologies, policies and procedures needed to protect the integrity, availability and confidentiality of information on the network.

Federal Computer Week published a Web article March 16 and a follow-up print article today about the report, which states that MDA and Boeing, the prime contractor for the Ground-based Midcourse Defense (GMD) system and the GMD Communications Network (GCN) have allowed the use of group passwords on the unencrypted portion of the GCN rather than requiring individual passwords.

The report also faults MDA and Boeing for the lack of automated audit trails -- essential to catch inside or outside threats -- on the network.

More here.

0 Comments:

Post a Comment

<< Home