Profile picture
Catalin Cimpanu @campuscodi
, 10 tweets, 4 min read Read on Twitter
DOD reports finds no data encryption, no antivirus programs, no multifactor authentication mechanisms, and 28-year-old unpatched vulnerabilities in the US' ballistic missile system

zdnet.com/article/us-bal…
I ain't kidding. The report found that DOD officials hadn't applied a patch released back in 1990. Talk about lazy patching.
Report also found that some employees had access to ballistic missiles network even if they failed to turn on multifactor authentication for almost seven years. At one site, IT admins didn't even bother too configure the network to work with MFA.
Some ballistic missile bases also didn't bother with locking data center and server rack doors.... because why not
Hell... at another base they didn't lock the server rack even if there was a sign on the door telling them to keep it locked at all times
DOD employees also didn't encrypt data on removable media.... because nobody loses USB thumb drives, ever.... except me...
Audit took place at five of the 104 ballistic missile bases. At one of the audited bases, they didn't even use an antivirus/security software.

Good thing they redacted the report. Otherwise all APT ever known to mankind would be targeting that base starting tomorrow.
Physical security is just as bad as cyber-security. For example, some door sensors showed doors as closed, but were not. Surveillance cameras didn't cover all the base, and personnel didn't challenge people entering bases without proper badges.
All of a sudden those 007 movies don't look so dumb anymore
Remind you, this is the ballistic missile system meant to protect the US by intercepting enemy nuclear rockets. This isn't a military garage in Maui that nobody cares about. You know, the missile system that Putin has been raging against for a decade. Calling it a threat.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Catalin Cimpanu
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!