The Department of Defense’s (DoD) Office of the Director of Test and Evaluation (DOT&E) has issued a report detailing vulnerabilities in the Stryker Dragoon warfighting platform. Recommendations from the DOT&E are to ‘Correct or mitigate cyber vulnerabilities for the platform and government-furnished equipment.’
My Recommendation: Immediately pull all affected rolling stock from active utility until any contemplated investigation is completed along with full remediation and/or mitigation. Thoroughly investigate all systems with or without connectivity, and test for any form of vulnerability from standalone sabotage to suspected electronic warfare perspectives (including ‘cyberattacks’, network attacks, radio-telephony and coherent light attacks, or stand-alone one-off opportunistic aggressor-delivered attacks) utilizing both automated and non-automated code review, network packet analysis, operating system examination, et cetera. All of this accomplished with the full rigor that can be brought to bear on this problematic deployment by the most powerful defense organization on Earth. Time to get this platform squared-away before letting or most valueable assets (our warfighters) loose on these lethal machines.
*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.infosecurity.us/blog/2019/2/14/dod-releases-report-stryker-vehicles-hacked-in-nato-exercises