Hacker News new | past | comments | ask | show | jobs | submit login

Some are air gapped, allot of them are not actually accessible over the internet but just go over mixed infrastructure (which makes them vulnerable to some attacks), but also allot of these networks are have to be accessible over the internet by soldiers, civilian workers, contractors etc.

It's not like the nuclear launch system is accessible over the internet, but for example the procurement and logistical system is because it's the only real way to assure that every contractor and supplier can easily access it, as well as every logistical unit in the armed forces can easily access it from everywhere not just the few bases that would be hard wired to connect to the pentagon.

It's really easy to come and say just air gap things but when you have networks that span not only an entire country but the entire globe that need to be accessible to millions of people from both the military and the public sector you can't just do it.




Lay your own cables. Really.


It's not that simple, and are you going to lay your cables to every contractor and supplier? many of which can be fairly small niche businesses?

Military networks are fairly secured, while the article does bring a few interesting anecdotes it's quite hyperbolic.

Also I would like to point out that every big hack today, especially those from state actors used fairly common and even "outdated" attacks and vulnerabilities, they were masterfully executed but it's not like they used some super new exploits and attack vectors that no one heard of before.

Military doctrines take time to develop, even in "cyber warfare", military computer systems also don't tend to be the latest and greatest as far as hardware and software goes but they are often reliable.

Building defenses around what you know and what your attackers are able to do is a good strategy, knowing when and what to airgap and what to protect is also critical because not every military network is secret nor critical. You focus your resources on an effective strategy the 80–20 rule applies even to military and defense networks.


That only adds a small amount of physical security. Much more security can be achieved by using cryptography.


Except when it doesn't and hackers waltz in - anything connected is vulnerable .


A large network by definition cannot be air gapped.

I'm sure if you are able to design a network spanning the continental US, Hawaii, Alaska, US Territories, US bases around the globe, allowing both military personnel, civilian workers, contractors and suppliers to securely connect to it while being both economical on any order of magnitude close to the current cost and being effectively "air gapped" and secure the pentagon would award you a contract to build it in a heartbeat.

Until then let's all stop being literally arm chair generals and assume that while it surely has allot of room for improvement someone at the pentagon might just know what they are doing and they are doing the best as they can or fairly close to it considering all the constraints they have to operate against.


It's far easier to just tap the cables than break TLS. How many times has TLS been broken?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: