Software developed in foreign countries and used by the Defense Department and other agencies puts federal information systems at serious risk of being hacked and compromised, according to a recent report issued by Defense's top advisory board.
The report, released last month by a Defense Science Board task force, warns that "globalization of software development where some ... U.S. adversaries are writing the code that ... [Defense] will depend upon in war creates a rich opportunity to damage or destroy elements of the warfighter's capability." Defense relies heavily on commercial off-the-shelf and custom-built software developed in countries such as India, China and Russia, so it can quickly and cheaply take advantage of the latest advances designed for global markets rather than relying solely on U.S. developers. But the task force's report, "Mission Impact of Foreign Influence on DoD Software," concluded that relying on software developed in other countries "presents an opportunity for threat agents to attack the confidentiality, integrity and availability of operating systems, middleware and applications that are essential to operations of U.S. government information systems and the DoD." The report emphasized that "the most direct threat is foreign corruption of software: insertion by the developer of malware, backdoors and other intentional flaws that can later by exploited." http://www.govexec.com/story_page.cfm?articleid=38713&dcn=todaysnews _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/