DOD Reports Threat of Foreign Software

A U.S. 'Department of Defense' task force will be alerting the Pentagon of an approaching threat to national security. There is going to be a security breach by adversaries who could install a malware in software developed abroad. The 'Defense Science Board' (DSB), a military cum civilian think tank integrated in DOD, will publish a report on a range of prevention and detection measures for the security violation likely to be early next year. But the report will be constrained in suggesting that all the military software procured be authored in the U.S., said the leader of the 'task force'.

All are familiar with the concern that programmers try to include Trojan horses, trapdoors and other malware in the code they create. In the Pentagon case, the Trojan would possibly use 'ActiveX startup mode' infused into 'iexplore.exe' with a 'rootkit' feature to conceal its files. As the systems are complex, with a high connectivity added with global software industry - they will all make the malware risk increasingly dangerous for the DOD.

The threat was really acute, feels Paul Strass Mann, a professor at 'George Mason University' in Fairfax, Va., and a one time CIO at the Pentagon. He notes that the essential issue is that when conditions become badly dependent on communications, there might occur a 'denial of service' and billion-dollar weapons getting dysfunctional.

In November 2006, Robert Lucky, the chairman of the DSB task force, said that all the code that DOD obtains is at risk, ranging from 'business software' to 'mission software' that aids efforts in fighting war. In its report, the DSB will highlight three factors - the large complexity of systems, their heightened connectivity, and the worldwide utility of the software industry that will join to make the malware danger serious for the DOD.

According to John Pescatore of 'Gartner Inc.', the private sector encounters similar threats, which has already started to imbibe some of the practices the DSB might recommend to the Pentagon. He added that similar risks also portend on the U.S. -developed software.

Agreeing with Pescatore, Lucky thinks the risk is greater for code written abroad.

Related article: Data Theft Incidents Influence Consumers Adversely

» SPAMfighter News - 11/30/2006