El Departamento de Defensa de EEUU contin\u00faa encontrando vulnerabilidades de ciberseguridad, derivadas de informaci\u00f3n de acceso p\u00fablico compartida a trav\u00e9s de plataformas digitales, advierte un informe reciente de la Oficina de Responsabilidad del Gobierno de ese pa\u00eds.El informe publicado el 17Nov25, destaca fallas de seguridad en 10 componentes del Departamento de Defensa vinculados a la actividad digital de dispositivos personales y gubernamentales, comunicaciones en l\u00ednea y plataformas de defensa que “generan vol\u00famenes de datos rastreables”.<\/p>\n
The Defense Department continues to encounter\u00a0cyber security<\/a>\u00a0vulnerabilities stemming from publicly accessible information shared across digital platforms, a recent report from the U.S. Government Accountability Office warns.<\/p>\n The\u00a0report<\/a>, released on Nov. 17, highlights security lapses across 10 DOD components linked to digital activity from personal and government devices, online communications and defense platforms that \u201cgenerate volumes of traceable data.\u201d<\/p>\n \u201cMassive amounts of traceable data about military personnel and operations now exist due to the digital revolution,\u201d according to the report, which highlighted ship and aircraft movements as examples of accessible information. \u201cPublic accessibility of this data enables malicious actors to exploit critical information and jeopardize DOD\u2019s mission and the safety of its personnel.\u201d<\/p>\n The report found that U.S. Cyber Command, the National Security Agency, the Defense Intelligence Agency, the Defense Counterintelligence and Security Agency, U.S. Special Operations Command and every branch of the military failed to adequately address two critical areas \u2014 training and security assessments \u2014 for reducing the risk of digital threats.<\/p>\n Of the components assessed, only U.S. Special Operations Command was found to have consistently trained personnel about the risks of digital information in the public across all relevant security areas.<\/p>\n The report also found that eight of the 10 DOD components did not conduct threat assessments across the required security areas of force protection, insider threat, mission assurance and operations security.<\/p>\n The GAO goes on to illustrate how threat actors can steal public digital information about DOD operations and personnel, thereby posing operational and national security risks.<\/p>\n Information transmitted through press releases, news sources, online activity, social media posts and ship coordinates could, in theory, be used to project a vessel\u2019s route and disrupt an aircraft carrier\u2019s operations, the report states.<\/p>\n The GAO noted that three of five offices under the Office of the Secretary of Defense have issued policies and guidance on risks associated with public access to digital information.<\/p>\n Those initiatives, however, are too \u201cnarrowly focused\u201d and do not include all relevant security areas, the report states.<\/p>\n The Defense Security Enterprise Executive Committee is \u201cwell-positioned to lead a department-wide collaborative assessment of policies and guidance on digital footprint and profile risks,\u201d according to the report\u2019s authors.<\/p>\n \u201cWithout such an assessment, DOD will have difficulty in determining whether risks are being sufficiently managed within the boundaries of their legal authorities,\u201d the report adds. \u201cAlso, DOD will face ever-increasing threats to personnel privacy and safety, mission success, and national security.\u201d\u200b<\/p>\n The GAO report made 12 recommendations to DOD to assess its policies and guidance, collaborate to reduce risks, provide training on the digital environment along with its associated risks across security areas and complete required security assessments.<\/p>\n DOD agreed with 11 of 12 recommendations and partially concurred with one.<\/p>\n Among the recommendations in the GAO report are instructions for the service secretaries of the Army, Navy and Air Force to conduct \u201crequired assessments in the security areas of force protection, insider threat and mission assurance.\u201d<\/p>\n The report also recommends that Defense Secretary Pete Hegseth oversee the implementation of security assessments for the other listed components.<\/p>\n On Capitol Hill, Congress has echoed similar security concerns targeting the Defense Department. In an effort to mitigate national security risks, both the Senate and the House have introduced\u00a0legislation<\/a>\u00a0in recent years with recommended provisions to protect the digital footprint of DOD personnel.<\/p>\n