{"id":8851,"date":"2021-10-20T10:17:10","date_gmt":"2021-10-20T13:17:10","guid":{"rendered":"https:\/\/www.fie.undef.edu.ar\/ceptm\/?p=8851"},"modified":"2021-10-20T10:17:10","modified_gmt":"2021-10-20T13:17:10","slug":"el-ataque-cibernetico-de-colonial-pipeline-muestra-el-peligro-de-ignorar-las-vulnerabilidades-ciberneticas-militares","status":"publish","type":"post","link":"https:\/\/www.fie.undef.edu.ar\/ceptm\/?p=8851","title":{"rendered":"El ataque cibern\u00e9tico de Colonial Pipeline muestra el peligro de ignorar las vulnerabilidades cibern\u00e9ticas militares"},"content":{"rendered":"<p>El hack de Colonial Pipeline en mayo pasado deber\u00eda servir como una llamada de atenci\u00f3n para las Fuerzas Armadas de los EUA, que\u00a0se\u00a0necesita\u00a0actuar r\u00e1pidamente para proteger su log\u00edstica de los ataques cibern\u00e9ticos. Si bien el ataque de ransomware a Colonial Pipeline no atac\u00f3 directamente las redes militares u otra infraestructura, el evento gener\u00f3 dudas sobre la seguridad de las redes utilizadas por las empresas comerciales que forman una parte clave de la columna vertebral log\u00edstica del Departamento de Defensa.<\/p>\n<hr \/>\n<p>NATIONAL HARBOR, Md.: The\u00a0<a href=\"https:\/\/breakingdefense.com\/2021\/07\/biden-issues-national-security-memorandum-on-critical-infrastructure\/\" target=\"_blank\" rel=\"noopener\">Colonial Pipeline hack<\/a>\u00a0should serve as a wake up call for the US military, which needs to move quickly to protect its logistics enterprise from cyber attacks, two top defense officials said today.<\/p>\n<p>In May, Russian-based hackers breached Colonial Pipeline\u2019s networks, causing a gas shortage, skyrocketing fuel prices and ultimately costing the company $5 million in ransom money \u2014 and all those hackers needed was one password, said Air Force Secretary\u00a0<a href=\"https:\/\/breakingdefense.com\/2021\/09\/global-strike-from-space-did-kendall-reveal-chinese-threat\/\" target=\"_blank\" rel=\"noopener\">Frank Kendall<\/a>, who spoke at the National Defense Transportation Association conference Monday.<\/p>\n<p>\u201cThis is just the tip of the iceberg. If we don\u2019t protect our data, it is wide open for our competitors to steal or manipulate and to disrupt our military operations,\u201d he said.<\/p>\n<p><iframe loading=\"lazy\" title=\"YouTube video player\" src=\"https:\/\/www.youtube.com\/embed\/8oDUa5ItSto\" width=\"735\" height=\"406\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>Kendall is not the only defense official concerned with the department\u2019s vulnerability to cyber attacks.<\/p>\n<p>On Tuesday,\u00a0<a href=\"https:\/\/breakingdefense.com\/2021\/07\/beyond-kc-46-air-force-exploring-advanced-tech-on-next-tanker\/\" target=\"_blank\" rel=\"noopener\">Air Force Gen. Jacqueline Van Ovost<\/a>\u00a0pointed to the Colonial Pipeline hack as an example of the \u201cgrowing threat\u201d of cyber attacks and said cybersecurity would be one of her top priorities as the new head of US Transportation Command.<\/p>\n<p>\u201cIf you can imagine a cyber criminal \u2026 can cause fuel prices to rise, what could a persistent threat \u2014 a persistent and very capable threat \u2014 do to our systems?\u201d she asked the audience at NDTA.<\/p>\n<p>While the\u00a0<a href=\"https:\/\/breakingdefense.com\/2021\/05\/pipeline-cyberattack-follows-years-of-warnings\/\" target=\"_blank\" rel=\"noopener\">ransomware attack<\/a>\u00a0on Colonial Pipeline did not directly assault military networks or other infrastructure, the event raised questions about the safety of networks used by commercial companies that form a key part of the Defense Department\u2019s logistics backbone.<\/p>\n<p>The department relies on commercial vendors for gas, jet fuel, and the transportation of goods and people \u2014\u00a0 all critical commodities for TRANSCOM, which uses military assets to move troops and supplies but also contracts directly with industry for additional airlift, sea freight transportation and other delivery services.<\/p>\n<p>Any disruption to the department\u2019s commercial vendors or its supply chain \u2014 or more widely, to the military\u2019s own infrastructure \u2014 could be devastating in a war, Kendall said.<\/p>\n<p>\u201cOur adversaries can be assumed to be able to disrupt our networks right now, because we have not sufficiently guarded against an attack,\u201d Kendall said. \u201cFewer than half of trucking and logistics companies even have a chief information security officer. What does that mean for our supply chain?\u201d<\/p>\n<p>Before being sworn in as Air Force secretary, Kendall spoke with the House Armed Services Committee\u2019s task force on supply chain resilience and tried to convey the importance of ensuring the security of the defense industrial base and logistics enterprise, he said.<\/p>\n<p>\u201cPeacetime supply chain disruptions and shortages were a problem certainly, but a manageable one,\u201d he said. \u201cWartime disruptions and shortages, on the other hand, could be much more problematic and in fact decisive.\u201d<\/p>\n<p>The Pentagon will need more funding in order to help mitigate current logistics vulnerabilities, Kendall said. Specifically, the military needs more weapons storage facilities and hardened fuel storage infrastructure, and it also needs to ensure that the commercial transportation industry can recruit talented employees.<\/p>\n<p>\u201cWe must also acquire more resilient transportation systems of systems,\u201d he said. \u201cWe know our current capabilities are vulnerable to cyber and kinetic attacks. We must address that harsh reality by incorporating the certainties of offensive cyber and kinetic attacks into our military requirements and into our acquisition plans.\u201d<\/p>\n<p>The Pentagon\u2019s nominee for\u00a0<a href=\"https:\/\/breakingdefense.com\/2021\/05\/pentagon-pushes-testing-for-electronic-warfare-vulnerabilities\/\" target=\"_blank\" rel=\"noopener\">director of operational test and evaluation<\/a>\u00a0(DOT&amp;E) also signaled on Tuesday that the department may need to do more to ensure its own weapons and equipment can stand up to cyber attacks.<\/p>\n<p>The DOT&amp;E office is responsible for ensuring that military technology meets cybersecurity standards, using \u201cred teams\u201d of NSA-certified hackers who attempt to breach a weapon system\u2019s cyber defenses during testing. However, \u201cthose teams are stretched very thin by high demand, and have limited resources,\u201d said Nickolas Guertin,\u00a0<a href=\"https:\/\/breakingdefense.com\/2021\/09\/biden-taps-sherman-for-pentagon-cio-guertin-for-ote\/\" target=\"_blank\" rel=\"noopener\">who is nominated<\/a>\u00a0for the DOT&amp;E job.<\/p>\n<p>\u201cAdditional resources for those teams, as well as automation capabilities to ease their workload, would improve cybersecurity testing,\u201d he wrote in advance policy questions delivered to the Senate Armed Services Committee ahead of his confirmation hearing on Tuesday.<\/p>\n<p>Guertin also recommended that the Defense Department independently assess the security of the cloud services it purchases from commercial vendors, something not currently permitted in the department\u2019s current contacts.<\/p>\n<p><strong>Fuente:<\/strong> <a href=\"https:\/\/breakingdefense.com\/2021\/10\/colonial-pipeline-hack-shows-peril-of-ignoring-military-cyber-vulnerabilities-kendall\/?_ga=2.14085171.546633875.1634727226-1627337807.1630687037\" target=\"_blank\" rel=\"noopener\"><em>https:\/\/breakingdefense.com<\/em><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>El hack de Colonial Pipeline en mayo pasado deber\u00eda servir como una llamada de atenci\u00f3n para las Fuerzas Armadas de los EUA, que\u00a0se\u00a0necesita\u00a0actuar r\u00e1pidamente para&hellip; <\/p>\n","protected":false},"author":1,"featured_media":8852,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[23,28],"tags":[],"_links":{"self":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts\/8851"}],"collection":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8851"}],"version-history":[{"count":1,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts\/8851\/revisions"}],"predecessor-version":[{"id":8853,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/posts\/8851\/revisions\/8853"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=\/wp\/v2\/media\/8852"}],"wp:attachment":[{"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fie.undef.edu.ar\/ceptm\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}