Critical Infrastructure Security, Incident Response, TDR, Vulnerability Management

Pentagon faulted for lack of cyber preparedness, GAO report

Although the National Guard is perhaps the best-equipped unit in the military to assist the government in the event of a cyber emergency, the Department of Defense (DoD) does not have the necessary visibility into the capabilities of those assets, according to a report released earlier this week by the Government Accountability Office (GAO).

The DoD has "not maintained a database that identifies the National Guard units' cyber-related emergency response capabilities, as required by law," the report stated. 

The GAO recommended that DoD: maintain a database that identifies National Guard cyber capabilities, conduct exercises to prepare its forces in the event of a disaster with cyber effects, and address challenges from prior exercises.

Although the DoD agreed with some of the report's recommendations, it determined that current procedures are sufficient.

However, the GAO disagreed and the watchdog agency urged adoption of its report's recommendations.

Related

Novel tool leveraged by APT28 to exploit old Windows vulnerability

Data exfiltration and privilege escalation attacks leveraging the novel GooseEgg hacking tool to exploit an already addressed Windows Print Spooler flaw, tracked as CVE-2022-38028, have been deployed by Russian cyberespionage operation APT28, also known as Forest Blizzard, against government, education, transportation, and non-government organizations since April 2019, BleepingComputer reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.