OIG Report: DOD Failed to Cyber-Secure Additive Manufacturing Systems
A new report from the Department of Defense’s Office of the Inspector General shows that the Pentagon did not properly secure its additive manufacturing systems from foreign intrusion and data tampering.
The DOD has increased its use of additive manufacturing systems, especially within the Air Force and at national laboratories, to create models and materials such as replacement parts for military equipment used in the field, FCW reported.
Pentagon personnel treated the systems as tools used to build supply parts instead of IT systems that required cybersecurity controls, the report states.
Additive manufacturing technologies at the DOD were “incorrectly categorized” as standalone systems and were thus assumed to not need authority to operate even though they were connected to the department’s network.
The IG report notes that the miscategorization resulted in vulnerabilities that exposed the DOD Information Network to various cyber risks.
“The compromise of AM design data could allow an adversary to re-create and use DoD’s technology to the adversary’s advantage on the battlefield,” the report says.
Malicious actors could also change the systems’ design data, which could affect the strength and utility of 3D-printed products.
Tags: 3D printers additive manufacturing systems Air Force Colonial Pipeline cybersecurity cybersecurity attacks Defense Department DoD information network FCW hackers inspector general IT systems Pentagon SolarWinds vulnerabilities