The strategy was supposed to facilitate the collection of performance data to help design new weapons and monitor equipment remotely, among other benefits. Instead, it has jeopardized Pentagon networks and much of what the defense industry has developed over several decades.
"We are trying to overcome decades of a thought process…where we assumed that the development of our weapon systems that external interfaces, if you will, with the outside world were not something to be overly concerned with," Admiral Michael Rogers, the commander of Cyber Command, told the Senate Armed Services Committee on Tuesday.
"They represented opportunity for us to remotely monitor activity, to generate data as to how aircraft, for example, or ships' hulls were doing in different sea states around the world. [These are] all positives if you're trying to develop the next generation of cruiser [or] destroyer for the Navy."
However, Rogers said, adversaries in today's world exploit such public interfaces, steal Pentagon data, and then develop copycat weapons like China's J-31 fighter jet, which many call a cheaper cousin to the F-35, Defense News reported.
That's where we find ourselves now," Rogers said. "So one of the things I try to remind people is: It took us decades to get here. We are not going to fix this set of problems in a few years. We have to prioritize it, figure out where is the greatest vulnerability."
The Pentagon has yet to submit to the Senate an overdue report detailing the cyber vulnerabilities of their weapons and communications system, as is required by the 2014 National Defense Authorization Act.
At the hearing, Deputy Defense Secretary Robert Work the Pentagon is reviewing virtually the entire US arsenal to understand how hackable each weapon is, Defense News reported.
"Most of the weapons systems that we have today were not built to withstand a concerted cyber threat," Work admitted.
In an effort to minimize its cyber vulnerabilities, the Pentagon is reducing the number of exploitable attack surfaces within the military, such as computing networks and defendable firewalls, Work said.