**Default passwords, deactivated encryption, ineffective detection systems… An official report is alarmed by the lack of security of the military devices and by the free-and-easy attitude of the officers.**
<center>![dzdq.png](https://cdn.steemitimages.com/DQmYAnawwb7zcbRWVHa5Pj4757mComntMsqyJRzFdutL5f5/dzdq.png)</center>
Every year, the United States spend **hundreds of the billion’s dollars** in their military forces. A budget of **1.600 trillion** is even planned to renew the armament from top to bottom in the next years, what should ensure this country's role of **superpower.** But still this money must be really spent wisely.
In a [report](https://www.gao.gov/products/GAO-19-128) that appeared Tuesday, the **US Government Accountability Office** (GAO) considers that Donald Trump's armaments systems are **riddled with computer security breaches.**
The agency arrives to this conclusion having peeled the **army's test reports from 2012 to 2017.** *"Almost all the main acquisition programs tested on the operational plan between 2012 and 2017 had critical cyber-vulnerabilities which opponents could exploit to compromise a mission",* we can read in the report.
The found weaknesses are sometimes of a surprising simplicity, starting with **passwords.** The military systems also integrate commercial or open source software, and default passwords are not systematically replaced. A beginner's error. In a case, for example, testers managed to guess an administrator password **within nine seconds.**
<center>![c1450524dcb53af6a216e6c188.jpg](https://cdn.steemitimages.com/DQmd6kD5oZGJbYZz9U8ZGmHUarh1HiwiVSa2BUMts6J8zGi/c1450524dcb53af6a216e6c188.jpg)</center>
In other cases, testers managed to penetrate a system and to stay there **for weeks without being detected** and that, without paying particularly attention to the tracks they left…
In still other cases, **Intrusion Detection Systems** (ISD) have been successful in identifying a malicious presence, but users were not able to interpret the alerts. The reason is sometimes due to a bad configuration of the IDS which generated alerts permanently, **reducing to nothing its utility.**
In some armament systems, the encryption also leaves something to be desired. It allows the testers to intercept sensitive data such as **administrators' identifiers.** What allowed them to move forward even further in the network put to the test.
## The reality is the even worse
The GAO is even more pessimistic that, according to him, these dysfunctions represent only a fraction of the reality. He considers that the **tests made by the army were too limited in time** and in quality to really cover the whole spectrum of cybersecurity.
Audit reports would only show the **tip of the iceberg.** And it does not risk stopping given that the military technologies incorporate more and more computing, which mathematically increases the attack surface.
<center>![30d076d283e84c06b2d34b56c47d8.jpg](https://cdn.steemitimages.com/DQmcLkTtBvtfdCAdSkKxSzqo8DS5AC9hyao4iNcjA2cxgng/30d076d283e84c06b2d34b56c47d8.jpg)</center>
Another problem would be the army’s posture and its hierarchy which, according to the GAO, makes a denial of the reality. Despite bad tests results, the **persons in charge tend to minimize the IT security problems,** by arguing that the tests are not made in real conditions.
**An attitude that could show itself fatal against a well-trained opponent in the field of computer fight…**
![DQmdpsoEfLe5nRg4Q1oKWHNjLdMnAucCYfRou1yF5Yiwrzs.png](https://cdn.steemitimages.com/DQmTmwRbJG8FrWYFpkLR9GKTDcQAD1peWkCsLcCotMiBoqm/DQmdpsoEfLe5nRg4Q1oKWHNjLdMnAucCYfRou1yF5Yiwrzs.png)
* **I've made a lot of articles with tools, explanations and advises to show you how to protect your privacy and to secure your computer, GO check them out!**
* This is my guide [to secure your PC after a fresh installation of Windows](https://steemit.com/writing/@vijbzabyss/the-guide-to-secure-your-pc-after-a-fresh-installation-of-windows)
* If you think that your [phone](https://steemit.com/writing/@vijbzabyss/how-to-tell-if-my-phone-has-been-hacked) **or** [your PC](https://steemit.com/writing/@vijbzabyss/that-s-how-you-can-know-if-you-have-been-hacked-or-to-prevent-further-attacks) has been hacked, you have to check it right now!
* That's how you can be more [Anonymous on the internet!](https://steemit.com/writing/@vijbzabyss/be-anonymous-on-the-internet)
* These are the best VPN to protect your numeric life: [NordVPN](https://steemit.com/writing/@vijbzabyss/the-nordvpn-test-or-full-review-and-speed-test), [ExpressVPN](https://steemit.com/writing/@vijbzabyss/expressvpn-vpn-full-test-or-why-is-it-also-a-good-choice) and [CyberGhost](https://steemit.com/writing/@vijbzabyss/cyberghost-vpn-full-test-or-6-month-free)!
* Your PC is slow? [That's why!](https://steemit.com/writing/@vijbzabyss/why-is-a-pc-slow-what-you-need-to-know-before-anything-else)
* The [4 security measure to put in place on your WIFI router](https://steemit.com/writing/@vijbzabyss/the-4-security-measures-to-put-in-place-on-your-wifi-router)
* You Feel hot? Your [computer also!](https://steemit.com/writing/@vijbzabyss/you-are-hot-your-computer-also)
* How an [adware](https://steemit.com/writing/@vijbzabyss/how-an-adware-works) works?
* That's how you should guard against [Trojan!](https://steemit.com/writing/@vijbzabyss/that-s-how-you-should-guard-against-trojan-if-you-care-about-you-money-and-your-privacy)
* Why [antiviruses are not your friend?!](https://steemit.com/writing/@vijbzabyss/why-antivirus-is-not-your-friend)
* Basics tools to protect your [privacy](https://steemit.com/writing/@vijbzabyss/basics-tools-to-protect-your-privacy-and-your-computer) and your [computer](https://steemit.com/blog/@vijbzabyss/free-software-to-ensure-good-basic-security)
* What are the different [types of hackers?](https://steemit.com/writing/@vijbzabyss/the-different-types-of-hackers)
<center>![DQmNuF3L71zzxAyJB7Lk37yBqjBRo2uafTAudFDLzsoRV5L.gif](https://cdn.steemitimages.com/DQmRZu8dBVp3kJarLxAfrd4FMS58W6NwqrRwCVn6jRVwHMp/DQmNuF3L71zzxAyJB7Lk37yBqjBRo2uafTAudFDLzsoRV5L.gif)</center>