Pentagon digitalization

Main article: Pentagon

IT infrastructure at the Pentagon

• Pentagon Cloud Infrastructure (JEDI)
• Unified Military IT System JADC2
• JWCC (Joint Warfighting Cloud Capability)

Artificial intelligence at the Pentagon

Main article: Artificial intelligence at the Pentagon

Chronicle

2023

Pentagon IT Support Ranked Worst in US Government

The US Department of Defense is in last place in terms of technical support, equipment and communications used among all US government agencies. This is stated in a study by the US General Services Administration (GSA), the results of which were published on August 30, 2023.

GSA evaluated several key IT areas. Technical support Pentagon is recognized as the worst in the government. USA In addition, this department lags behind all other agencies in terms of communications, functionality, computer technology and affordable means of collaboration.

Pentagon headquarters

The Defense Department also did not perform well in three other areas. Thus, in strategic partnership and IT development, modernization and improvement, the Pentagon took 20th place out of 24. In terms of satisfaction with operational capabilities, the department surpassed only the US Department of Agriculture by a small margin.

Despite the Pentagon's weak rating compared to other federal agencies, Defense Department employees are generally satisfied with the IT services available. In particular, 65% of respondents said they were at least somewhat satisfied with the quality of technical support. And 64.5% of survey participants have no complaints about the available IT equipment.

The Deputy Head of the Office of Digital Technologies and Artificial Intelligence of the US Department of Defense Michael Kanaan notes that employees of the department face many problems. This crane has a long connection time to IT systems, hour-long delays in logging into Outlook, weak personal computers costing $100, etc. All this negatively affects the efficiency of work and slows down the fulfillment of the tasks.^[1]

Developing a secret cyberstrategy

May 26, 2023 U.S. Department of Defense presented To the congress a secret cyber strategy. The document, it is stated, is based on many years of real experience in conducting large operations in the information space. More. here

Pentagon decided to involve Silicon Valley in weapons development

On March 26, 2023, it became known that the US Department of Defense expects to attract startups from Silicon Valley to its efforts to finance and develop new technologies in the military sphere. We are talking, among other things, about the creation of advanced weapons. Read more here.

IT staff - 225 thousand people

On March 9, 2023, the US Department of Defense announced the adoption of the Strategy for the Development of Labor Resources in the Cyber ​ ​ Sphere for 2023-2027. The document says that approximately 225 thousand work for the Pentagon. IT specialists, but the department faced a number of difficulties, including in terms of ensuring cybersecurity.

The cyber unit of the US Department of Defense consists of specialists in the field of protection, intelligence and information technology itself. At the same time, it is noted that the department is experiencing a shortage of experts in the field of cybersecurity, and this potentially poses a threat to national security. The Pentagon emphasizes the importance of having a flexible, skilled and diverse workforce to deal with issues related to threats and various challenges in the network space.

225 thousand IT employees work for the Pentagon

The adopted strategy is expected to allow the Ministry of Defense to solve the problem of a shortage of highly qualified employees and eliminate gaps in the labor management system. In addition, the agency intends to expand its scope in the cybersecurity segment to include areas such as artificial intelligence, cloud computing, big data and the development of secure software.

The Ministry of Defense will focus strategic efforts on four key areas to form an effective cyber team: search for specialists, hiring, skill development and retention of labor resources.

This strategy, combined with our ongoing initiatives, will help unite efforts to manage cyber personnel at the Department of Defense and ensure the continued development of our employees through training and professional development opportunities, "said Mark Gorak, Chief Human Resources and Analytics Officer.[2]

Data breach due to unsecured military server

On February 20, 2023, the US Department of Defense blocked a public server that stored internal emails from the US military.

According to TechCrunch, the server in question is located in the Microsoft Azure government cloud for Defense Ministry structures. This service uses nodes physically separated from other commercial customers, and therefore can be used to exchange confidential but unclassified government data. The server serves the mail system: as they say, approximately 3 TB of military correspondence was stored on it. Many reports are related to the US Special Operations Command (USSOCOM).

A server available without a password stored 3 TB of military correspondence

TechCrunch notes that Anurag Sen, an independent information security specialist, discovered the public server. It is known that the problem was an incorrect configuration of this network node, which provided the ability to log in without a password. Anyone who knew his IP address could gain access to the server. Among the stored data were information about US military contracts and requests from Department of Defense employees to process documents. Some files contained confidential staff questionnaires.

Information about the open server was transferred to the Pentagon, shortly after which this network node became unavailable. USSOCOM spokesman Ken McGraw said an investigation has been launched into the incident. It is noted that the server was opened within two weeks. It is not yet clear whether anyone used password-free access to steal military correspondence. The Ministry of Defense does not give comments on this matter.

At this point, we can confirm that no one hacked U.S. Special Operations Command information systems, "McGraw said.[3]

2022: Pentagon begins search for contractors to integrate technology for soldier on battlefield

On August 10, 2022, it became known that it Ministry of Defence USA began to search for contractors among small private companies to integrate existing and promising technologies, the goal is to provide information to soldiers directly during hostilities. More. here

2021

John Sherman's appointment as Pentagon Chief information officer

In mid-December 2021, for the first time in almost a year, the permanent head of the IT department appeared at the US Department of Defense. John Sherman, a native of American intelligence, became the director of information technology, with the approval of the Senate. Read more here.

Pentagon takes back 175 million IP addresses transferred to Global Resource Systems

The US Department of Defense has taken back control of 175 million IP addresses, which were transferred to Global Resource Systems in early 2021. This was announced on September 10, 2021 by The Washington Post.

The program, in which the military department temporarily ceased to own an expensive part of the Internet protocol, the publication calls unusual. The fact is that almost nothing is known about the company with which the ministry worked, it had not previously worked with federal authorities, and it was registered only in the fall of 2020 in Florida.

The publication notes that the start time of the program was also unusual. Global Resource Systems gained control over IP addresses a few minutes before the end of Donald Trump's term, that is, during a tense situation for the federal authorities.

According to WP, the essence of the project is to strengthen protection Pentagon in cyberspace and respond to virtual threats those that arise in it. Nevertheless, the Pentagon did not specify exactly how the implementation of the program contributes to increasing the department's cyber defense.

Earlier, the media put forward several assumptions on which IP addresses could be betrayed by the Florida company. The first is the creation of software that simulates the operation of a vulnerable device or server. In other words, the Ministry of Defense wanted to attract hackers to study the tactics of attackers and identify vulnerabilities. The second assumption is to prepare for the development of software and servers that would help identify suspicious activity on the Web.^[4]

Buying a database of American movement from ICT companies

At the end of January 2021, it became known that the Pentagon was buying databases from telecommunications and technology companies on the movement of Americans and citizens of other countries without obtaining a court warrant.

According to The New York Times, citing documents submitted in response to a request from Senator Ron Wyden, over 2.5 years, US intelligence officers tracked the movement of Americans using a purchased database, where information comes from applications on smartphones. While authorities are required to request a warrant for phone companies to hand over their customers "location data, the government can instead buy similar data from intermediaries without trial.

The CIA intelligence agency enjoys a loophole in the law on the protection of personal information. Legislation obliges to apply for a warrant only if the data must be obtained from telephone companies. There is no talk of brokers with their bases there.

US Department of Defense buys databases on American movement from ICT companies

The bases that the US Department of Defense seeks to access are compiled for commercial purposes by analyzing the information collected by the smartphone application. The publication says that the American authorities, apparently, mainly buy and use information about the location of people to conduct investigations against foreigners abroad. " One of the tasks of management is to identify "a threat to American forces deployed around the world."

Senator Wyden intends to introduce legislation to ensure that Americans' location data is protected. He called this practice an encroachment on the constitutional rights to privacy. The publication does not specify, information about citizens of which countries outside the United States receives control in this way.^[5]

Appointment of African American Lloyd Austin as Pentagon chief

At the end of January 2021, retired US Army General Lloyd Austin became the first African American to head the Pentagon. The Senate confirmed Austin's appointment, 93 senators voted for his candidacy, two against. Read more here.

2020

Ethical hackers hacked the Pentagon 12.5 thousand times

The HackerOne platform has published the results of the work of the so-called ethical hackers, who find vulnerabilities in the IT systems of companies and government agencies for rewards. In 2020, as part of such campaigns, the Pentagon hacked about 12.5 thousand times, which was the highest among HackerOne participants. Read more here.

Complete the first data management strategy

At the end of December 2020, the US Department of Defense presented the first strategy for enterprise-wide data management. Tara Murphy Dougherty, chief executive officer of Govini, a research firm that supports the Pentagon and the defense industry, noted that the foundation of the strategy is "quite reliable."

The first Pentagon enterprise-wide data strategy goes beyond previous departmental data guidelines, shifting the focus to troops and senior leaders who need to make better decisions, Pentagon data director David Spirk said.

US Department of Defense unveils first data management strategy

The development of the new data strategy predates Spirk's appointment as development director, which he took over in June 2020. As part of the ThoughtSpot Beyond 2020 event, he noted that the department has struggled to finalize the strategy for several reasons, including the agency's sheer size, as well as controversy over what the enterprise-level data strategy should focus on.

Some felt that the business intelligence component was the most important, others felt that military was the most important component, "Spirk said.

The data director said the Department of Defense has promoted a "community of interest" around strategy development to work through some of the fundamental issues. According to him, the document gradually increased in size, even more priorities and interests were added to it, and at some point it reached 75 pages.

Eventually, Spirk said, the agency settled on an operational advantage.

We favor operating advantage, "Spirk said. - The good news about working with data is that if you do everything right, efficiency will naturally increase.

According to the strategy, "correctness" consists in the fact that the data must be visible, accessible, understandable, related, reliable, compatible and secure.^[6]

Allocate $11.7 billion to eliminate unnecessary IT infrastructure components

At the end of August 2020, the Pentagon allocated $11.7 billion to eliminate unnecessary IT infrastructure components and to consolidate the expanded networks of the Ministry of Defense. The Defense Enclaves Services program is supposed to upgrade the network and ensure its security, so the US Department of Defense is looking for specialists who provide cybersecurity, technical updates and support services. Read more here.

Appointment of Dave Spirk as Chief Data Processing and Analysis Officer

In late June 2020, the US Department of Defense appointed Dave Spirk as the new chief data officer. Previously, he worked as director of digital technologies in the special operations command (SOCOM). Read more here.

Pentagon invests in blockchain company to control supply chains

In mid-June 2020, the US Department of Defense allocated $1.5 million to blockchain company SIMBA Chain for supply chain control research. In this case, blockchain acts as a service (BaaS) and allows SIMBA Chain to establish close ties with the US Air Force. Read more here.

2018

Pentagon bans soldiers from using GPS gadgets and apps

In August 2018, the US Department of Defense officially banned military personnel from using GPS applications and fitness trackers, because, according to the command, enemies can receive important information because of these technologies.

On the Pentagon website, First Deputy Secretary of Defense Patrick Shanahan published new rules prohibiting the military from using devices and applications with an activated geolocation function while in service. Now, in "areas of operations," including in the war zone and at US foreign military bases, military personnel must turn off geolocation services on their electronic devices.

US Defense Department bans US troops from using devices and applications with activated geolocation function while in service as it poses a security risk

The GPS location function, which is present in many phones and smartwatches, is used in gadgets to monitor the user's physical condition, navigation and even dating apps, the BBC notes.

The ban on GPS electronics in the American army came after the Strava fitness application (which allows you to track the distance traveled  using satellite data) revealed the military bases of several countries, including the United States, in early 2018. The movement of soldiers in their places of deployment was issued by fitness trackers and mobile devices.

The rapidly growing market for geolocation-enabled devices, applications, and services poses significant risks to Defense Department personnel in and out of service, and to our military operations worldwide. These geolocation capabilities can reveal personal information, location, routes and numbers of Defense Department personnel, and inadvertently create security issues and increase risk to coalition forces and combat missions, the Pentagon said in a statement on the ban of GPS devices and applications in military service.[7]

Bill banning the purchase of software with Russian code

In July 2018, it became known that the Pentagon is compiling a list of vendors who use Russian or Chinese code in their software products to stop buying their products and prohibit this from their partners. At the legislative level, the ministry will also be prohibited from buying software, the development process of which had access to observers from China or Russia.

The solutions of suppliers who will not meet the requirements of the document are planned to be banned from purchase in the ministry itself and among its industry partners, the news agency reported Reuters , citing the Deputy Minister of Defense. USA

According to Ellen Lord, Under Secretary of Defense for Acquisition and Sustainability, work on the blacklist has been underway for about six months, in close cooperation with the US Intelligence Community.

"What we are doing - we just want to make sure that we do not buy software of Russian or Chinese origin, for example, and quite often it is difficult to judge at first glance, because of holding companies," Lord told reporters.

She did not say which vendors were already included in the list, but clarified that the Pentagon "identified some companies that operate in such a way that it is incompatible with our defense standards."

Lord also added that a work report would soon be presented that supply chains Pentagon would show the ministry's reliance on foreign suppliers, including Chinese ones, when it comes to acquiring components for certain types of military equipment.

In addition, the deputy minister said that the Pentagon intends to improve the capabilities of its suppliers to repel cyber attacks, for which it is going to test their protective systems by trying to hack them.

Reuters writes that information about the "black list" came on the eve of the US Parliament's consideration of the Pentagon spending bill for 2019, which should take place in the coming days. The bill has a clause that obliges technology companies to report if countries like China or Russia are allowed to monitor their internal work to create software subsequently purchased by the US military ^[8]

Presumably, the bill will be approved, Reuters reports. It was compiled after rumors appeared in the American media that Russian defense departments "hunt" vulnerabilities in software products supplied to American government agencies, including intelligence and the Pentagon itself. Also, the bill will prohibit the American authorities from buying and using any equipment manufactured by the Chinese companies ZTE and Huawei.

2017

Data Base of the US Department of Defense found in the public domain

Security researcher Chris Vickery has discovered three incorrectly configured Amazon S3 servers belonging to the US Department of Defense. The servers store 1.8 billion publications made on the Internet by users around the world^[9] Department of^[10].

The databases Vickery discovered are called "centcom-backup," "centcom-archive," and "pacom-archive." Judging by the names, they belong to the US Central Command (CENTCOM) and the Pacific Command of the US Armed Forces (PACOM). According to the researcher, the databases do not contain any confidential information and consist of publicly available publications on social networks, blogs, forums, etc. Publications are accompanied by information about their authors. They are made in different languages, mostly in English, Arabic and Farsi, and date from 2009-2017.

Judging by the structuring of the data, the databases were collected using the Lucene-Elasticsearch hybrid search engine. According to Vickery, the databases were created by intelligence units of the US Army in order to find useful information that could be useful in further operations.

In September 2017, the researcher reported unsecured databases to the US Department of Defense, and the ministry took appropriate protection measures. The Data Base were not available to everyone, however, to download them, it was enough to have a free account with Amazon AWS.

Migrating to Cloud Services

In October 2017, it became known about the plans of the US Department of Defense to actively use cloud computing to strengthen its information security and preserve the technological advantages enjoyed by the US military around the world, Bloomberg reports.

Deputy Secretary of Defense Patrick Shanahan emphasized the need to use cloud services after Pentagon chief James Mattis visited Silicon Valley and watched companies defend themselves from cyber attacks.

Innovative technologies are rapidly evolving and changing the nature of military action, making IT modernization vital to maintaining U.S. military superiority, Shenahan said. The minister wished that the Pentagon accelerate the implementation of cloud solutions in order to take on new risks, as well as provide new technologies to the army and faster develop and purchase new IT solutions.

Pentagon moves IT systems and data to the cloud

The Ministry of Defense began to take active steps in the cloud direction, forming the Cloud Executive Steering Group (CESG) division, which will assess the potential for using various cloud services and choose the best options in the context of an expanding bureaucracy. By October 2017, the department employs 1.3 million military and 742 thousand civilians.

Patrick Shenahan named two phases as part of the initiative to implement cloud computing. The first stage is the acquisition of corporate cloud services that will process systematized and unsorted data, as well as the analysis, training and organization of support for these services throughout the Ministry of Defense.

In the second phase, the Pentagon's IT systems and data will be transferred to the purchased cloud product. After that, the structures of this department can use all the capabilities of cloud services, including security, software and analytical tools, Shenaha noted.

CESG has to provide a detailed plan by November 15, 2017. Subsequently, this unit will constantly report on how the Pentagon's cloud migration phases proceed.

It's unclear how many cloud providers the Pentagon will bring into cooperation. Amazon has a big chance, entrusted by the CIA in 2014 with placing classified information in the cloud of Amazon Web Services (AWS). In addition, at the end of 2016, Microsoft and the Pentagon signed an IT contract for almost $1 billion.

The amount of funding for the project is also unknown. It is only known that CESG will provide money to contractors only at the second stage. The first will be funded either from the budget or from some other source, noted Patrick Shenahan.

Earlier, the requirements for cloud infrastructure were announced by the Defense Information Systems Agency (DISA), which, as part of the Ministry of Defense, specializes in creating a secure cloud for the ministry itself, the White House and various organizations protecting US interests. DISA says that cloud services for classified and non-confidential information should be different, and the top-secret data was not hosted in the public cloud.

Thus, the Ministry of Defense is going to store data in the cloud at different levels. Bloomberg reports that a private commercial cloud can be deployed for classified information, and a public cloud infrastructure will be used for other information. Due to this, the authorities can achieve the best balance of safety, cost and efficiency, according to observers of the publication.

2016

Open Source Software Usage

Analysts at the Center for a New American Security (CNAS) at the end of August 2016 released a report on the use software open source of c. Ministry of Defence USA In it, experts assess the current level of use of open ON in the department and recommend that it invest more in such. software Details - in a separate article:

• Fast, cheap, safe: US Department of Defense selects open source software

Use of foreign-made chips

The United States Department of Defense is starting to purchase foreign-made chips. It is reported by The Wall Street Journal with reference to Andre Gudger, Deputy Assistant Secretary of State of the Pentagon for Industrial and Industrial Policy.

According to him, the US Department of Defense has signed a seven-year contract with Globalfoundries, one of the four largest contract chipmakers. The terms of the agreement were not disclosed, but it is known that the company will supply chips for reconnaissance satellites, rocket weapons and combat aircraft. Read more here.

2015: Pentagon chief information officer: We buy Silicon Valley trust for $36.8 billion a year

At the end of October 2015 USA , Department of Defense (DOD) Director of Information Technology Terry Halvorsen gave an interview to The Christian Science Monitor, during which he spoke about the lack of trusting relations between the country's authorities and IT companies, as well as how to overcome this problem.

The appeal of government contracts could overcome the trust deficit that has developed between Washington and Silicon Valley, Halvorsen said.

Chief information officer Terry Halvorsen spoke about the lack of trust between the country's authorities and IT companies, as well as how to overcome this problem

"As for partners, we do not have a big trust problem for one simple reason - we spend $36.8 billion a year to buy most of this potential trust," the Pentagon's Chief information officer said.

The relationship between American technology companies and the government was complicated after former US intelligence officer Edward Snowden spoke about illegal surveillance conducted by the US National Security Agency, using, in particular, IT equipment from local manufacturers such as Cisco, Dell, etc. The situation escalated in 2015, when the country's authorities called on IT companies to open access to their encrypted devices, which caused a wave of indignation in the market.

In order to get closer to Silicon Valley, the US Department of Defense opened its representative office there - Defense Innovation Unit Experimental. The purpose of this division is to develop and find new advanced technologies, as well as strengthen cooperation and establish new partnerships in the technology industry. This project was created in order to learn from Silicon Valley, and not teach it to do business, said Terry Halvorsen.^[11]

2013

Failure of several major IT projects

In April 2013, US government regulators stated that about half of the 14 IT projects currently under implementation in the military industry were embroidered out of budget, and more than half were embroidered out of budget.

Such results were led by an audit of a department called the Government Accountability Office (GAO) ^[12], which analyzed 14 of the 48 projects to create the so-called MAIS (major automated information systems) implemented by the US Department of Defense. In 2011, $5.6 billion was spent on these projects from the total IT budget of the military department, which amounted to $36.6 billion. According to the GAO, the total cost of these projects could be $378 billion.

9 of the 14 mentioned projects, according to the report, according to the aggregate estimate of the estimated costs, will ultimately be somewhat cheaper. Reducing the value of contracts, as well as other factors, including reducing the budget allocated by the state for automation and transforming costs through the use of other programs, played a role here.

Meanwhile, a number of projects are experiencing serious difficulties. For example, only quite recently was the cost of the ERP project finally established in the US Air Force ($1.4 billion), and this was done only after 9 years of the project and how $334 million had already been spent, says GAO.

The remaining 5 of the 14 projects inspected during the GAO audit showed an increase in the total cost of implementation by an order of magnitude from 3% to 578%, the report said. The last increase in the project budget was noted during the implementation of the system in the Navy, where the project budget "inflated" from the initially estimated $347 million to $2.4 billion by September 2012. "Officials attributed this increase to the connection of an additional two commands and support centers to the project, which entailed the creation of additional systems," the document says.

Another negative example: the US Air Force completely abandoned the creation of an automated expeditionary combat support system (Expeditionary Combat Support System) due to difficulties during the project after the project cost increased from $3 billion in 2005 to $3.2 billion by February 2011.

In addition, only 5 of the 14 MAIS systems are implemented according to the established schedule, while the rest are behind the schedules for periods from several months to 10 years. In total, only 3 out of 14 projects managed to meet the target dates and remain within the framework of predetermined costs, while achieving the intended results. Nevertheless, even these projects "raise a number of questions regarding the effectiveness and risk management at different levels," according to the GAO.

Earlier, the US legislative authorities have already made a statement that about 25% of the US state budget for IT, which annually equals about $80 billion, is wasted.

Microsoft contract for $617 million

The US Department of Defense intends to save more than $100 million a year as part of a three-year licensing agreement signed with Microsoft and entered into force in January 2013.

According to its terms, the Army, the US Air Force and the Defense Information Systems Agency (DISA) will receive 2 million user licenses and official support for Microsoft, the agency said in an official statement.

The contract amount was about $617 million. The savings of the US Air Force, thanks to the successful terms of the contract, will be about $50 million per year, and the savings of the US Army - about $70 million annually. DISA savings will be about 10% for the entire term of the contract. Read more here.

2012

Mobile strategy

The US Department of Defense in June 2012 announced[2] the^[13] for the use of commercial mobile devices and mobile applications, which details the goals of such use and the ministry's next steps in this area.

As follows from the strategy, in its work, the military department plans to very widely use commercial smartphones and tablets in all its units. The three main tasks at this stage will be to improve the efficiency of the wireless infrastructure, the penetration of mobile devices and the increased use of mobile applications.

According to the Chief information officer of the Ministry of Defense Teri Takai (Teri Takai) in the document, "employees of the ministry are becoming more mobile, and the use of a wider range of devices opens up unprecedented opportunities to improve the operational efficiency of the department."

The document also says that a large number of mobile products will be tested during the implementation of the program, but the specific names of the device models and operating systems are not named. The American army already uses about 250 thousand commercial mobile devices, including thousands of devices on Apple iOS and. Android

Issues of the safety of the use of mobile technologies will become key for such units as the Air Force (Air Force), the Army and the Marine Corps, which, according to the document, should use them more actively in their operations. The Pentagon will strive to develop and implement appropriate standards, including the issues of regulating the use of portable devices in the workplace and beyond.

To optimize service to the growing fleet of mobile devices, the military department plans to create special internal services that will register devices, ensure compliance with security policies, "wireless" delivery of software to devices (using cloud technologies and centralized hosting), as well as control over compliance with license rules.

As a result, the US military intends to create an infrastructure that combines millions of mobile devices and hundreds of applications. A separate important place in the new strategy is paid to the expansion of the current frequency spectrum, as well as the use of Wi-Fi and 4G wireless standards.

Disruption of ERP projects in the amount of $10 billion

The US Department of Defense continues to experience difficulties with IT projects initiated by the department. At the end of 2012, it became known that the US Air Force (Air Force) decided to abandon the ERP system on the Oracle platform, the creation of which cost the state $1 billion.

In February 2013, problems were officially discovered in the implementation of other projects worth $10.1 billion. Auditors recognized a number of ERP projects as at risk of failure due to going beyond the established calendar limits, while the main reason they called incorrect planning and management problems.

In total, the military, as mentioned above, planned to spend more than $10 billion on the implementation of ERP systems, but the strategic implementation plan developed in February 2011 "did not include a detailed schedule for their deployments and performance assessment criteria," according to the results of an internal audit carried out by the US Department of Defense Inspector ^[14]/. Read more here.

Notes