US – DoD pulls the plug on COTS drones

Just leave this here with a hat tip to our favourite cybersecurity geek. This memo has been being spoken about and seen in chat rooms across the web.

SUBJECT: (U/FOUO) Unmanned Aerial Vehicle Systems Cybersecurity Vulnerabilities  

(U/FOUO) On May 14, 2018 the DoD Inspector General found that DoD has not implemented an adequate process to access cybersecurity risks associated with using commercial-off-the-shelf (COTS) Unmanned Aerial Systems (UAS).

(U/FOUO) Effectively immediately, you must suspend purchases of COTS UAS for operational use until the DoD develops a strategy to adequately assess and mitigate the risks associated with their use.

(U/FOUO) In addition you must suspend the use of COTS UASs until the DoD identifies and fields a solution to mitigate known cybersecurity risks.

(U/FOUO) I hold approval authority for any requests for exemptions, on a case by case basis, to support urgent needs.

(U/FOUO) The points of contact for this matter are Ms Ellen M, Lord, Under Secretary of Defense for Acquisition and Sustainment, and Mr, Dana Deasy, Department of Defense Chiefs Information Officer.