Saturday, July 24, 2021

US – DoD pulls the plug on COTS drones

Just leave this here with a hat tip to our favourite cybersecurity geek. This memo has been being spoken about and seen in chat rooms across the web.

SUBJECT: (U/FOUO) Unmanned Aerial Vehicle Systems Cybersecurity Vulnerabilities  

(U/FOUO) On May 14, 2018 the DoD Inspector General found that DoD has not implemented an adequate process to access cybersecurity risks associated with using commercial-off-the-shelf (COTS) Unmanned Aerial Systems (UAS).

(U/FOUO) Effectively immediately, you must suspend purchases of COTS UAS for operational use until the DoD develops a strategy to adequately assess and mitigate the risks associated with their use.

(U/FOUO) In addition you must suspend the use of COTS UASs until the DoD identifies and fields a solution to mitigate known cybersecurity risks.

(U/FOUO) I hold approval authority for any requests for exemptions, on a case by case basis, to support urgent needs.

(U/FOUO) The points of contact for this matter are Ms Ellen M, Lord, Under Secretary of Defense for Acquisition and Sustainment, and Mr, Dana Deasy, Department of Defense Chiefs Information Officer.

Gary Mortimer
Founder and Editor of sUAS News | Gary Mortimer has been a commercial balloon pilot for 25 years and also flies full-size helicopters. Prior to that, he made tea and coffee in air traffic control towers across the UK as a member of the Royal Air Force.