The United States Department of Defense is conducting damage control after the head of the Pentagon’s multi-billion dollar F-35 fighter jet program said he has doubts those planes could withstand a sophisticated cyberattack.
The F-35 program manager, Air Force Lieutenant General Christopher Bodgan, told the US Senate Armed Service Committee on Wednesday that he was “not that confident” about the security measures that the plane’s manufacturers have allegedly implemented in the costly fleet of airships they’re supplying to the Pentagon.
"I'm a little less confident about industry partners to be quite honest with you ... I would tell you I'm not that confident outside the department,” he told the panel.
The fleet of F-35s is on schedule to be the most expensive weapons program in the history of the US, but has encountered numerous setbacks along the way. Speaking at a conference in February, Bodgan said that manufacturers Lockheed Martin and Pratt & Whitney were purposely attempting to get as much money possible out of the Pentagon — even if the cost for acquiring and operating the fleet stands to come to close to $1 trillion when all is said and done.
“What I see Lockheed Martin and Pratt & Whitney doing today is behaving as if they are getting ready to sell me the very last F-35 and the very last engine and are trying to squeeze every nickel out of that last F-35 and that last engine,” Bogdan said in February at the Australian International Airshow.
US Senator John McCain (R-Arizona) asked Bodgan this week to weigh in further, to which the F-35 program manager said relations between the Pentagon and its contractors have been better as of late — even if his suspicions remain about the cybersecurity abilities of the aircraft.
“Doing business with both companies has been difficult and is getting better. I was seeing behaviors in which I thought over the next 30 or 40 years were not sustainable for us or either one of those industry partners,” Bodgan said before addressing staff changes that could explain the new attitude.
“First and foremost, there have been significant leadership changes at Lockheed Martin over the last few months, all the way up and down the F-35 chain. The deputy program manager, the program manager, the president of Lockheed Martin aero and the CEO have all changed out,” he said.
Bodgan’s remarks about the alleged security flaws of the fleet of fighter jets come amid heightened calls for improved national cybersecurity but also at the same time that the computer networks used onboard a $37 billion fleet of Navy warships have been called into question. RT reported earlier this week that a Navy official told Reuters that the fleet’s lead ship, the USS Freedom, was found to be vulnerable to cyberattacks during recent penetration tests.
The Pentagon quickly refuted the Reuters article, and the Pentagon’s director of weapons testing said authorities acted to remedy those vulnerabilities as soon as they were discovered. Now the Defense Department is once again answering questions after yet another weapons program has been critiqued for what could be a critical security flaw.
Responding to Bodgan’s remarks this week, the Pentagon says that it’s "fully aware of evolving cyber threats and is taking specific action to counter them for all fielded systems, including F-35."
"The F-35 is no more or less vulnerable to known cyber threats than legacy aircraft were during their initial development and early production," spokesman Joe DellaVedova tells Reuters.
Both manufacturers involved in the building of the aircraft answered questions fielded by Reuters as well, and both downplayed Bodgan’s suspicions.
"We take this mission very seriously," says Lockheed spokesman Michael Rein. "We have placed special emphasis on intelligence analysis, characterization and prediction - an intelligence driven response in order to ensure agile response to attack and enhanced resilience of our systems."
Matthew Bates, a spokesperson for Pratt & Whitney, adds, "We do not discuss details of our cyber security initiatives, but we have a well-established strategy in place to protect our intellectual property and company private data, as well as our customer's information, against cyber threats.”