Pentagon developing ‘Scorecard’ database for assessing security threats

A massive database of all the vulnerabilities is going to be created at Pentagon for the government to stay one-step ahead of the hackers. The Pentagon security team will first establish a database of all the vulnerabilities ever found with their corresponding CVE number, and then will assess all of the computers in the network to stop hackers from exploiting them.

American computer networks will now have a security database helping the engineers to fix the potential threats before any hacker gang uses them to disrupt the work and leak the documents. Even though it is not easy for the hackers to crack the network, it is never hard to find a loophole.

The Pentagon officials are now looking forward to creating an automated scorecard that would stay updated with the latest happenings of the cyber security world. One of the officials said that initially it will be hard-coded, however, later it may detect and add new vulnerabilities automatically to help the engineers respond to a newly discovered exploit quickly.

As per the Pentagon, development of future weapons based on the precision of computer chips need to be secure. Cyber attacks are one of the serious issues hindering the progress. It was only a few days ago when hackers demonstrated how the self-aiming rifle can be compromised to target any other object in the range. It is one of the several examples where the security researchers have found a way to control one of the most sophisticated systems in this world.

Apart from this, the Pentagon is also looking forward to having a response team that would address a security breach. At about 6,200 officials will be trained to be a part of this project.

The prime focus of the upcoming ‘Scorecard’ and the response team would be to combat some of the greatest threats that could harm the entire network.

The scorecard will only have the vulnerabilities that have been found, however, the real gold for the hackers is the zero-day vulnerabilities. Zero Day is a technical term for the loopholes that are yet to discovered, and apparently many of them are on sale in the underground market. Russian black market is primarily the source where hackers get their hands on exploits selling for more than $50,000.

No computer is one hundred percent secured, but an extremely cautious approach can help mitigate the loopholes. A majority of attacks are because of human weaknesses, and the government must enforce a standard cyber security course in schools to prepare future generations for the upcoming cyber warfare.