Weapons Systems Designed Before 2010 Have No Cybersecurity Architecture at All

The majority of the Pentagon's major weapons systems -- F-15s, Abrams tanks, DDG-51 destroyers, Patriot missile batteries -- were designed and fielded before cybersecurity was a design consideration. These platforms have serial buses, unencrypted data links, default passwords, and no intrusion detection. They were built on the assumption that physical security (being on a military base or in a war zone) was sufficient protection. This matters because these systems are now being networked together in ways their designers never anticipated. The Army's Project Convergence and the Joint All-Domain Command and Control (JADC2) initiative require legacy platforms to share data across networks. Every time an engineer connects a 1990s-era fire control system to a modern IP network, they create an attack surface that the original system has zero ability to defend. The real pain is that a single compromised legacy subsystem can cascade across an entire kill chain. If an adversary can tamper with the targeting data on a legacy radar feed, every downstream system that consumes that data -- missile batteries, fighter aircraft, command posts -- acts on corrupted information. Operators have no way to verify data integrity because the original system has no authentication or checksums. Retrofitting cybersecurity onto legacy weapons is prohibitively expensive and often technically impossible. The Government Accountability Office found that some systems use custom processors and proprietary software that the original manufacturers no longer support. Rewriting the software would require re-certifying the entire weapons system, a process that costs hundreds of millions of dollars and takes 5-10 years. The structural reason this persists is that the DoD acquisition system treats cybersecurity as a separate compliance requirement rather than an engineering constraint. Program managers are incentivized to hit cost and schedule milestones, and cybersecurity testing is typically the last gate before fielding -- the point at which schedule pressure is highest and willingness to fix problems is lowest.