New
#1
Just how old are their computers ?
The US Air Force has quietly replaced the infamous floppy disks it was using to manage the country's nuclear arsenal with what sources described as a "highly-secure solid state digital storage solution."
Read more: US stopped using floppy disks to manage nuclear weapons arsenal | ZDNet
Ever been to PC World (UK computer store), their systems are still on Windows 2000.
The Military generally buys custom-built solutions that are designed to do a few very specific tasks -- but to do them very well. And while they often buy tens of thousands of them, they also buy SPARES -- so that faulty units can be easily replaced.
Replacing such equipment with something newer is not as simple a matter as simply going online and buying a newer computer, instead, it is a very costly and lengthy process of having an entirely new system designed, built, and deployed -- along with spares for that, as well.
Additionally, when you have highly classified systems, not just anyone can bid on the contracts and/or supply the equipment. The supplier market is very small and populated by firms that make a lot of money supplying such equipment -- and they know the replacement process takes YEARS to make happen.
If a system does a few things and does them well, and you have folks trained in its maintenance and operations, and you have plentiful replacements, then what is the incentive to replace it? basically -- none.
This is similar to pressuring global corporations that have tens of thousands of Win7 PCs to upgrade them all to Win10 -- just to have the "latest and greatest". It makes little practical sense.
And, in the case of these systems, there are other checks and balances in place to offset the pure age of the equipment, so it's not like someone struggling to use an old XP-era PC to do modern computing tasks and having the PC crash on them several times a day.
The media takes great delight in dramatically over-stating the risks of using such older systems -- making this another of a long list of non-story stories.
From The OP's Link
"You can't hack something that doesn't have an IP address. It's a very unique system - it is old and it is very good," Lt. Col. Rossi told C4ISRNET. "I joke with people and say it's the Air Force's oldest IT system. But it's the age that provides that security."
However, SACCS is not faring much better than other US nuclear systems. Last year, the US Department of Defense Inspector General (DOD IG) found that the Missile Defense Agency (MDA) had very poor cyber-security practices, such as not using antivirus programs, not using encryption to secure sensitive data, not using multi-factor authentication solutions, and not patching software flaws, some of which were 28-years-old.