The Defense Department’s office of the Inspector General has identified a series of significant security flaws in the supply chains associated with at least four ongoing military space programs the Pentagon has deemed critical to national defense. The audit, which set out to identify any potential threats in these four programs, found issues across each one of them.

The four programs investigated were the Space Based Infrared System, which scans for and identifies missile launches as an integral part of America’s missile defense apparatus, as well as less extensive reviews of the Air Force satellite control network, beyond-line-of-sight thermal sensors, and the global positioning system (GPS) satellites relied upon for navigation in both defense and civilian applications.

In a redacted report released late last week, auditors identified a series of issues in the Space Command’s supply chain practices, despite having established initiatives that aimed to do so. These initiatives, it seems, were discussed, but the Air Force failed to properly implement them into actual practice.  The Inspector General’s report cites a number of failures, including failing to conduct an analysis of programs that identified critical components and their associated supplies so as to prevent any foreign infiltration, failing to conduct thorough threat analysis on suppliers, failing to source components only from trusted suppliers, and failing to thoroughly test and evaluate components to these ends. According to the report, these issues permeated throughout all four programs that were audited.

“As a result, an adversary has opportunity to infiltrate the Air Force Space Command supply chain and sabotage, maliciously introduce an unwanted function, or otherwise compromise the design or integrity of the critical hardware, software, and firmware,” the report reads.

The security concerns identified by the Inspector General’s report are not particularly new: the United States has long identified the use of foreign sourced electronic components as a potential threat to defensive applications, and procedures are supposed to be in place to mitigate or offset any such risk. Infiltration of the supply chain by a foreign government like China could have any number of potentially harmful effects, the most egregious of course being a complete failure of the system the component was installed in, but a there is also a litany of less conspicuous threats to be concerned about. The exfiltration of important data or technical specifications, for instance, might not render a platform unusable but could offer national level opponents important intelligence regarding the weapons and defensive systems being developed by the United States that use said components.

Because of this threat, the Defense Department mandates that critical components in defensive systems be identified and sourced only from heavily vetted suppliers that the DoD sees as “trusted.” In their effort to address defensive concerns pertaining to orbit, the report indicates, the Air Force did not abide by these restrictions, potentially placing all four programs relied upon for everything from providing warning of a missile launch to helping aircraft carriers navigate, at risk.

Recently, President Trump directed the establishment of a new branch of the American armed forces tasked specifically with space defense, though his mandate has been met with harsh criticism from those who believe the endeavor is best left in the hands of the Air Force, where it currently resides. Critics of the Air Force’s approach to orbital defense, however, have long claimed that the branch devotes too little time, energy, and resources into the threats posed to the nation from orbit, and the findings of the Inspector General may offer some support to that position. Failing to adhere to established supply chain regulations may have made some programs more viable within the budgetary restrictions the Air Force is working with, but doing so in a manner that may leave those programs compromised offers little in the way of legitimate defense readiness.