The Defense Department faces hurdles to make sure U.S. weapons still work on a battlefield when they become the target of cyber warfare, according to a report from the Government Accountability Office.

The report cites a half-dozen challenges from RAND Corporation research about how to strengthen military cyber security. One is the potential for conflict between how a weapon needs to work and its electronic defense.

Good cyber security means making sure the trigger on a drone can only be used by the U.S. soldier in charge of it.

“Whereas somebody who’s out in the field might curse the thing for saying, what do you mean I need to put in my password right now,” Dr. Jon Haass professor of cyber intelligence and security at Embry-Riddle Aeronautical University in Prescott.

The life-or-death need to react quickly in battle sometimes means a weapon doesn’t meet all cyber security standards, he said. 

Cyber attackers also have a key advantage for trying to disable U.S. weapons on the battlefield, according to the congressional watchdog report about ongoing effort to make the military pay closer attention to cyber security.

Enemies only need one cyber weakness to attack, Haass said. But the U.S. has to patrol an entire complicated system just to detect their presence.

“Then we have to find out how they’re attacking us. And we have to stop them. But we’re busy also operating the Department of Defense,” he said.

There is one cyber vulnerability in every 1,000 lines of code used in a U.S. weapon system, Haass said.