Its efforts in cybersecurity have been so uncoordinated between services, inconsistent in its execution and uncertain in its goals, that the DoD admitted earlier this week it essentially has no coherent or effective plan to defend the U.S. against cyberattack.
And, despite threats spoken in harsh voices from under large hats at the Pentagon that attacks made entirely in cyberspace could be made kinetic if foreign hackers ticked them off badly enough, the DoD has done little but agree with the GAO report that it needs to get its staff together on the whole cyberwar thing, and will do so any day now.
So it's not surprising there hasn't been much response to the shameful record revealed in McAfee's report this week.
Part of the reason is that the revalations didn't surprise anyone.
Most of the reason is that, despite knowing in detail about the continued risk as well as the nature, source and method of the attacks, none of the Western "state actors" on the receiving end of five years worth of sustained and consistent attacks has done a damn thing to stop them.
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.