Why are DOD assets connected to the commercial Internet anyway??? The DOD should have all sensitive computers off of the grid and the DOD should create its own grid off of the World Wide Web for its own internal use, with its own Operating Software. External drivers would be banned from the network, and there would be no outside access to the network, except for Federal departments that need to have it. That would put an end to most of these cyberattacks cold.
Military computers drastically limit which websites can be accessed and most emails with attachments not coming from another military email or contractor’s email are not delivered.
Most likely this was brought in on someone’s thumb drive as something they downloaded at home is the theory I’ve heard around here.
As for thumb drives and other externals, many offices purchase them for their senior mgmt as a way for them to work at home w/o having to take the laptop home. Much more can be lost if a laptop is misplaced or stolen.
Everything classified is. But the military does work with a lot of unclassified systems, and those are for the most part plugged in to the Internet, although with a LOT of security hardware in between.