[ISN] Exclusive: Computer Virus Hits U.S. Drone Fleet

From: InfoSec News <alerts_at_private>
Date: Mon, 10 Oct 2011 04:05:13 -0500 (CDT)
http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/

By Noah Shachtman
Danger Room
Wired.com
October 7, 2011

A computer virus has infected the cockpits of America’s Predator and 
Reaper drones, logging pilots’ every keystroke as they remotely fly 
missions over Afghanistan and other warzones.

The virus, first detected nearly two weeks ago by the military’s 
Host-Based Security System, has not prevented pilots at Creech Air Force 
Base in Nevada from flying their missions overseas. Nor have there been 
any confirmed incidents of classified information being lost or sent to 
an outside source. But the virus has resisted multiple efforts to remove 
it from Creech’s computers, network security specialists say. And the 
infection underscores the ongoing security risks in what has become the 
U.S. military’s most important weapons system.

“We keep wiping it off, and it keeps coming back,” says a source 
familiar with the network infection, one of three that told Danger Room 
about the virus. “We think it’s benign. But we just don’t know.”

Military network security specialists aren’t sure whether the virus and 
its so-called “keylogger” payload were introduced intentionally or by 
accident; it may be a common piece of malware that just happened to make 
its way into these sensitive networks. The specialists don’t know 
exactly how far the virus has spread. But they’re sure that the 
infection has hit both classified and unclassified machines at Creech. 
That raises the possibility, at least, that secret data may have been 
captured by the keylogger, and then transmitted over the public internet 
to someone outside the military chain of command.

[...]


_____________________________________________________________
FINAL CALL to register #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/
Received on Mon Oct 10 2011 - 02:05:13 PDT

This archive was generated by hypermail 2.2.0 : Mon Oct 10 2011 - 02:04:57 PDT