Saturday, October 8, 2011
Computer virus infects military drones
A fleet of U.S. military drones on a Nevada Air Force base has been infected by a keylogger virus that tracks every key and button their pilots press, Wired.com reported Friday -- and top Air Force sources strongly contested.
The virus was first noticed by officials at Creech Air Force Base nearly two weeks ago using the base's security system. It logged every keystroke of the pilots in the control room on the base as they remotely flew Predator and Reaper drones on missions over Afghanistan and other battle zones.
There has been no confirmation of information being lost or sent to an outside source, but the virus has been resistant to military efforts to clear it from the system.
"We keep wiping it off, and it keeps coming back," a source told Wired.
It's not immediately clear whether the virus hit the system intentionally or by accident. But the existence of ordinary-seeming computer viruses on what should be the most extraordinarily secure of military systems is far from shocking, said Anup Ghosh, a former scientist with the Defense Advanced Research Projects Agency (DARPA) and chief scientist with security company Invincea.
They're just computers, after all.
"[The drones] are controlled by standard PCs," Ghosh told FoxNews.com. "None of this should be surprising." The system should be replaced or "re-imaged" with a virus-free, bit-for-bit copy of the data on the drive in order to get rid of the infection, he said..
"If they are connected to a larger network they will be infected again," he said.
A senior Air Force source with knowledge of the drone program and familiar with the virus that was caught in recent weeks told FoxNews.com that Wired's story is "blown out of proportion" and "vastly overwritten."
"The planes were never in any jeopardy of 'going stupid'," the source said, and the virus "is not affecting operations in any way ... it showed up on a Microsoft-based Windows system. We have a closed-loop system and heavily protected cockpits -- the planes were never in jeopardy."
The virus was introduced when the Air Force was transferring data maps between systems using external hard drives, he said. Very quickly the Air Force protective network tracked the virus.
"The system worked," the Air Force official said.
In the last 12 hours the Air Force ran some clearing software to make sure the viral agents weren't lying dormant in the system. They found some non-descript viral agents at what was described as a "third- or fourth-level function" and dealt with them.
The U.S. military has increasingly been relying upon drones to conduct surveillance and air strikes on enemy targets. The Air force currently uses 150 MQ1 Predator drones and 50 MQ9 Reaper drones over Afghanistan and Iraq.
Drone planes similar to the ones infected were recently used in a CIA-directed strike against American-born terrorist Anwar al-Awlaki in Yemen on September 30.
This is not the first time that U.S. drones have been infected. In 2009, U.S. troops discovered drone footage on the laptops of Iraqi insurgents. The insurgents had stolen the video with easy to access software that cost $26, Wired reported.
In the fall of 2008, a cyberworm inched its way through military networks as well. The effort to erase it was dubbed Operation Buckshot Yankee.
"It may have to be determined if this new threat was an original attack or a residual from Buckshot Yankee," Ghosh told FoxNews.com.
Read more HERE
Posted by Steve Douglass at 5:37 AM