“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.

Someone needs to figure out how this malware got on the network in the first place.



  1. BigBoyBC says:

    Anyone not see this coming? Just imagine what it going to be like when these drones are flying over our houses and cities. Who needs to train hijackers to fly jets into skyscrapers, all they need is a hacker and some kid and his Xbox.

    The US Goobermint, gett’n dumber by the minute…

  2. Drake says:

    Like to see them program the drones to work like boomerangs.

  3. Anonymous says:

    Sounds like the bonehead’s in room 614A got bored or anxious. It’s almost like real life imitating fiction and this very well could be an episode ripped right out of Mad magazine’s Spy vs Spy!

    White spy builds secret drone plane. Black spy shoots it down. White spy builds it again and arms it. Black spy hacks into guidance system with assistance from the famous Acme mail order company (a.k.a. AT&T). White spy tries to fire on black spy. Black spy laughs when drone plane explodes.

    Can’t anyone (journalist) put two and two together here? This would almost be too funny if it weren’t TRUE!

  4. nobodyspecial says:

    White team build drone to fly around 3rd world country bombing them. Black team build drone to do same.

    White team drone attacks black team drone, black drone fights back.

    After some time both teams realize that they didn’t actually have any drones and both have just been playing computer games.

  5. Milo says:

    Putting military capability in the hands of the CIA has a mixed track record.

  6. WmDE says:

    http://youtube.com/watch?v=bOkTT_-VMhM

    Arrrggh! All this change and it still chokes on WWW!

  7. Publius says:

    In the jobs section of the Philadelphia Inquirer in 1999, Lockheed was trying to recruit virus programmers.

    Can you say “self-inflicted embarrassments on US military drones?”

  8. deowll says:

    So all this personal information the government is collecting. How many of you are smart enough to expect that to leak too?

  9. admfubar says:

    “Someone needs to figure out how this malware got on the network in the first place.”

    uhm lemme see, they are using windows, that’s how it gets in!

  10. Fuzzy Rabbit says:

    Evidently our drones are controlled over the public internet. I wonder if our nuclear missiles are also launched via the internet?

    I think I’ll watch the movie War Games (1983) tonight.

  11. Dr_Wally says:

    Well, if it was an intentional attack it failed. The key proposition is to AVOID DETECTION and it didn’t. I am actually much more concerned about the nasties just camped out quietly somewhere, that nobody knows about or suspects. Paranoid? How about an attack that loads a sneaky nasty and an easily found “cover” virus. You think you got it and get complacent again. The only thing we have going for us right now? It is an unreliable weapon: The bad guys can’t know if they have succeeded in achieving widespread penetration and if the “payload” actually will deliver without testing it, which blows its cover.

    As for how it got into the network? There are literally hundreds of ways, some as simple as loading up a few dozen flash drives with a virus that opens when the flash drive is inserted. Then seed the flash drives around: drop ’em in public restrooms, the parking lot, cafeteria and folks will pick ’em up and plug ’em it just to see whats on it, perhaps with the very benign intent of attempting to return it to its owner. Boom! You’re in. Want to ensure it get loaded? Write a department name or number on the outside. What would you do if some jamoke wandered into your cube and handed it to you with your department name on it. Uh-huh……

  12. jinny says:

    Most of the keylogger software likehttp://microkeylogger.com/ can be killed by antivirus. Why this one always come back?

  13. Ernie_07 says:

    Unless windoze operating systems get rewritten to include the security provided by Unix and Linux, viruses and malware will continue to result in wasted resources. I would not be surprised to discover that the decision to create the drone control system on windoze instead of the much more secure Linux platform was made by a high-level non-technical manager who believes that an iPhone is just an upgraded iPod.

  14. McCoy Pauley says:

    They were going to the Kaspersky site to look up removal instructions??? You have GOT to be kidding me!!! Right???? PLEASE tell me you’re kidding me!!!!!

  15. Cobra says:

    Anyone else notice that the picture is of UK RAF officers not USAF.

  16. CrankyGeeksFan says:

    This attack seems to be a classic failure of relying, apparently almost exclusively, on “security by obscurity”.

    A few years ago this blog posted a story on Iraqi insurgents intercepting video that was transmitted between Unmanned Aerial Vehicles and U.S. troops. The video was unencrypted. Military leaders knew of this vulnerability since the 1990s.

  17. alessandro says:

    are these the same drones that transmit video in the clear? geez

    http://wired.com/dangerroom/2009/12/insurgents-intercept-drone-video-in-king-sized-security-breach/


0

Bad Behavior has blocked 5495 access attempts in the last 7 days.