Malware-Riddled Flash drive Created “Worst” U.S. Military Breach

A malware-laden flash drive inserted in a laptop at a U.S. military base in the Middle East in 2008 led to the “most significant breach of” the nation’s military computers ever, says William J. Lynn III, deputy secretary of defense in a newly released essay titled “Defending a New Domain: The Pentagon’s Cyberstrategy,” for the September/October issue of Foreign Affairs magazine. (you must register to read full article)

The article says the flash drive is believed to have been inserted by a “foreign intelligence agency” and the malware infiltrated the U.S. Central Command network and spread undetected on classified and unclassified systems creating a “digital beachhead, from which data could be transferred to servers under foreign control”. “It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary,” writes Lynn.

This incident is reportedly the most significant breach of U.S. military computers to date, and served as a wake-up call. In response, the Pentagon launched Operation Buckshot Yankee marking a turning point in U.S. cyberdefense strategy.

In the article, Lynn estimates that over 100 foreign intelligence agencies are working to hack into U.S. networks and that some countries already have the ability to disrupt our communications, saying “Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks that control critical civilian infrastructure. Computer-induced failures of U.S. power grids, transportation networks, or financial systems could cause massive physical damage and economic disruption.”

The scope of intrusions by hostile organizations and countries is staggering. Over the last ten years, the sophistication and frequency and of probes into U.S. military networks have increased exponentially. Every day, U.S. military and civilian networks are scanned millions of times a day, and Lynn says and files including weapons blueprints, operations plans, and surveillance data, have been stolen.

Lynn highlights the threat of counterfeit computer hardware which has been found in systems purchased by the Department of Defense, and of hardware and software that has been tampered with en route to the U.S..

“The risk of compromise in the manufacturing process is very real and is perhaps the least understood cyber threat. Tampering is almost impossible to detect and even harder to eradicate. Rogue code, including so-called logic bombs, which cause sudden malfunctions, can be inserted into software as it is being developed. As for hardware, remotely operated ‘kill switches’ and hidden ‘backdoors’ can be written into the computer chips used by the military, allowing outside actors to manipulate the systems from afar,” says Lynn.

“Cyberattacks offer a means for potential adversaries to overcome overwhelming U.S. advantages in conventional military power and to do so in ways that are instantaneous. and exceedingly hard to trace. Such attacks may not cause the mass casualties of a nuclear strike, but they could paralyze U.S. society all the same,” he wrote. “In the long run, hackers’ systematic penetration of U.S. universities and businesses could rob the United States of its intellectual property and competitive edge in the global economy.”

What this means to you, and your role in protecting the country’s infrastructure

Every computer connected to the internet has the potential to impact the safety of the broader ‘net. In spite of the serious threats, the answer isn’t to unplug your computer and head for the hills. Instead, it is essential that you make sure your computers and internet connections are secure with proactive protection software that automatically updates; that you use strong, unique passwords and you keep them private; and you learn to avoid socially engineered exploits. It also means that every family member and/or anyone else who uses your computer(s) follow the same security rigor.

  1. Secure your computer. If your computer isn’t protected from Trojans, viruses, bots, and other malware your financial information and passwords and identity will be stolen harming you, and potentially spreading the malware to others. This concept is so basic, yet only 20% of the US population adequately protects their computers. If the cost of security software is prohibitive, use one of the excellent free services.
  2. Secure your Internet connection – make sure your computer’s firewall is on. If you use a wireless network it needs to be encrypted so someone who is lurking outside the house can’t collect your information. If you need a free firewall, click here.
  3. Use strong passwords. A weak password is all it takes for someone to steal it. If you use the same password on multiple sites (or everywhere) you are asking for real trouble. Safe passwords don’t have to be hard to create; just hard to guess
  4. When searching, Do NOT assume sponsored sites are safe. Because I use McAfee Site Advisor (it’s free), I see a warning notifying me of the risk. Without a tool like this, you have no way of judging if the site is legitimate or going to give you malware, spam, etc… There are other companies offer similar services; pick one and use it!
  5. Trust is Key. Know the Site. Know the User. Know the Company. Misplaced trust will land you in a world of trouble
    1. You can no longer assume that links within trusted sites are safe. IBM’s research highlights the increase in malicious content placed on trusted sites.
    2. Be cautious and stay in the driver’s seat. Instead of clicking on a link, copy the URL into a search engine query and look at the results. Does the site have a positive safety rating? Don’t be pulled by links that may or may not take you where you want to go. This is particularly true with ‘shortened’ or ‘mini’ links used on sites like Twitter. If you do not have 100% confidence that the link is going to take you to a legitimate site, look up the material yourself. Learn how to Mitigate Risks When Using Shortened URL’s.


Additional Resources


Comments are closed.

%d bloggers like this: