August 27, 2010

For want of a nail

From CNet News:
Bad flash drive caused worst U.S. military breach
A malware-laden flash drive inserted in a laptop at a U.S. military base in the Middle East in 2008 led to the "most significant breach of" the nation's military computers ever, according to a new magazine article by a top defense official.

The malware uploaded itself to the U.S. Central Command network and spread undetected on classified and unclassified computers creating a "digital beachhead, from which data could be transferred to servers under foreign control," William J. Lynn III, U.S. deputy secretary of defense, wrote in his essay in the September/October issue of Foreign Affairs.

"It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary," he wrote. This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wake-up call. The Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyberdefense strategy."
That's got to hurt... When I worked for Microsoft, every so often an email would come out saying to not open a specific email or attachment. This was ten years ago before people were more savvy about malware. Security online is one thing -- a physical breach like this is another and is much harder to defend against. Posted by DaveH at August 27, 2010 7:05 PM
Comments

Which is exactly why USB memory sticks are strictly forbidden in any .mil netwirked computer. No more putting work docs on a stick to take home or carrying in your music to listen to or term paper to print on the job. None. Nada. It is a firing offense nowadays.

Posted by: Nate at August 27, 2010 8:40 PM
Post a comment









Remember personal info?