US Drone Fleet Hit By Computer Virus 370
New submitter Golgafrinchan passes along this quote from an article at Wired:
"A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over Afghanistan and other warzones. The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech's computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military's most important weapons system.'"
No anti-virus? (Score:4, Interesting)
Ok, so I understand that these computers are to never be connected to the internet, but why does that mean that they don't put security software on them?
Yes, they would have to do updates manually, and it's a low risk situation, but it is a prime target for foreign adversaries and allies alike.
Re:duh (Score:4, Interesting)
Hell, in Linux a simple rootkit can work just by editing the system commands like ls.
That is as simple to detect as installing TripWire.
And keeping your checksum values on non-writable disks (like CDs), and using another computer to regularly scan your computer offline, and maybe throw some known changes in occasionally. Because if tripwire is replaced with a program that just says "yup, checksum's good. no need to worry", then it's no better than a sleeping security guard.
Can't resist: (Score:4, Interesting)
box of Kleenex $4
USB key $5
Satellite military uplink $150/hr
Hellfire missile $68,000
Predator MQ-1 Drone, $40 million
Being able to rain firey death from 10,000km away onto unsuspecting Afghan targets while a the same time masturbating on the internet: priceless
Re:Iran Payback ? (Score:4, Interesting)
I'm not sure it matters who it is. What matters is that if you can intercept a keystroke, you can inject one, and that if you log sequences you know command sequences. That knowledge never needs to go anywhere outside the virus - if the virus catalogs how to do X, Y and Z then an unauthorized user merely needs to tell the virus that it is to replay the sequence to do X, Y or Z. The user doesn't need to know anything other than what macro does what.
For most nations, it just doesn't make sense to do this with any current mission - that we know of, at least. Scripting a drone attack only makes sense if the drone has attacked a point that the person who wrote the virus will want to attack in the future. This is great if you're a nation defending against an attacker overrunning your positions, since you can get the attacker's weapons to attack the attacker. But no current target nation has the capacity for such a strategy and even if they did it would be pointless. It wouldn't be useful at all in Libya, for example, and the draw-down in Afghanistan means the probability of there ever being a meaningful target is next to zero.
Israel is a remote possibility - they've the knowledge - and there are doubtless drone surveillance missions that the Israelies could turn into attacks and keep plausible denial. However, it's exceedingly remote. Most of their threats don't distinguish between the US and Israel, so plausible denial is pointless, and they've enough support to be able to obtain all the US-made drones they want. There's no obvious added value.
The Mexican drug cartels are hampered by drones, but not usually by the high-end military ones, and being able to launch a replay would be absolutely pointless. If they were to have the kind of savvy needed, it would more likely go into a logic bomb that would cripple the drone. It's just possible they'd want to divert a drone to some site of theirs so that they could use it for their own purposes, but you'd not want a logger for that. Makes no sense. Besides which, if they had that kind of skill, they wouldn't need cheap cop drones.
China? Maybe, but again if they wanted a Predator they'd be better off with a logic bomb that disabled the radios and landed the UAV somewhere they could pick it up from. They wouldn't use loggers because there'd be nothing worth logging.
This isn't making sense. The story so far is too illogical. Those with the skills would be doing something different, those who want to do what is claimed don't have the skills.