“The U.S. government’s unmanned Predator and Reaper drones are continuing to fly remote missions overseas despite a computer virus that has infected the plane’s U.S.-based cockpits, according to one source familiar with the infection,” Andrea Shalal-Esa and Phil Stewart report for Reuters.
“Government officials are still investigating whether the virus is benign, and how it managed to infect the heavily protected computer systems at Creech Air Force Base in Nevada, where U.S. pilots remotely fly the planes on their missions over Iraq, Afghanistan and elsewhere,” Shalal-Esa and Phil Stewart report. “Armed tactical unmanned planes have become an increasingly valuable tool used by the U.S. government to track and attack individuals and small groups overseas, but the virus underscores the vulnerability of such systems to attacks on the computer networks used to fly them from great distances.”
MacDailyNews Take: “Such systems.” Next time, use a real system.
Full article here.
Noah Shachtman reports for Wired, “The virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system. ‘We keep wiping it off, and it keeps coming back,’ says a source familiar with the network infection, one of three that told Danger Room about the virus. ‘We think it’s benign. But we just don’t know.'”
MacDailyNews Take: Well, that’s reassuring. (smirk)
“Military network security specialists aren’t sure whether the virus and its so-called ‘keylogger’ payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech,” Shachtman reports. “That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.”
Shachtman reports, “Despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, U.S. forces discovered ‘days and days and hours and hours’ of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.”
“None of the remote cockpits are supposed to be connected to the public internet. Which means they are supposed to be largely immune to viruses and other network security threats,” Shachtman reports. “But time and time again, the so-called ‘air gaps’ between classified and public networks have been bridged, largely through the use of discs and removable drives. In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later.”
MacDailyNews Take: Some “security specialists.” What’s their code name, “The Keystone Kops?”
Read more in the full article here.
MacDailyNews Take: Gee, neither Reuters nor Wired seem to have seen fit to mention which insecure mess of an OS is at fault here. You’d think people would want to know that bit of info, would’t you? Let’s look elsewhere…
NewsCore reports, “A senior Air Force source with knowledge of the drone program told FOX News Channel that the… virus “showed up on a Microsoft based Windows system.”
MacDailyNews Take: Wow, what a huge surprise.
Read more in the full article here.
MacDailyNews Take: When you stupidly deploy insecure junk, expect to get trashed.
Related articles:
The Microsoft Tax: ‘Indestructible’ botnet attacks millions of Windows PCs; Macintosh unaffected – July 1, 2011
The Microsoft tax: Stuxnet computer worm infects Microsoft’s porous Windows OS; Mac unaffected – September 27, 2010
The Microsoft Tax: New undetectable Windows trojan empties bank accounts worldwide; Mac unaffected – August 11, 2010
The Microsoft Tax: Windows zero-day flaw exposes users to code execution attack; Mac unaffected – August 09, 2010
The Microsoft Tax: Critical flaw lets hackers take remote control of Windows PCs; Mac unaffected – August 07, 2010
The Microsoft Tax: New attack bypasses every Windows XP security product tested; Mac unaffected – May 11, 2010
The Microsoft Tax: McAfee correctly identifies Windows as malware; Macintosh unaffected – April 21, 2010
The Microsoft Tax: DNS Windows PC Trojan poses as iPhone unlock utility; Mac and iPhone unaffected – April 15, 2010
The Microsoft Tax: 1-in-10 Windows PCs still vulnerable to Conficker worm; Macintosh unaffected – April 08, 2010
The Microsoft Tax: 74,000 Windows PCs in 2,500 companies attacked globally; Mac users unaffected – February 18, 2010
The Microsoft Tax: Widespread attacks exploit Internet Explorer flaw; Macintosh unaffected – January 22, 2010
The Microsoft Tax: Windows 7 zero-day flaw enables attackers to cripple PCs; Macintosh unaffected – November 16, 2009
The Microsoft Tax: Windows 7 flaw allows attackers to remotely crash PCs; Macintosh unaffected – November 12, 2009
The Microsoft Tax: Windows virus delivers child porn to PCs, users go to jail; Mac users unaffected – November 09, 2009
The Microsoft Tax: Worms infest Windows PCs worldwide; Mac users unaffected – November 02, 2009
The Microsoft Tax: Banking Trojan horse steals money from Windows sufferers; Mac users unaffected – September 30, 2009
The Microsoft Tax: Serious Windows security flaw lets hackers to take over PCs; Macintosh unaffected – July 07, 2009
The Microsoft Tax: Windows Conficker worm hits hospital devices; Macintosh unaffected – April 29, 2009
The Microsoft Tax: Conficker virus begins to attack Windows PCs; Macintosh unaffected – April 27, 2009
The Microsoft Tax: Conficker’s estimated economic cost: $9.1 billion – April 24, 2009
Such a shame to resort to 3rd rate equipment and software. Our troops / nation deserve the best. The pay is low and risks are high.
To add this CRAP in the mix is just stupid!
The term SNAFU and FUBAR come to mind!
lmfao. One sec well I get up off the floor.
I’m from Canada and I must say,
“Dave’s not here man.”
Even quite dumb people have to know that they should not choose any military or otherwise critical mission systems to be controlled by such contaminated platform as Windows.
The people who made the decision should be jailed, because they actually endanger people’s live with their
bribedunexplainable choices.I do so agree with you. In the Navy we were forced to use M$ word and the like because some Adm wrote that we had to. Years later a rumor came about that M$ had hired a guy by the same name. Not sure if it’s true.
But recall the ship that was ran by M$ software and the system crashed because of a divide by zero error? It had to be towed back to port. I am sure a bunch of people got promoted over that!
what i do not get, WHY allow those using these computers to have free reign with internet access. restrict the access, certain sites only. they should have been closed systems. remove the drives, any any attempt to plug in a non secured USB thumb drive… flags a network admin. (It’s what we do at work here..)
Military computers need to be more secure than they are, removing windows is just one security flaw.
I noticed that you avoided blaming Windows. Truth hurt?
thumb drives have been banned in (networked) DoD PCs for years.
Though it is sad the level of protections we’re forced to deal with due to being forced to use an inferior system.
And replying to others’ comments, it is not uncommon to see senior officers and NCOs retire and come back the next week working for a civilian contractor pushing the same products they used to use and push as service members.
They don’t have free access.
That’s those references to “air gaps” in the original article.
And all DoD Windows PCs (classified & unclassified) have had their USB Mass Storage driver disabled since 2008 (3 years).
And yet this stuff still happens.
Come on, its not like anyone’s gonna get killed with these things…
Oh, this is comforting.
i would bet anything I’ve got that if iOS had been the software the media would have been all over it, and selected analysts would have predicted the future of apple is now linked to drone hackage, and, of course, the short sellers would have their usual faux apple tip field day..
So the US Military is a super secure site gets malware, yet we hear from countless ‘expert’ Windows users that if you know what you are doing there’s no issue and THEY’ve never had any malware on their machines. Sure.
Can we infect the drones with a virus to wipe out a certain business campus in Redmond WA?
I’ll bet that the operators have been plugging flash drives into these systems probably think they’re playing video games and are taking copies home to play on their home systems.
Seriously, though, how are people being allowed to take flash drives or flash cards into a supposedly secure work space. It absolutely beggars believe.
These control systems are running Windows? Is that what I’m reading? I find that HARD to believe. That would be the stupidest decision ever. They spend billions building these systems, why would they choose Windows instead of some form of UNIX or write their own proprietary operating system?
This brings up a memory from the January 2007 keynote when Jobs proudly said:
“iPhone runs OS X” – man, that was a beautiful moment.
The avionics remote HUD and control side yep they run windows.
Seriously if you wanted to take the whole thing down you’d just need to plant a trojan that showed some hot chick on chick action while it delivered its payload, put it on a flash drive and hand it to any pilot in that place.
You’d 0wn them in no time.
What worries me about this, and i do IT security, is this…. So they have a known security threat on their network…. ok. What is running that they DON’T KNOW ABOUT?
If it was a Mac or iOS even the secret Vampire Empire would come out and report on it. See how these so called reporters are all scared of MS and their IT Masters.
The internet originated as the arpanet in the late 1960s. It was originally a DOD experiment in packet-switching networking limited to DOD and defense contractors and implemented on mainframes. Later there were two pieces of legislation that Al Gore pushed through that allowed the internet to be commercialized and extended to the general public. Since the Internet is at its heart a tool for the US military, and since they’ve been using it for the last 42 years, they can’t avoid it.
The US Navy (including the Marines) has a one-size-fits-all policy about computers. Everyone has the same browser, the same browser version, the same version of WIndows, and everything is tightly locked down. One virus can knock them all down.
The US Army, on the other hand, has a policy of diversity. If you look up army.mil in Netcraft, you find they are running Windows Server 2003, Linux, FreeBSD, and OS X. The idea is that a problem with one OS won’t affect another. One problem cannot bring down the entire Army.
The Army’s main web site for the public, http://www.army.mil, is hosted on OS X.
Who do you think is behind it? The Chinese or Iran?
When I was about ten years old, I rode with my uncle to an military base. He went there to buy things at the post exchange. We watched two soldiers pick up a heavy item on one end of a loading dock and carry it about 50 feet to place it on a wheeled cart at the other end of the loading dock.
Uncle Al said to me, “That is our first line of defense.”
I’ve never forgotten that lesson.
Im not shocked personally.
2 things come to mind and i deal with interfacing with government computers at work.
First thing is some parts the government move s.l.o.w in IT. A large chunk of their stuff still requires IE6 and very old versions of java for.crying out loud. Shit isn’t patched like it should be. Its ridiculous from a security standpoint dealing with them.
2nd is the USB flash support in windows. Unless you take the steps to lock it down then right out of the box you have a barn door open for local exploitation.
Our hospital MRI equipment was infected in the same way. Machines costing millions of dollars used to help humans deserve better software than the Windows crap.
Typical for the military. Lowest bidder wins, life be damned. Hopefully one day the government will learn, but I won’t hold my breath.
“heavily protected computer systems”
Bullshit – if they were heavily protected then there’s no way in hell they’d be allowed to run Windows.
Also, I love how they have no idea if the virus is benign or not. How about opening it in a hex editor, guys? I know that’s not as good as if you had the sourcecode, but it’s still totally possible to determine what it does by looking at the raw opcodes. You do have computer science specialists who can do that. Right?
Oh…
This report prompted me to dig out and recycle my post regarding an MDN repost that the “German government plans to fund Microsoft malware bailout”
I am amazed at how the world tolerates the likes of Microsoft and the way they put out products that are so shoddy and full of weaknesses and vulnerabilities.
What is even more amazing is that the customers (individuals and corporates) of these companies willingly part with cash to acquire such defective products.
And yet more staggering is that society (and its representative, Government) has bought into the line that it is quite acceptable to have holes in these products. And that society feels that it is incumbent on the consumer to address the holes rather than have the backbone to demand that the provider of the products fix the product in the first place through remedial recall!
Absolute lunacy!
I put it down to the lack of visibility. No one can see how much real damage is inflicted on the World by the combination of shoddy software, viruses and the lack of regulators.
If this company made aircraft, every plane that fell out of the sky killing a couple of hundered passengers would create a litigation based movement ensuring a drive to find and fix faults quickly. In that industry, society has even created regulators like the FAA and NTSB to create further urgency to do so. Heck, at times, entire fleets of aircraft get grounded!
And in the event of a fatal air crash, regulators, insurance companies, lawyers and the in particular, families of the victims, all collectively bring pressure to bear on the manufacturer (in the form of litigation and large payouts) to ensure that ‘tombstone evolution’ occurs. Companies are either tombstoned (e.g., ValueJet) or they learn from the ‘tombstoning’ of their passengers and fix the problems at root.
Not so in the cushy world of software where no one tracks how many deaths were caused by failures in software let alone the cost of a virus attack!
Just why is it that software manufacturers are allowed to do this? Why aren’t the consumer groups vocal on this point? Why haven’t they been sued for loss of life?
Now, wouldn’t it be a ‘game-changer’ if a government (anywhere on the world) were to ‘tax’ Microshaft for the cost of setting up and running this scheme…
They run on unix machines.
Maybe the coffee machines but certainly not the drones. Even Google was smart enough to get rid of their Windows PCs.
Iran strikes back.
Shouldn’t Bill Gates’ billions be used to fix this crap? How do you send out faulty software and not have a recall and not get sued up the wazoo?
Actually its working as designed. Someone installed the trojan when they ran it without thinking id put money on it.
When will they ever learn?
wtf worst shit I’ve ever heard. can’t imaging what else is infected in the government!
Is the fact that drones are crashing lately related to the fact that they run on Windows?