U.S. military drones have been infected by a computer virus that logs their pilots’ keystrokes while they fly missions over other countries, including Afghanistan, Wired revealed in an exclusive report on Friday afternoon.
According to a report by Noah Shachtman, the virus, which affects the Predator and Reaper drones, was first detected by Host-Based Security System at Nevada’s Creech Air Force Base approximately two weeks ago.
The malware has not prevented missions from continuing as planned, and there have been no confirmed reports of classified information being lost or obtained by a third-party, Shactman said. However, officials have reportedly been unable to remove it from the base’s computers.
“We keep wiping it off, and it keeps coming back“¦ We think it´s benign. But we just don´t know,” a source familiar with the network infection told Wired.
Shachtman said that network security specialists with the military are not sure whether or not the virus was intentionally introduced to Creech’s computers, or if it was accidental.
Regardless, he points out, “the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.”
“The specialists don´t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech,” Shachtman added. “That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.”
TG Daily Reporter Trent Nouveau contacted the Air Force regarding the incident.
“We generally do not discuss specific vulnerabilities, threats, or responses to our computer networks, since that helps people looking to exploit or attack our systems to refine their approach,” Air Combat Command spokesman Lt. Col. Tadd Sholtis, which oversees the drones and all other Air Force tactical aircraft, told Nouveau.
“We invest a lot in protecting and monitoring our systems to counter threats and ensure security, which includes a comprehensive response to viruses, worms, and other malware we discover,” he added.
Stephen Shankland of CNET attempted to contact the Department of Defense for comment on Friday, but reports that they declined to be interviewed on the matter.
Shachtman said that technicians have struggled to combat the virus. Originally, they attempted to use instructions posted to the Kaspersky security firm, but sources said that the malware continued to return. Ultimately, he says that they were forced to use a software tool known as BCWipe to completely erase the affected systems’ hard drives, which required them to be rebuilt “from scratch.”
According to Shachtman, senior officials at the Nevada Air Force base are receiving daily briefs on the virus, and a source told him, “It’s getting a lot of attention“¦ But no one´s panicking. Yet.”
Image Caption: MQ-1 Predator unmanned aircraft. Credit: U.S. Air Force, Lt Col Leslie Pratt
On the Net: