Infected USB Drive Caused 2008 Military Data Breach

US Defense Secretary William J. Lynn III revealed that, a flash drive injected malicious code into a network operated by the military's Central Command in 2008, as reported by eweek.com on 25th August, 2010.

According to the reports, the malware itself installed onto the U.S. Central Command network and circulated on classified and unclassified systems even without detection, thus developing a "digital beachhead", through which the data could be shifted to foreign controlled servers.

Lynn also mentioned that, this type of attack was a network administrator's ultimate fear, in which a fake program operating silently is made to distribute operational plans to an unfamiliar adversary. Lynn termed the present attack as the most critical breach of the U.S. military computers till now, which poses as a serious wake-up call for the US military. However, Lynn did not mention whether any data was misplaced in the attack.

As a preventive measure, the military executed a ban on USB devices, which is being modified after the incident. The incident also drew a major pentagon response operation named "Operation Buckshot Yankee" targeted at removing infected computer systems and blocking something identical to happen again.

Though the officers did not divulge the name which was believed to be accountable for the breach, mentioned that the malicious code was installed by a "foreign intelligence company".

Lynn estimated than above 100 foreign intelligence firms were trying to get into the U.S. networks and mentioned few governments have got the power to break into the U.S. information network, as reported by cnet news on August 25, 2010.

Officials revealed that to prevent these diverse and increasing attacks, cyberspace, as a latest domain of warfare has to be regarded as significant as military operations.

Hence, the Defense Department requires an appropriate organizational network to tackle threats in cyberspace, requires being capable to react immediately, and should ensure that civilian infrastructure is protected. The Pentagon should also appoint more skilled cyber security experts and improvise quickly.

Related article: Infection in Chinese Security Website

» SPAMfighter News - 9/3/2010