A malware-laden flash drive inserted in a laptop at a U.S. military base in the Middle East in 2008 led to the "most significant breach of" the nation's military computers ever, according to a new magazine article by a top defense official. The malware uploaded itself to the U.S. Central Command network and spread undetected on classified and unclassified computers creating a "digital beachhead, from which data could be transferred to servers under foreign control," William J. Lynn III, U.S. deputy secretary of defense, wrote in his essay in the September/October issue of Foreign Affairs.
It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary," he wrote. This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wake-up call. The Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyberdefense strategy."
Lynn doesn't say who was believed to be responsible for the breach, but says the malicious code on the flash drive was placed there by a "foreign intelligence agency." In his essay, entitled "Defending a New Domain: The Pentagon's Cyberstrategy," (registration required for full article) Lynn estimates that more than 100 foreign intelligence organizations are trying to break into U.S. networks and said some governments have the ability to disrupt parts of the U.S. information infrastructure.
Military and civilian networks in the U.S. are scanned millions of times each day and thousands of files, including weapons blueprints, operations plans, and surveillance data, have been stolen by adversaries, he says. The military's global communications backbone alone covers 15,000 networks and 7 million computing devices in dozens of countries, according to Lynn.
"Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks that control critical civilian infrastructure. Computer-induced failures of U.S. power grids, transportation networks, or financial systems could cause massive physical damage and economic disruption," he wrote. Meanwhile, Lynn warns of the threat from products shipped to the U.S. being tampered with and said counterfeit hardware has been detected in systems purchased by the Defense Department.
"Rogue code, including so-called logic bombs, which cause sudden malfunctions, can be inserted into software as it is being developed. As for hardware, remotely operated 'kill switches' and hidden 'backdoors' can be written into the computer chips used by the military, allowing outside actors to manipulate the systems from afar," he wrote. "The risk of compromise in the manufacturing process is very real and is perhaps the least understood cyberthreat. Tampering is almost impossible to detect and even harder to eradicate."
To deal with these varied and mounting threats, the Pentagon recognizes cyberspace as a "new domain of warfare," that is just as critical to military operations as "land, sea, air, and space," Lynn wrote.
The Defense Department needs a proper organizational structure to handle threats in cyberspace, needs to be able to respond quickly, and must ensure that civilian infrastructure is secure, he said. The Pentagon also must hire more trained cybersecurity professionals and innovate faster.
"Cyberattacks offer a means for potential adversaries to overcome overwhelming U.S. advantages in conventional military power and to do so in ways that are instantaneous and exceedingly hard to trace. Such attacks may not cause the mass casualties of a nuclear strike, but they could paralyze U.S. society all the same," he wrote. "In the long run, hackers' systematic penetration of U.S. universities and businesses could rob the United States of its intellectual property and competitive edge in the global economy."
Original article from 2008.
WASHINGTON — Senior military leaders took the exceptional step of briefing President Bush this week on a severe and widespread electronic attack on Defense Department computers that may have originated in Russia -- an incursion that posed unusual concern among commanders and raised potential implications for national security.
Defense officials would not describe the extent of damage inflicted on military networks. But they said that the attack struck hard at networks within U.S. Central Command, the headquarters that oversees U.S. involvement in Iraq and Afghanistan, and affected computers in combat zones. The attack also penetrated at least one highly protected classified network.
Military computers are regularly beset by outside hackers, computer viruses and worms. But defense officials said the most recent attack involved an intrusive piece of malicious software, or "malware," apparently designed specifically to target military networks.
"This one was significant; this one got our attention," said one defense official, speaking on condition of anonymity when discussing internal assessments.
Although officials are withholding many details, the attack underscores the increasing danger and potential significance of computer warfare, which defense experts say could one day be used by combatants to undermine even a militarily superior adversary.
Bush was briefed on the threat by Navy Adm. Michael G. Mullen, chairman of the Joint Chiefs of Staff. Mullen also briefed Defense Secretary Robert M. Gates.
Military electronics experts have not pinpointed the source or motive of the attack and could not say whether the destructive program was created by an individual hacker or whether the Russian government may have had some involvement. Defense experts may never be able to answer such questions, officials said.
The defense official said the military also had not learned whether the software's designers may have been specifically targeting computers used by troops in Afghanistan and Iraq.
However, suspicions of Russian involvement come at an especially delicate time because of sagging relations between Washington and Moscow and growing tension over U.S. plans to develop a missile defense system in Eastern Europe. The two governments also have traded charges of regional meddling after U.S. support for democratic elections in former Soviet states and recent Russian overtures in Latin America.