Thursday, December 8, 2011

Drone mission control hit by self-cloning computer virus

The US Air Force Space Command has confirmed our suspicion (below) that the computer virus that attacked its drone flight control centre at Creech Air force Base, Nevada, was introduced through the use of portable USB hard drives. Though they claim the virus never invaded flight control systems, the episode remains a severe embarrassment to the Department of Defence. The reason? Secure facilities are supposed to be "air-gapped", with no external data (and potential malware) carrying devices like USB sticks or hard drives brought in from the outside world.

How did a persistent computer virus come to haunt the pilots of the Predator drones attacking Al Qaeda targets in Afghanistan and Yemen?
No-one yet knows. And most likely we will never be told. What we do know is that the top military technology of the age has proven vulnerable to a persistent keylogger, a virus that stores every keystroke made on a computer and which resists deletion. It was found two weeks ago on the systems that ground pilots use to fly the Reaper and Predator drones at Creech Air Force Base in Nevada. And deleting the virus reportedly has no effect: it simply clones itself if deleted. "It keeps coming back," a Creech AFB operative complained to Wired.
It is most likely that the recent use of removable hard drives to update mission maps was the source of the malware, which appears to be hiding somewhere within the network at Creech. But since that network is not on the internet, the keylogged data should not be reaching any malefactor.
It is possible that top brass at the Pentagon, National Security Agency or the CIA are monitoring their own drone control staff using logging software - but given the mild panic its discovery has caused, that is unlikely. Experts have also been warning for some time that counterfeit electronics could lead to such problems - and that will doubtless be investigated.
This episode shouldn't affect drone missions, however. They will still be as accurate or inaccurate as intelligence allows. General Atomics, maker of the Predator, claims on its website that the aircraft has "a fault tolerant flight control system" that allows the plane to continue in safe flight even when contact with the remote control pilot is lost.

No comments:

Post a Comment