Technology

Update: Air Force Cybersecurity Found Out About Drone Virus by Reading Report Online

Posted on October 12, 2011 at 1:08pm by Liz Klimas
Print »
Email »

Last week, Wired.com‘s Danger Room website reported an exclusive account of a computer virus affecting the Air Force’s drone fleet. This account, reported by The Blaze, was news not just for us but for the Air Force’s own cybersecurity specialists.

Wired has more on how officials at Creech Air Force Base in Nevada kept the virus a secret for two weeks:

The network defenders at the 24th Air Force learned of the virus by reading about it in Danger Room.

The virus, which records the keystrokes of remote pilots as their drones fly over places like Afghanistan, is now receiving attention at the highest levels; the four-star general who oversees the Air Force’s networks was briefed on the infection this morning. But for weeks, it stayed (you will pardon the expression) below the radar: a local problem that local network administrators were determined to fix on their own.

“It was not highlighted to us,” says a source involved with Air Force network operations. “When your article came out, it was like, ‘What is this?’”

24th Air Force Learns of Drone Virus From Wired Article

(Photo: U.S. Air Force photo/Senior Airman Travis Edwards)

As of right now, Wired reports, the 24th doesn’t have a centralized system that would allow them to see all network traffic, although there is a plan to one day integrate it into a single network. For now, each base and unit deals with issues itself and brings help it’s a large problem or they are “stumped”:

That didn’t happen when a so-called “keylogger” virus hit Creech more than two weeks ago.

“Nothing was ever reported anywhere. They just didn’t think it was important enough,” says a second source involved with operating the Air Force’s networks. “The incentive to share weaknesses is just not there.”

As of right now, there is no reported damage to drone systems or signs of unauthorized transmit of information. The drones are still operating over warzones, and, according to Wired, a high-level investigation into the virus is underway.

Back to The Blaze »

Comments (53)

Maxim Crux
Posted on October 12, 2011 at 3:57pm
How in the hell did the story break if no one knew about it? There are traitors in our military.
Report Post » Log in to ReplyReply
- The10thAmendment
  Posted on October 12, 2011 at 4:48pm
  No other way.
  Report Post »
- jb.kibs
  Posted on October 12, 2011 at 5:59pm
  seriously…
  Report Post »
- tharpdevenport
  Posted on October 12, 2011 at 7:43pm
  And what‘s wrong with these officers who thinks it’s no big deal and nothing to report?
  
  Who was that Obama official who, earlier this year/late last, didn’t know about some millitary thing that happened and learned about it by watching TV?
  Report Post »
- seldomscene
  Posted on October 12, 2011 at 8:27pm
  The Blaze is tracking us like a virus. Ever time we close one of those damn annoying pop-ups. Get a grip Blaze.
  Report Post »
- smokeyridgerunner
  Posted on October 12, 2011 at 8:28pm
  Obama
  Report Post »
- ICEDRAGONNITE
  Posted on October 12, 2011 at 11:42pm
  I say not a traitor, but a patriot. Why? it is now fixed.
  Report Post »
US-First
Posted on October 12, 2011 at 3:18pm
Would be nice to get more information on this story. I suspect this s one of many discreet networks controlling drones in the AF. It would be very short sided not to duplicate these networks and have them working independently. Otherwise, the entire drone force could be disabled by one event. Given that structure, it stands to reason that each network has security specialist responsible for the security of that network and also for the viability of that network. Their is always a higher office in the chain of command and these things get elevated based on specific criteria. 1) either the criteria for elevating this event up the chain of command is unclear or 2) the criteria weren’t met. I really don’t see the big deal here. It would be foolish to think our military aren’t targets of these kinds of attacks and equally foolish to think they know how to handle each attack according to the rants of some know-it-all civilian. Clearly the level of this threat was not high enough to discontinue operations significantly (as far as we know) or merit immediate reporting up the chain of command. Clearly the leak to the media is a bigger concern since we all know opinions are like ___ and everybody has one regardless of their expertise or familiarity with the actual situation.
Report Post » Log in to ReplyReply
- Ok-Sure
  Posted on October 12, 2011 at 5:10pm
  I agree with you sir. I don’t believe they would try to “hide” this from superiors or even tell us about it if it were a major concern to them. Unlike how i feel about our Gov’t officials, i still have faith in our Military and do not think for one second they cannot handle this situation.
  Report Post »
- qzak491
  Posted on October 12, 2011 at 8:09pm
  The real problem here is the military had no idea what the problem was or how to fix it, that made them look stupid. Then when this so called “know it all” civilian gave them an idea about what to do that made them mad because they didn’t think of it. This popped the balooned ego’s of these military types, because they think they are better than anyone else, there government, now they are defensive.
  Report Post »
TRILO
Posted on October 12, 2011 at 3:13pm
Wow this is rather frightening that our military finds out about a virus infecting their drones from the internet. Can’t wait for Obamacare to kick in. We are toast!
Report Post » Log in to ReplyReply
- US-First
  Posted on October 12, 2011 at 3:30pm
  First of all, the virus is not reported to be affecting the drones. The virus is at command and control. A key-logger is hardly a concern since these networks are discreet. There is not way to get the information out of the network at least not through outside networks. My guess is that the command and control software was not wiped of all debugging code. It is relatively common for a programmer to write in a key logger for debugging purposes. This is typically commented out when the code it put into finial application. If the media continues to follow this sexy story it would not be a surprise to discover that someone tweaking the code who is supposed to be doing those tweaks as needed left a debugger left some debug code active.
  Report Post »
- hidden_lion
  Posted on October 12, 2011 at 4:47pm
  Key loggers are not dangerous? So what happens once the culprit has enough info, maybe take control of the drones using the key-logged coding…Maybe our own drones will start firing on our guys and gals. Maybe they can cause them to crash, maybe it helps the bad guys know when the drones are coming to their area….This is a big issue, and the drones should be grounded until they can clear this thing.
  Report Post »
- US-First
  Posted on October 12, 2011 at 7:19pm
  Yes. In this case I don’t think a key logger is dangerous. Your assuming the data collected has some place to go. Your also assuming the keys by themselves mean something. Its one thing to capture credit card and SSN info from a key logger because you simply look for the well known defined structure of the data. I don’t pretend to know how drones are controlled but I doubt they type UP for up and DOWN for down and I am pretty sure some are controlled by stick. Granted, I am also making big assumptions and one of them is that their drone network is isolated. If it is not, then we have a bigger issue with the military and its use of network technology in military applications than the introduction of a key logger to its network! So assuming that it is an isolated network, the key logger has no way to get the logged information to the intended. Yes the key logger could be introduced to the isolated network through connection with data storage hardware (like a flash memory device) and yes perhaps there is a hope beyond hope that the same device gets plugged in again so that the collected data to that point can be downloaded to it and then another hope that it gets connected to a system on the internet where other malicious code activates and sends the key logged data to it intended destination. After all a similar path was used to bring down Iranian centrifuges in its nuclear program. But again its one thing to capture key strokes and quite another decipher useful info.
  Report Post »
TomFerrari
Posted on October 12, 2011 at 3:12pm
“Shall we play a game?”

Centralized network – that is exactly how viruses spread!

As I always preach, govt. systems and mission-critical systems (nuke plants, etc.) should NOT be on the public network, and, should not even be compatible hardware or software, but, proprietary. This creates a PHYSICAL barrier – THE SINGLE BEST SECURITY. Sure it costs more, and they are specialized skills, but, I contend our safety is worth it!
Report Post » Log in to Reply Reply
Ironeagle
Posted on October 12, 2011 at 2:47pm
This doesn’t surprise me. I’ve seen the quality of airmen entering the AF degrade over the years I was in the service. Its not entirely their fault, however. The AF’s leadership has grown increasingly politically correct over the years and has failed to provide the needed discipline, training and quality decision making needed to combat the threat to our systems. For instance, AF leadership recently made the decision to allow airmen to use social media on the job. It has gotten so out of control, that 85% of the bandwidth on the Air Force base near us is taken up with social media traffic and youtube interaction. People aren’t doing their jobs like they should, they’re not studying their career development courses like the should and they are increasingly not being held accountable for this behavior. The AF excuses this oversight by saying it “doesn’t have a centralized system that would allow them to see all network traffic, although there is a plan to one day integrate it into a single network. For now, each base and unit deals with issues itself and brings help it’s a large problem or they are “stumped”… again, another bad decsion on the part of AF leadership by not allocating funds to combat the real IT threat. The F-22 was/is a huge money pit that serves only to starve other initiatives like protecting our networks. God help us all.
Report Post » Log in to ReplyReply
- MMR
  Posted on October 12, 2011 at 3:21pm
  I;ve been doing Communications for the Air Force for the past 11 years. We can’t blame the Airmen, most Air Force bases have contracted out positions that used to held by Airmen. We can’t even control our networks when we are overseas, once the networks are set up civilians in another location take over. Contractors have taken over the jobs we used to have.
  Report Post »
skitrees
Posted on October 12, 2011 at 2:39pm
Wait a minute….aren’t these the folks who are supposed to be saving us from a tyrannical government?! It never dawned on me that maybe they just didn‘t KNOW what’s going on here in the US. Someone get them a current newspaper, STAT!!
Report Post » Log in to ReplyReply
- Snowleopard {gallery of cat folks}
  Posted on October 12, 2011 at 3:03pm
  Information is power; he who controls the information (i.e. Obama and friends) has the power (over what and when the soliders see stuff.)
  Report Post »
- independentvoteril
  Posted on October 12, 2011 at 3:04pm
  at least they should have the INTERNET..than they could READ about it..LOL..
  Report Post »
hauschild
Posted on October 12, 2011 at 2:01pm
Imagine if the military weren’t run by the federal government. We’d probably spend 75% less money, yet be many times more effective.

This report is a classic, no doubt.
Report Post » Log in to ReplyReply
- pavepaws
  Posted on October 12, 2011 at 2:35pm
  Too much butt covering going on. The breech should have been reported immediately,………unless it wasn’t supposed to be located.
  Report Post »
sillyfreshness
Posted on October 12, 2011 at 1:50pm
Sure gives me a sense of security with our armed forces when they learn of news affecting them by the same sources and at the same time as the general public.
Report Post » Log in to Reply Reply
stockpicker
Posted on October 12, 2011 at 1:47pm
We‘re so covered in bureaucratic BS that we’ll never see the next threat coming. All that we are catching are what is being hatched by our own gov’t.
Report Post » Log in to Reply Reply
Locked
Posted on October 12, 2011 at 1:42pm
Epic fail.
Report Post » Log in to ReplyReply
- wesleyapril
  Posted on October 12, 2011 at 1:49pm
  This is outrageous! So the NAVY‘s IT Tech guys didn’t find out that their OWN DRONES had a virus until they read it on the internet?! Unbelievable! Who knows what those drones could have blown up – and they woudln’t have had a clue. This does not make me feel more comfortable with my nations safety – I am going to have to agree with the other poster – EPIC FAIL!
  Report Post »
stockpicker
Posted on October 12, 2011 at 1:38pm
So much for the Cyber Security TV ads.
Report Post » Log in to Reply Reply
SpankDaMonkey
Posted on October 12, 2011 at 1:35pm
.
Always wondered if the terrorist‘s couldn’t hack into one and attack our guys, looks like their trying…………..
Report Post » Log in to Reply Reply
oldschoolgreen
Posted on October 12, 2011 at 1:30pm
Some poor enlisted slob will get the boot. OIC will get sent to Alaska.
Report Post » Log in to ReplyReply
- MikeWinVA
  Posted on October 12, 2011 at 2:35pm
  And the CG will get another star.
  Report Post »
oldschoolgreen
Posted on October 12, 2011 at 1:28pm
Skynet lives!
Report Post » Log in to Reply Reply
Mustangdave
Posted on October 12, 2011 at 1:27pm
or…this is DISINFORMATION….
Report Post » Log in to Reply Reply
lukerw
Posted on October 12, 2011 at 1:26pm
Ask China… for a review of their parts for the Drone… or, maybe, make our Weapons, HERE!
Report Post » Log in to Reply Reply
Mustangdave
Posted on October 12, 2011 at 1:23pm
Oh my…this does not bode well for the General in charge of the program…buh-bye
Report Post » Log in to Reply Reply
DanWesson455
Posted on October 12, 2011 at 1:21pm
Figures. To the Net goes the news. AF was clueless? WTF!
Report Post » Log in to Reply Reply
Chuck Stein
Posted on October 12, 2011 at 1:19pm
We. Are. Toast.
Report Post » Log in to Reply Reply
Micmac
Posted on October 12, 2011 at 1:18pm
“Nothing was ever reported anywhere. They just didn’t think it was important enough,”

How did Wired.com find out? At least one lower level person took to proactivity.

NoBama 2012
Report Post » Log in to Reply Reply
TheDebtWeAllPay
Posted on October 12, 2011 at 1:17pm
its china
Report Post » Log in to Reply Reply
Junter
Posted on October 12, 2011 at 1:17pm
A keylogger virus on our military’s systems is consider no big deal… some how this doesn’t make me feel secure.
Report Post » Log in to Reply Reply
shackero
Posted on October 12, 2011 at 1:16pm
SOUNDS LIKE AN INSIDE JOB—————
There needs to be better oversight ! ! ! !
Report Post » Log in to Reply Reply
Mandors
Posted on October 12, 2011 at 1:15pm
“Off we go into the wild, blue wonder….”

But seriously, they didn’t report a virus infecting a WEAPONS system to security? I’m sorry, but it’s discharge time.
Report Post » Log in to Reply Reply
Arshloch
Posted on October 12, 2011 at 1:14pm
How do you say Reprimand and Retirement?
Report Post » Log in to Reply Reply

It appears that you have Javascript Disabled. Please enable Javascript in your browser preferences for a better user experience on TheBlaze. You can not comment without Javascript enabled.