Resilient key-logging virus detected on US Air Force computer network


Resilient key-logging virus detected on US Air Force computer network

Warwick Ashford

A computer virus that captures the keystrokes of pilots who control US Air Force drones flown over Afghanistan and other warzones is resisting efforts to remove it, according to US reports.

The virus was detected two weeks ago by the US military's Host-Based Security System, but is resisting efforts to remove it from the network at Creech air force base in Nevada, which carries out most of the US drone missions, has revealed.

Military network security specialists are not sure whether the virus was introduced intentionally or is just a common piece of malware that ended up on a sensitive network by accident.

The virus is believed to have spread through removable hard drives used by drone crews to load map updates and transport mission videos from one computer to another.

Drone units at other air force bases worldwide have now been ordered to stop using removable drives in line with restrictions introduced elsewhere in the military after several cases in which such drives resulted in security air-gaps being bridged.

The report also reveals that the specialists do not know exactly how far the virus has spread, but they have confirmed that the infection has hit both classified and unclassified machines at Creech.

This raises the possibility that secret data may have been captured by the keylogger and sent to a command and control centre outside the military.

The US Air Force claims the virus has not prevented pilots from carrying out missions overseas and there have been no confirmed incidents of classified information being lost or stolen, but the infection highlights security risks in an important US military weapons system.

The widespread use of drones has come under criticism in the past because of security flaws such as not encrypting video transmitted to US troops on the ground.

In 2009, US forces discovered Iraqi militants had captured drone video using an inexpensive piece of software.

The US Air Force declined to comment directly on the virus, but said it had invested a lot in protecting and monitoring its systems to counter threats and ensure security.

According to sources cited by Wired, senior officers at Creech are being briefed daily on the virus, but no-one is unduly concerned.

  • Self-encrypting drives: SED - the best-kept secret in hard drive encryption security

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy