AF Drone “Nuisance” could have been from Online Gaming

The malware that hit Creech Air Force Base was a credential stealer and not a keylogger as originally thought, and the drone remote piloted computers were never at risk according to a media release from the Air Force.

The report claims that the malware was detected on September 15th and isolated by the 24th Air Force using standard monitoring and protection procedures. The malware was also quarantined to prevent infection of additional systems:

The malware was detected on a stand-alone mission support network using a Windows-based operating system.  The malware in question is a credential stealer, not a keylogger, found routinely on computer networks and is considered more of a nuisance than an operational threat.  It is not designed to transmit data or video, nor is it designed to corrupt data, files or programs on the infected computer.  Our tools and processes detect this type of malware as soon as it appears on the system, preventing further reach.

The report also states that the ground control system was infected, which is separate from the machines that are used to fly the UAV’s. The UAV pilot systems were not at risk:

The infected computers were part of the ground control system that supports RPA operations.  The ground system is separate from the flight control system Air Force pilots use to fly the aircraft remotely; the ability of the RPA pilots to safely fly these aircraft remained secure throughout the incident.

Apparently, the UAV drone system were not the target of the malware. Instead, according to an anonymous defense official, the malware discovered was the kind that is “routinely used to steal log-in and password data from people who gamble or play games like Mafia Wars online.”

The next question would be, is online gaming and surfing allowed on the systems in this area? It is common for tech savvy employees to use ssh tunneling to bypass restrictive outbound firewall policies.

It is a good thing that the malware was stopped, but with the military’s increasing dependence on drone systems this “near miss” really has to be taken to heart.

~ by D. Dieterle on October 15, 2011.

3 Responses to “AF Drone “Nuisance” could have been from Online Gaming”

  1. […] AF Drone “Nuisance” could have been from Online Gaming The malware that hit Creech Air Force Base was a credential stealer and not a keylogger as originally thought, and the drone remote piloted computers were never at risk according to a media release… Source: cyberarms.wordpress.com […]

  2. […] I have mentioned drones being affected by the IED jammers used on US military ground vehicles before, but did Iran’s “cyber army” really bring one down? And could it be tied to the recent malware infection of drone mission support systems at Creech Air Force Base? […]

  3. […] It was reported before about drones being affected by the IED jammers used on US military ground vehicles, but did Iran’s “cyber army” really bring one down? And could it be tied to the recent malware infection of drone mission support systems at Creech Air Force Base? […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: