SMRs and AMRs

Friday, December 09, 2011

Cyber-intruder sparks massive federal response — and debate over dealing with threats

By Ellen Nakashima,
WashPost
Published: December 8

The first sign of trouble was a mysterious signal emanating from deep within the U.S. military’s classified computer network. Like a human spy, a piece of covert software in the supposedly secure system was “beaconing” — trying to send coded messages back to its creator.

An elite team working in a windowless room at the National Security Agency soon determined that a rogue program had infected a classified network, kept separate from the public Internet, that harbored some of the military’s most important secrets, including battle plans used by commanders in Afghanistan and Iraq.

The government’s top cyberwarriors couldn’t immediately tell who created the program or why, although they would come to suspect the Russian intelligence service. Nor could they tell how long it had been there, but they soon deduced the ingeniously simple means of transmission, according to several current and former U.S. officials. The malicious software, or malware, caught a ride on an everyday thumb drive that allowed it to enter the secret system and begin looking for documents to steal. Then it spread by copying itself onto other thumb drives.

Pentagon officials consider the incident, discovered in October 2008, to be the most serious breach of the U.S. military’s classified computer systems. The response, over the past three years, transformed the government’s approach to cybersecurity, galvanizing the creation of a new military command charged with bolstering the military’s computer defenses and preparing for eventual offensive operations. The efforts to neutralize the malware, through an operation code-named Buckshot Yankee, also demonstrated the importance of computer espionage in devising effective responses to cyber­threats.

(More here.)

0 Comments:

Post a Comment

<< Home