Skynet? Virus hits US Predator & Reaper Drone fleet

[SunnyD]

Um... holy shit?

A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other war zones.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the US military’s most important weapons system.

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.

...

 

[vi edit]

Between this and Stuxnet there's some scary ass virii running around out there.

 

[FoBoT]

 

[bignateyk]

Probably just a run of the mill virus that got loaded accidently through a USB drive or something. I doubt it was targeted at the drones.

Stuxnet on the other hand is a scary piece of work.

 

[highland145]

Suck up.

j/k

 

[ViviTheMage]

wonder how it got in...

 

[SunnyD]

Probably just a run of the mill virus that got loaded accidently through a USB drive or something. I doubt it was targeted at the drones.

Stuxnet on the other hand is a scary piece of work.

If it was a run of the mill virus, how come it keeps coming back (a la rootkit) and our country's experts have literally no idea what it's purpose is?

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

 

[mundane]

..

 

[TheVrolok]

Lovely.

 

[The Boston Dangler]

i'd be very alarmed if the virus was present on the vehicles themselves, although infecting the controls might have the same effect.

 

[sactoking]

wonder how it got in...

My secondhand knowledge tells me that security at Creech isn't up to par. Lots of stories of outside contractors not using properly credentialed employees, etc.

 

[William Gaatjes]

If it was a run of the mill virus, how come it keeps coming back (a la rootkit) and our country's experts have literally no idea what it's purpose is?

Maybe you need Ralph Langner and the guys from Symantec ?


http://www.langner.com/en/news/

 

[HardcoreRobot]

If it was a run of the mill virus, how come it keeps coming back (a la rootkit) and our country's experts have literally no idea what it's purpose is?

government experts is some sort of oxymoron

case in point, why are they individually running commands (from the internet) to eliminate the virus instead of reimaging the machines?

 

[sunzt]

hacked information from preds:
-turning left
-more thrust
-fire missile
-more thrusting
...

zzzzzzz

 

[BladeVenom]

In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later.

Wow! They still haven't finished cleaning up a three year old infection.

 

[ThatsABigOne]

hacked information from preds:
-turning left
-more thrust
-fire missile
-more thrusting
...

zzzzzzz

:thumbsup:

Wtf, US government has useless information, so stop attacking it.D:

 

[sactoking]

hacked information from preds:
-turning left
-more thrust
-fire missile
-more thrusting
...

zzzzzzz

Are those Predator drone keystrokes or the stage directions to the latest Seymore Butts movie?

 

[uhohs]

send them a link to malwarebytes

 

[mizzou]

Theres never been a military leak that wasnt already known

 

[sunzt]

Are those Predator drone keystrokes or the stage directions to the latest Seymore Butts movie?

You can use the keystrokes to derive the later.

 

[Genx87]

Probably AV 2010. Still havent sucessfully cleaned a machine without wiping it from that piece of malware.

 

[polarmystery]

hacked information from preds:
-turning left
-more thrust
-fire missile
-more thrusting
...

zzzzzzz

If you think that's all the information the predator processes, I've got bad news for you...

<--- works on gov't contract UAV systems.

 

[Miramonti]

The software came from Dell as OEM, leaving them without a reinstallation disk.

 

[Ichinisan]

Possibly not a virus at all, but a bit of debugging info and other developers haven't figured out if it was put there intentionally.

 

[AyashiKaibutsu]

If it was a run of the mill virus, how come it keeps coming back (a la rootkit) and our country's experts have literally no idea what it's purpose is?

There's lots of ways to hide code and obvuscate code that they do know about. Ever try stepping through a clever virus in a debugger? It gets complicated fast when they're doing stuff like bit shifting and executing stuff that looked like data at load time.