Analysis by Jesse Emspak
Perhaps it was inevitable: the drones the U.S. military uses have been hit by a computer virus. Worse yet, it’s a keylogger –- a piece of malware that sends every keystroke a user makes to someone else. And the virus has been doing it while soldiers were piloting their drones.
The virus was found on U.S. military computers at Creech Air Force Base in Nevada, according to Wired. One mystery is how the virus got onto the computers in the first place, as they are not supposed to be connected to the Internet at all. It might well have been an accident, brought in on a removable drive or a CD. The military has restricted the use of removable media, but in order to update software or move data from one remote cockpit to the other, military personnel routinely use USB drives and CDs.
Drones — otherwise known as unmanned autonomous vehicles (UAVs) — play several roles in combat, and have become more important to the military in the last decade. That means the possibility that someone out there has important information is real. In 2009 insurgents’ computers were found that had days worth of video and audio. The breach happened because the video and audio feeds from the drones to the pilots weren’t encrypted.
It isn’t yet clear who the keylogger was sending the information to and there is also no evidence that any classified information left the system. The lack of connections between the Air Force computers and the Internet might mitigate the damage. But that’s no guarantee, as the very presence of the virus shows.
Also, removing the virus is proving to be something of a chore. Over the last few weeks, it’s been resistant to efforts at removal.
The incident highlights the kind of security threats that viruses and malware can pose. But previously the targets have been infrastructure — notably via Stuxnet, which targeted an Iranian nuclear enrichment facility. That was a highly sophisticated piece of software, and many experts don’t seem to think a variant is likely to appear again. While attacks on infrastructure are scary, a piece of malware taking over a control system is more complex to write than the one stealing your credit card data.
But the combination of many types of malware (keyloggers are pretty common) and plain old carelessness could now threaten military operations more directly. A sobering thought.