As if the mere fact that systems used to control the U.S. military's Predator and Reaper drone squadrons were infiltrated by a computer virus wasn't enough, new alarming details have come to light that may call into question the government's handling of the cyberattack.
According to a followup report from Wired Magazine, the news source that initially shed light on the incident, officials at Creech Air Base in southern Nevada knew about the successful cyberattack long before news of the threat went public. In fact, personnel in charge of securing the infiltrated networks didn't learn of the incident until reading it from Wired, the news provider stated.
"It was not highlighted to us," an unnamed source associated with the operations of the Air Force told Wired. "When your article came out, it was like, 'What is this?'"
It turns out that air base officials were made aware of the security issue about two weeks before Wired ran its initial report on October 7. Such practices will certainly call into question the data security priorities of the U.S. military and only add to the already building questions surrounding exactly how the drone network was infiltrated in the first place.
The keylogger virus has been spying on the military's use of the drones and recording every keystroke made by the aircrafts' remote pilots, many of whom are stationed at Creech in Nevada. Air Force officials have noted that no sensitive data has been put at risk by the incident, but many will still find it unnerving that someone can hack the system – for what is now a second time – and has the ability to track drones as they fly missions over Iraq, Afghanistan and other far-off combat zones.
Apparently the American public aren't the only ones up in arms over the drone system hack. Wired reports that military officials are buzzing over the apparent breakdown of communication throughout the military bureaucracy, from those who discovered the threat all the way to the top reaches of the U.S. Department of Defense.
"Not only were officials in charge kept out of the loop about an infection in America’s weapon and surveillance system of choice, but the surprise surrounding that infection highlights a flaw in the way the U.S. military secures its information infrastructure: There’s no one in the Defense Department with his hand on the network switch. In fact, there is no one switch to speak of," the latest Wired report stated.
It's entirely common for the military and the DOD to keep such incidents out of the public eye, evidenced by the 14 months it took officials to confirm a widespread cyberattack launched through USB flash drives in 2008. Pentagon networks were infected with the agent.btz, but did not confirm the incident, which officials at the time called the most significant breach of military networks in history, until last summer.
Even as recently as July of this year were military personnel still working to fully eradicate the worm from the Pentagon's network, according to a Reuters report.
Last month, the Intelligence and National Security Alliance Cyber Council revealed that improvements to cybersecurity measures must be undertaken by both public and private sector entities. However, the latest revelations in the drone network infiltration case have demonstrated that the problem may go deeper than simply securing federal systems.
Among the organization's recommendations was for the federal government to take on more of an initiative to educate organizations on cybersecurity. The report concluded that identifying core competencies for Internet security and establishing scaled training programs could go a long way in improving the security of government networks, as operators will be empowered to spot threats.
A breakdown of communication within the sprawling U.S. military apparatus will only hurt the federal government's efforts to promote cybersecurity initiatives. Agencies may want to first explore their procedures for responding to existing security incidents before moving on to preventing future threats.
Given the details of a new executive order recently released by the White House, it appears that President Barack Obama is going to leave the response to the drone incident in the hands of the DOD. Under the new policy, Obama said that individual government agencies will bear the brunt of upholding and carrying out cybersecurity initiatives.
"This order directs structural reforms to ensure responsible sharing and safeguarding of classified information on computer networks that shall be consistent with appropriate protections for privacy and civil liberties. Agencies bear the primary responsibility for meeting these twin goals," the executive order stated.
One day, according to the latest Wired report, the Air Force hopes to centralize its network operations, which could serve to better handle a future infiltration of a military network. For now, however, such duties are left up to individual outposts and bases.
Data Security News from SimplySecurity.com by Trend Micro