Unmanned drones like this Predator are now central to US warfare—but they are also vulnerable to cyberattacks.
What’s the News: A computer virus that records the keystrokes of US military operators has infected two classes of American military drones. “We keep wiping it off, and it keeps coming back,” a military source told Wired’s Danger Room, which broke the story. “We think it’s benign. But we just don’t know.”
What’s the Context:
- Drone missions have become a staple of the US’s post-9/11 warfare. Controlled by crews usually located in the Nevada desert, the unmanned drones wing over deserts half a world away in Afghanistan and Iraq and have contributed to the killing of at least 2,000 suspected fighters and civilians. And in Pakistan, drones have attacked numerous targets on behalf on the CIA.
- Drones’ implications in civilian deaths, as well as their use in CIA-directed assassinations, have made them a subject of fierce controversy. You can read more about drones and unmanned warfare in this DISCOVER feature, which explores the eventuality that the decision-making processes usually handled by human crews may soon be relegated to the drones themselves.
- But information security has been revealed to be lax—the video drones send to troops on the ground often isn’t encrypted. “In the summer of 2009, US forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video,” Danger Room reports.
How the Heck:
- Military computer systems are closed networks—lacking a connection to the Internet—in order to avoid attacks by viruses. But closed networks aren’t as secure as you’d think, as Stuxnet, a virus designed to take down the Iranian nuclear refinement facilities that was transmitted via a thumb drive, more than adequately demonstrated last year.
- The control center for the infected Predator and Reaper drones, Danger Room reports, was one of the few installations where external drives were still used to transfer information, and it seems likely that one of those drives was the vector for the virus, which was first detected two weeks ago.
- The virus’s payload—its business end—is a piece of software that records whatever the drone operator types on his or her keyboard and transmits it to an unknown party (although how it would transmit that information, given that the control center’s computers aren’t on the Net, isn’t clear). The sources Danger Room spoke to say they’re not sure if it’s just a common virus that happened to make it into their system or if it’s something more sinister, but it has proven very difficult to remove. So far the best remedy has been to completely wipe the drives of infected computers.
Image courtesy of the Air Force