Unmanned drones like this Predator are now central to US warfare—but they are also vulnerable to cyberattacks.
What’s the News: A computer virus that records the keystrokes of US military operators has infected two classes of American military drones. “We keep wiping it off, and it keeps coming back,” a military source told Wired’s Danger Room, which broke the story. “We think it’s benign. But we just don’t know.”
A virus has been popping up in industrial plants and personal computers worldwide, and is now posing a looming threat over Iran, where more than 60 percent of the computers infected with the virus are located.
Some experts believe that virus, first discovered in June, was developed by high-level government programmers (possibly from the US, Israel, or Germany), and is directed toward a specific target, most likely Iran’s Bushehr nuclear power plant. It is believed to have been around for over a year.
The virus was written to exploit five security vulnerabilities (four of which were previously unknown, and only two of which have been patched) in a piece of software used in many different industrial systems. The virus is inserted into the system using a thumbdrive, then spreads from computer to computer.
The malware was so skillfully designed that computer security specialists who have examined it were almost certain it had been created by a government and is a prime example of clandestine digital warfare. While there have been suspicions of other government uses of computer worms and viruses, Stuxnet is the first to go after industrial systems. [The New York Times]
The computer worm known as Conficker that has infected millions of PCs around the world stirred yesterday and raised new fears that the hackers behind the worm are gearing up to cause mischief, but experts say their intentions are still mysterious. The worm went active on April 1, but it didn’t seek to disrupt networks and didn’t harness infected computers to send out waves of spam. The lack of a clear business model for Conficker … had confounded researchers and analysts. In fact, it was one of the reasons why there was so much attention paid to the worm’s new communications scheme activation date: Everyone wondered what it would do on April 1 to monetize the effort spent collecting a massive botnet [Computerworld].
Over the past two days infected machines have begun to download additional software, but so far the results still haven’t been as dire as many experts originally predicted. According to varying reports, some computers are just preparing to run a small-scale scam on their users, while others have adopted an existing email worm that can steal passwords and send spam. The latter function may be more troublesome, some experts say. The consensus within the computer security industry is that although there are now some indications that Conficker’s authors are intent on building a giant spam system, there is no hard evidence. “This is just Step 5 in a thousand-step chess match,” [The New York Times], said security expert Vincent Weafer.
The computer worm known as Conficker woke up as expected this morning when calendars flipped to April 1, but fears that millions of infected computers would launch an attack on the world’s cyber-infrastructure have so far proved to be unfounded. Computer security experts have been warning the public for weeks that the Conficker worm was set to try to download commands from a server at an unknown Internet location on [April 1]. There was no certainty about the intent of the program, which could be used to send e-mail spam, distribute malicious software or generate a potentially devastating “denial of service” attack on Web sites or networks [The New York Times].
The worm is thought to have infected 12 million computers worldwide, with the most infections occurring in Asia. But computer experts monitoring the progress of the worm say that while infected computers do appear to be trying to link to control servers, the mysterious hackers behind the virus have yet to give those computers any specific instructions. However, security experts warned that there was no room for complacency…. “We believe the software is geared towards making money. The characteristic of this type of worm is to keep it slow and low, keep it under the radar to slowly maximise profits over the long term” [BBC News], says Vincent Weafer, of the anti-virus firm Symantec.
Sophisticated computer hackers are as big a threat to the United States as weapons of mass destruction and global jihad, argues a new report on cybersecurity. The report, which was produced by the Center for Strategic and International Studies, a Washington think tank, contains recommendations for the incoming Obama administration, and issues a dire assessment of the government’s current efforts to prevent cyberattacks. “America’s failure to protect cyberspace is one of the most urgent national security problems facing the new administration that will take office in January 2009,” the report states. Cyber safety is “a battle fought mainly in the shadows. It is a battle we are losing” [DailyTech].
The federal government has been embarrassed in recent years by intrusions into the computer networks of many different agencies, including the Defense, State, Homeland Security, and Commerce departments, the National Aeronautics and Space Administration (NASA), and the National Defense University. An investigation last year by The Washington Post showed that multiple compromises of unclassified computer systems for the Transportation Security Administration and DHS headquarters went unnoticed for months in 2006 because the agency failed to effectively monitor its own networks [Washington Post]. In some cases the breaches have been linked to Chinese computer servers, indicating a possible convergence between hacking and espionage.
A pesky computer virus that has popped up on computers around the world has now made the leap into space. NASA announced yesterday that several laptops on board the International Space Station were infected with the virus in July, and also admitted that such infections have happened before.
“This is not the first time we have had a worm or a virus,” NASA spokesman Kelly Humphries said. “It’s not a frequent occurrence, but this isn’t the first time.” … NASA downplayed the news, calling the virus mainly a “nuisance” that was on non-critical space station laptops used for things like e-mail and nutritional experiments [Wired News].