Now it is official: The most significant breach of U.S. military computers was caused by a flash drive inserted into a U.S. military laptop on a post in the Middle East in 2008.
In an article to be published Wednesday discussing the Pentagon's cyberstrategy, Deputy Defense Secretary William J. Lynn III says malicious code placed on the drive by a foreign intelligence agency uploaded itself onto a network run by the U.S. military's Central Command.
"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," he says in the Foreign Affairs article.
"It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary."
Lynn's decision to declassify an incident that Defense officials had kept secret reflects the Pentagon's desire to raise congressional and public concern over the threats facing U.S. computer systems, experts said.
Much of what Lynn writes in Foreign Affairs has been said before: that the Pentagon's 15,000 networks and 7 million computing devices are being probed thousands of times daily; that cyberwar is asymmetric; and that traditional Cold War deterrence models of assured retaliation do not apply to cyberspace, where it is difficult to identify the instigator of an attack.
But he also presents new details about the Defense Department's cyberstrategy, including the development of ways to find intruders inside the network. That is part of what is called "active defense." Counterfeit hardware has been detected in systems that the Pentagon has bought. Such hardware could expose the network to manipulation from adversaries.
By: Shelldrake
No comments:
Post a Comment