WASHINGTON – The most serious cyber attack on the U.S. military’s
networks came from a tainted flash drive in 2008, forcing the Pentagon
to review its digital security, a top US defense official said Aug. 25.
The thumb drive, which was inserted in a military laptop in the
Mideast, contained malicious code that “spread undetected on both
classified and unclassified systems, establishing what amounted to a
digital beachhead, from which data could be transferred to servers
under foreign control,”
Deputy Defense Secretary William Lynn wrote in the journal Foreign Affairs.
The code was placed on the drive by “a foreign intelligence agency,” Lynn wrote.
“It was a network administrator’s worst fear: a rogue program operating
silently, poised to deliver operational plans into the hands of an
Previous media reports speculated that the attack may have originated from Russia.
The Pentagon had never openly discussed the incident, but Lynn chose to
reveal the details of the attack as officials try to raise public
awareness of the growing threat posed to government computer networks.
The incident served as a wake-up for the Pentagon and prompted major
changes in how the department handled digital threats, including the
formation of a new cyber military command, Lynn said.
After the 2008 assault, the Pentagon banned its work force from using flash drives, but recently eased the prohibition.
Since the attack, the military has developed methods to uncover
intruders inside its network, or so-called “active defense systems,”
according to Lynn.
But he added that drafting rules of
engagement for defending against cyber attack was “not easy,” as the
laws of war were written before the advent of a digital battlefield.