Alleged 2008 attack on the Pentagon confirmed
by Steve Ragan - Aug 26 2010, 14:30An article in the latest issue of Foreign Affairs, a publication that has dealt with foreign policy and topics of international interest since 1922, details the 2008 compromise of classified military networks maintained by the U.S. Department of Defense.
The story is official confirmation regarding previously unconfirmed reports offered up by the L.A. Times that same year. [The original L.A. Times story can be viewed here.]
“It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East,” started the article, written by William J. Lynn III, U.S. Deputy Secretary of Defense.
The infected USB drive, a common vector of attack at the time on government and private networks and one that has remained consistently in the top ten lists maintained by various security vendors, contained code that spread to both classified and unclassified military systems.
Lynn called the attack a network administrator’s worst fear, and likened the Malware to “a digital beachhead, from which data could be transferred to servers under foreign control.”
“This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wake-up call. The Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyberdefense strategy,” Lynn wrote.
Over the last decade, according to Lynn, government networks have been constantly under attack, and these attacks have only gotten worse. The 2008 intrusion isn’t the only time an attack has been successful. It was the reason however, behind the ban on USB drives, which has been modified since but was big news at the time.
The reason for Lynn to publish like he did is two fold: One reason is to raise awareness of the cybersecurity threat to the U.S. and the other is to gain support for an increase in the role currently played by the Pentagon when it comes to defense of cyberspace as a whole.
“As a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain of warfare... As such, the military must be able to defend and operate within it,” Lynn said.
“The Pentagon's Trusted Foundries Progam, which certifies parts produced by microelectronics manufacturers, is a good start, but it is not a comprehensive solution to the risks to the department's technological base,” he added.
While Microsoft and other companies have developed risk-mitigation strategies to detect malicious code and deter its insertion into their global supply chains, the U.S. government needs to undertake a similar effort for critical civilian and military applications, Lynn encouraged.
The article itself is a great read, and a realistic view into how the Pentagon sees cyberdefense. You can read it here, though free registration is required. Wired has an interesting follow-up with Lynn that's also worth a read.
In his Foreign Affairs article, Lynn linked the attack to “a foreign intelligence agency,” and the issue was pressed by Wired. The article, view it here, doesn’t name the agency, as Lynn refused to go into detail, but is still an interesting read, as insiders cast doubt on the covert attack angle.
Comment on this Story