When the U.S. fleet of surveillance and attack drones was infected by a virus, the Air Force’s cybersecurity specialists found out from the media -- two weeks after the incident began.
Which is more disturbing: The lax security or the CYA response?
On Friday, Wired broke the story that “a computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones.”
The virus had been detected two weeks earlier at Creech Air Force Base in Nevada, which handles the majority of U.S. drone missions around the world. There are no indications the virus has compromised the system – either by damaging information or transmitting it to an outsider. However, it has proved very difficult to eradicate from the system’s computers.
It is likely the virus was introduced to the system via a disc or removable drive. Because of the danger these media pose, their use is highly restricted in much of the military. As Wired wrote:
"But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.
I’d love to know what the protocol was for handling, storing and dis-infecting these drives. Then again, maybe I’m happier not knowing."]